[openib-general] [PATCH] for 2.6.19 RDMA/cma: rdma_bind_addr() leaks a cma_dev reference count
Sean Hefty
sean.hefty at intel.com
Tue Oct 24 13:22:28 PDT 2006
From: Krishna Kumar <krkumar2 at in.ibm.com>
rdma_bind_addr() leaks a cma_dev reference count in failure case.
Signed-off-by: Krishna Kumar <krkumar2 at in.ibm.com>
Signed-off-by: Sean Hefty <sean.hefty at intel.com>
---
Modified from Krishna's patch to drop use of did_acquire_dev flag.
Because this bug is in error handling only, I don't believe that anyone
is hitting it in practice.
diff --git a/drivers/infiniband/core/cma.c b/drivers/infiniband/core/cma.c
index 9ae4f3a..d8ca3c1 100644
--- a/drivers/infiniband/core/cma.c
+++ b/drivers/infiniband/core/cma.c
@@ -1762,22 +1762,29 @@ int rdma_bind_addr(struct rdma_cm_id *id
if (!cma_any_addr(addr)) {
ret = rdma_translate_ip(addr, &id->route.addr.dev_addr);
- if (!ret) {
- mutex_lock(&lock);
- ret = cma_acquire_dev(id_priv);
- mutex_unlock(&lock);
- }
if (ret)
- goto err;
+ goto err1;
+
+ mutex_lock(&lock);
+ ret = cma_acquire_dev(id_priv);
+ mutex_unlock(&lock);
+ if (ret)
+ goto err1;
}
memcpy(&id->route.addr.src_addr, addr, ip_addr_size(addr));
ret = cma_get_port(id_priv);
if (ret)
- goto err;
+ goto err2;
return 0;
-err:
+err2:
+ if (!cma_any_addr(addr)) {
+ mutex_lock(&lock);
+ cma_detach_from_dev(id_priv);
+ mutex_unlock(&lock);
+ }
+err1:
cma_comp_exch(id_priv, CMA_ADDR_BOUND, CMA_IDLE);
return ret;
}
More information about the general
mailing list