My colleague Bev Schwartz found that in src/sys/dev/pci/if_bnx.c, workqueue_enqueue is called with a struct work * that points to a static variable. But, this struct is used as a linked list, and reuse of the struct risks creating a circular list. bnx's workqueue callback does not free the struct work *. Other workqueue uses seem to alloc before enqueue and then free after the work is done. It turns out that under our workloads we have yet to see a case where wk->wk_entry == wk. Can anyone explain why the current code is ok, or how it should change?
Attachment:
pgp0zfUXK_u_m.pgp
Description: PGP signature