[PATCH] nvme-rdma: Always signal fabrics private commands
Steve Wise
swise at opengridcomputing.com
Tue Jun 28 07:20:18 PDT 2016
> On Sun, Jun 26, 2016 at 07:41:39PM +0300, Sagi Grimberg wrote:
> > Our error path is freeing the tagset before we free the queue (draining
> > the qp) so we get to a use-after-free condition (->done() is a freed
> > tag memory).
> >
> > Note that we must allocate the qp before we allocate the tagset because
> > we need the device when init_request callouts come. So we allocated
> > before, we free after. An alternative fix was to free the queue before
> > the tagset even though we allocated it before (as Steve suggested).
>
> Would draining, but not freeing the qp before freeing the tagset work?
> That seems like the most sensible option here.
disconnecting and draining, I think.
More information about the Linux-nvme
mailing list