Re: [PATCH net 3/8] idpf: fix possible race in idpf_vport_stop()

[Tantilov, Emil S]

On 10/6/2025 10:26 AM, Jakub Kicinski wrote:
> On Mon, 6 Oct 2025 07:49:32 -0700 Tantilov, Emil S wrote:
> > > Argh, please stop using the flag based state machines. They CANNOT
> > > replace locking. If there was proper locking in place it wouldn't
> > > have mattered when we clear the flag.
> >
> > This patch is resolving a bug in the current logic of how the flag is
> > used (not being atomic and not being cleared properly). I don't think
> > there is an existing lock in place to address this issue, though we are
> > looking to refactor the code over time to remove and/or limit how these
> > flags are used.
>
> Can you share more details about the race? If there is no lock in place
> there's always the risk that:
>
>    CPU 0                         CPU 1
>   idpf_vport_stop()             whatever()
>                                   if (test_bit(UP))
>                                    # sees true
>                                  # !< long IRQ arrives
>   test_and_clear(UP)
>     ...
>     all the rest
>     ...
>                                  # > long IRQ ends
>                                  proceed but UP isn't really set any more

The specific case I was targeting with this patch is for when both
idpf_vport_stop() and idpf_addr_unsync(), called via set_rx_mode attempt
to delete the MAC filters. At least in my testing I have not seen a case
where the set_rx_mode callback will happen before idpf_vport_stop(). I
am assuming due to userspace reacting to the removal of the netdevs.

           rmmod-6089    [021] .....  3521.291596: idpf_remove 
<-pci_device_remove
           rmmod-6089    [021] .....  3521.292686: idpf_vport_stop 
<-idpf_vport_dealloc
 systemd-resolve-1633    [022] b..1.  3521.295320: idpf_set_rx_mode 
<-dev_mc_del
 systemd-resolve-1633    [022] b..1.  3521.295338: idpf_addr_unsync 
<-__hw_addr_sync_dev
 systemd-resolve-1633    [022] b..1.  3521.295339: idpf_del_mac_filter 
<-idpf_addr_unsync
 systemd-resolve-1633    [022] b..1.  3521.295450: idpf_set_rx_mode 
<-dev_mc_del
 systemd-resolve-1633    [022] b..1.  3521.295451: idpf_addr_unsync 
<-__hw_addr_sync_dev
 systemd-resolve-1633    [022] b..1.  3521.295451: idpf_del_mac_filter 
<-idpf_addr_unsync
           rmmod-6089    [002] .....  3521.934980: idpf_vport_stop 
<-idpf_vport_dealloc
 systemd-resolve-1633    [022] b..1.  3522.297299: idpf_set_rx_mode 
<-dev_mc_del
 systemd-resolve-1633    [022] b..1.  3522.297316: idpf_addr_unsync 
<-__hw_addr_sync_dev
 systemd-resolve-1633    [022] b..1.  3522.297317: idpf_del_mac_filter 
<-idpf_addr_unsync
  kworker/u261:2-3157    [037] ...1.  3522.297931: 
idpf_mac_filter_async_handler: Received invalid MAC filter payload (op 
536) (len 0)
           rmmod-6089    [020] .....  3522.573251: idpf_vport_stop 
<-idpf_vport_dealloc
           rmmod-6089    [002] .....  3523.229936: idpf_vport_stop 
<-idpf_vport_dealloc
 systemd-resolve-1633    [022] b..1.  3523.311435: idpf_set_rx_mode 
<-dev_mc_del
 systemd-resolve-1633    [022] b..1.  3523.311452: idpf_addr_unsync 
<-__hw_addr_sync_dev
 systemd-resolve-1633    [022] b..1.  3523.311453: idpf_del_mac_filter 
<-idpf_addr_unsync