Re: net: deadlock between ip_expire/sch_direct_xmit

[Eric Dumazet]

On Tue, Mar 14, 2017 at 8:03 AM, Paolo Abeni <pabeni@xxxxxxxxxx> wrote:

> I'm wondering if we really need to keep the fragment queue lock held
> while sending the icmp packet ? we hold a reference to the struct, so
> it can't be deleted, and AFAICS after ipq_kill() nobody else could
> access/modify that queue.
>
> That lock is there pretty much forever, but perhaps is only a leftover
> and we can release it just after ipq_kill() ?

Maybe, but for peace of mind I would make sure this code path owns the
skb (head) before releasing the lock.

Seems something to try for net-next ?