Vakul Garg <vakul.g...@nxp.com> wrote: > Hi > > With kernel 4.14.122, I am getting a kernel softlockup while running single > static ipsec tunnel. > The problem reproduces mostly after running 8-10 hours of ipsec encap test > (on my dual core arm board). > > I found that in function xfrm_policy_lookup_bytype(), the policy in variable > 'ret' shows refcnt=0 under problem situation. > This creates an infinite loop in xfrm_policy_lookup_bytype() and hence the > lockup. > > Can some body please provide me pointers about 'refcnt'? > Is it legitimate for 'refcnt' to become '0'? Under what condition can it > become '0'?
Yes, when policy is destroyed and the last user calls xfrm_pol_put() which will invoke call_rcu to free the structure.
