[openib-general] [PATCH] Fix panic and memory leak in SA Query.
Roland Dreier
roland at topspin.com
Fri Nov 5 19:09:18 PST 2004
Sorry, this and the follow-up patch are wrong. The if the send
succeeds then we can't free the query structure until the query
finishes up. (The query will be freed in the appropriate ->release
method in this case).
You are right that there is a memory leak though. I fixed it like
this:
Index: infiniband/core/sa_query.c
===================================================================
--- infiniband/core/sa_query.c (revision 1166)
+++ infiniband/core/sa_query.c (working copy)
@@ -500,6 +500,7 @@
static void ib_sa_path_rec_release(struct ib_sa_query *sa_query)
{
+ kfree(sa_query->mad);
kfree(container_of(sa_query, struct ib_sa_path_query, sa_query));
}
@@ -544,11 +545,12 @@
rec, query->sa_query.mad->data);
ret = send_mad(&query->sa_query, timeout_ms);
- if (ret)
+ if (ret) {
+ kfree(query->sa_query.mad);
kfree(query);
+ } else
+ *sa_query = &query->sa_query;
- *sa_query = &query->sa_query;
-
return ret ? ret : query->sa_query.id;
}
EXPORT_SYMBOL(ib_sa_path_rec_get);
@@ -572,6 +574,7 @@
static void ib_sa_mcmember_rec_release(struct ib_sa_query *sa_query)
{
+ kfree(sa_query->mad);
kfree(container_of(sa_query, struct ib_sa_mcmember_query, sa_query));
}
@@ -617,11 +620,12 @@
rec, query->sa_query.mad->data);
ret = send_mad(&query->sa_query, timeout_ms);
- if (ret)
+ if (ret) {
+ kfree(query->sa_query.mad);
kfree(query);
+ } else
+ *sa_query = &query->sa_query;
- *sa_query = &query->sa_query;
-
return ret ? ret : query->sa_query.id;
}
EXPORT_SYMBOL(ib_sa_mcmember_rec_query);
More information about the general
mailing list