[openib-general] Fwd: [PATCH] id_priv_list->list is not initialized sometimes

Michael S. Tsirkin mst at mellanox.co.il
Tue Sep 19 00:25:09 PDT 2006


----- Forwarded message from Krishna Kumar <krkumar2 at in.ibm.com> -----

From: "Krishna Kumar" <krkumar2 at in.ibm.com>
Date: Tue, 19 Sep 2006 12:32:10 +0530
Subject: [PATCH] id_priv_list->list is not initialized
 sometimes

rdma_listen could be called from a context where id_priv->list
is not initialized. Then at a later stage, a cma_cancel_listen
does a list_del() which could oops since this element is not
on any list. 

Eg, in rdma_listen(), if id->device is !NULL, it calls
cma_ib_listen() which doesn't add this id to any list. A
cma_cancel_listen() will do a list_del.

Signed-off-by: Krishna Kumar <krkumar2 at in.ibm.com>
--------

diff -ruNp org/core/cma.c new/core/cma.c
--- org/core/cma.c	2006-09-14 15:31:27.000000000 +0530
+++ new/core/cma.c	2006-09-14 16:07:35.000000000 +0530
@@ -339,6 +339,7 @@ struct rdma_cm_id* rdma_create_id(rdma_c
 	atomic_set(&id_priv->dev_remove, 0);
 	INIT_LIST_HEAD(&id_priv->listen_list);
 	INIT_LIST_HEAD(&id_priv->mc_list);
+	INIT_LIST_HEAD(&id_priv->list);
 	get_random_bytes(&id_priv->seq_num, sizeof id_priv->seq_num);
 
 	return &id_priv->id;

----- End forwarded message -----

Did you actually see these crashes?
If yes, this might need to be fixed even for 2.6.18. Sean?

-- 
MST




More information about the general mailing list