[PATCH] nvmet-tcp: fix possible memory leak when tearing down a controller
Hannes Reinecke
hare at suse.de
Thu May 23 02:42:59 PDT 2024
On 4/28/24 10:49, Sagi Grimberg wrote:
> When we teardown the controller, we wait for pending I/Os to complete
> (sq->ref on all queues to drop to zero) and then we go over the commands,
> and free their command buffers in case they are still fetching data from
> the host (e.g. processing nvme writes) and have yet to take a reference
> on the sq.
>
> However, we may miss the case where commands have failed before executing
> and are queued for sending a response, but will never occur because the
> queue socket is already down. In this case we may miss deallocating command
> buffers.
>
> Solve this by freeing all commands buffers as nvmet_tcp_free_cmd_buffers is
> idempotent anyways.
>
> Reported-by: Yi Zhang <yi.zhang at redhat.com>
> Tested-by: Yi Zhang <yi.zhang at redhat.com>
> Signed-off-by: Sagi Grimberg <sagi at grimberg.me>
> ---
> drivers/nvme/target/tcp.c | 11 ++++-------
> 1 file changed, 4 insertions(+), 7 deletions(-)
>
Reviewed-by: Hannes Reinecke <hare at suse.de>
Cheers,
Hannes
More information about the Linux-nvme
mailing list