> > + next_id = (unsigned)id + 1;
>
> what happens when this wraps and becomes negative?
>
> in fact the idr stuff all works with plain signed ints -- could
> idr_get_new() ever give a negative id? (too lazy too look at the
> source right now)
A quick looks makes it look like idr stuff is *really* not designed to
get a negative input: and note that old code has the wrap-around problem, too.
So, I think the following would be a better fix:
Hmm?
Signed-off-by: Michael S. Tsirkin <[EMAIL PROTECTED]>
diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c
index eff591d..5e77b01 100644
--- a/drivers/infiniband/core/cm.c
+++ b/drivers/infiniband/core/cm.c
@@ -306,7 +306,9 @@ static int cm_alloc_id(struct cm_id_private *cm_id_priv)
do {
spin_lock_irqsave(&cm.lock, flags);
ret = idr_get_new_above(&cm.local_id_table, cm_id_priv,
- next_id++, &id);
+ next_id, &id);
+ if (!ret)
+ next_id = id == 0x7ffffff ? 0 : id + 1;
spin_unlock_irqrestore(&cm.lock, flags);
} while( (ret == -EAGAIN) && idr_pre_get(&cm.local_id_table,
GFP_KERNEL) );
--
MST
_______________________________________________
general mailing list
general@lists.openfabrics.org
http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general
To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
