[openib-general] CMA oops
Sean Hefty
mshefty at ichips.intel.com
Wed Aug 30 13:17:01 PDT 2006
Michael S. Tsirkin wrote:
>>I'm trying to come up with a fix for this, but I'm not convinced it's the
>>problem that you're seeing.
>
>
> Could be what you describe leads to a memory corruption.
I believe so. If this were the cause of the crash, I would expect to see an
issue with list->prev->prev or list->prev->next etc, not list->prev. I haven't
been able to determine how list->prev could be NULL, but id_priv->cma_dev be set
when cma_attach_to_dev() is called. It's true that the test for
id_priv->cma_dev in rdma_destroy_id() isn't protected by a lock, but the lock
around the call to cma_detach_from_dev() should ensure that cma_attach_to_dev()
-- which sets id_priv->cma_dev -- completes before we detach.
- Sean
More information about the general
mailing list