[PATCH] nvmet-tcp: fix possible memory leak when tearing down a controller
Keith Busch
kbusch at kernel.org
Mon Apr 29 01:51:20 PDT 2024
On Sun, Apr 28, 2024 at 11:49:49AM +0300, Sagi Grimberg wrote:
> When we teardown the controller, we wait for pending I/Os to complete
> (sq->ref on all queues to drop to zero) and then we go over the commands,
> and free their command buffers in case they are still fetching data from
> the host (e.g. processing nvme writes) and have yet to take a reference
> on the sq.
>
> However, we may miss the case where commands have failed before executing
> and are queued for sending a response, but will never occur because the
> queue socket is already down. In this case we may miss deallocating command
> buffers.
>
> Solve this by freeing all commands buffers as nvmet_tcp_free_cmd_buffers is
> idempotent anyways.
>
> Reported-by: Yi Zhang <yi.zhang at redhat.com>
> Tested-by: Yi Zhang <yi.zhang at redhat.com>
> Signed-off-by: Sagi Grimberg <sagi at grimberg.me>
Thanks, applied to nvme-6.9.
More information about the Linux-nvme
mailing list