[openib-general] [PATCHv2] osm: OSM crash TRIVIAL bug fix

[Yevgeny Kliteynik]

Hi Hal.

This patch fixes an OSM crash when working with Cisco's stack.
Cisco's doesn't follow the same TID convention when generating transaction
id which in some bad flow revealed this bug in the get_madw lookup.
The bug is in get_madw which does not cleanup old pointers to
retrieved madw and also does not detect lookup of its reserved "free" entry
of key==0.

(This better text replaces my previous patch:
 "OSM crash when working with Cisco's TopSpin stack")

Yevgeny

Signed-off-by:  Yevgeny Kliteynik < kliteyn at mellanox.co.il>

Index: osm/libvendor/osm_vendor_ibumad.c
===================================================================
--- osm/libvendor/osm_vendor_ibumad.c   (revision 8614)
+++ osm/libvendor/osm_vendor_ibumad.c   (working copy)
@@ -141,12 +141,20 @@ get_madw(osm_vendor_t *p_vend, ib_net64_
        ib_net64_t mtid = (*tid & cl_ntoh64(0x00000000ffffffffllu));
        osm_madw_t *res;

+    /*
+     * Since mtid == 0 is the empty key we should not
+     * waste time looking for it
+     */
+    if (mtid == 0)
+       return 0;
+
        cl_spinlock_acquire( &p_vend->match_tbl_lock );
        for (m = p_vend->mtbl.tbl, e = m + p_vend->mtbl.max; m < e; m++) {
                if (m->tid == mtid) {
                        m->tid = 0;
                        *tid = mtid;
                        res = m->v;
+                       m->v = NULL; /* just make sure we do not point to
free'd madw */
                        cl_spinlock_release( &p_vend->match_tbl_lock );
                        return res;
                }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openfabrics.org/pipermail/general/attachments/20060814/35998953/attachment.html>