> -----Original Message-----
> From: Jason Gunthorpe [mailto:[email protected]]
> Sent: Wednesday, October 28, 2015 12:47 PM
>
> > ret = ib_nl_send_msg(query);
> > + spin_lock_irqsave(&ib_nl_request_lock, flags);
>
> Looks like query could be kfree'd before ib_nl_send_msg returns, eg by
> send_handler?
It's possible only when the request is successfully sent and a response is
received before ib_nl_send_msg returns. Therefore, we should not touch the
request and query if the sending is successfully. However, if the sending
fails, we could remove the request from the list.
>
>
> > if (ret <= 0) {
> > ret = -EIO;
> > - goto request_out;
> > + /* Remove the request */
> > + list_del(&query->list);
>
> This one is probably OK iff nl_send_msg cannot call send_handler if it returns
> error, which looks true.
Correct.
>
> > } else {
> > ret = 0;
> > + /* Start the timeout if this is the only request */
> > + if (ib_nl_request_list.next == &query->list)
>
> This one looks sketchy. Maybe move this to the first locking block? A extra
> timer on send error is not important enough to worry about..
You are correct. We should move it into the first block.
Kaike
>
> Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
