[openib-general] Re: minor issue in SA query code

Wed, 01 Jun 2005 15:58:51 -0700 

    Sean> It looks like there might be minor race issue in the SA
    Sean> query code.  ib_sa_path_rec_get() and
    Sean> ib_sa_mcmember_rec_query() both return
    Sean> query->sa_query.id.  However, if a send completes
    Sean> quickly, I think that it's possible that query could have
    Sean> been freed.

I think this patch should fix it -- does this seem right to you?

 - R.

--- sa_query.c  (revision 2518)
+++ sa_query.c  (working copy)
@@ -551,6 +551,7 @@ int ib_sa_path_rec_get(struct ib_device 
        struct ib_sa_device *sa_dev = ib_get_client_data(device, &sa_client);
        struct ib_sa_port   *port   = &sa_dev->port[port_num - 
sa_dev->start_port];
        struct ib_mad_agent *agent  = port->agent;
+       int id;
        int ret;
 
        query = kmalloc(sizeof *query, gfp_mask);
@@ -578,6 +579,8 @@ int ib_sa_path_rec_get(struct ib_device 
                rec, query->sa_query.mad->data);
 
        *sa_query = &query->sa_query;
+       id        = query->sa_query.id;
+
        ret = send_mad(&query->sa_query, timeout_ms);
        if (ret) {
                *sa_query = NULL;
@@ -585,7 +588,7 @@ int ib_sa_path_rec_get(struct ib_device 
                kfree(query);
        }
 
-       return ret ? ret : query->sa_query.id;
+       return ret ? ret : id;
 }
 EXPORT_SYMBOL(ib_sa_path_rec_get);
 
@@ -627,6 +630,7 @@ int ib_sa_mcmember_rec_query(struct ib_d
        struct ib_sa_device *sa_dev = ib_get_client_data(device, &sa_client);
        struct ib_sa_port   *port   = &sa_dev->port[port_num - 
sa_dev->start_port];
        struct ib_mad_agent *agent  = port->agent;
+       int id;
        int ret;
 
        query = kmalloc(sizeof *query, gfp_mask);
@@ -654,6 +658,8 @@ int ib_sa_mcmember_rec_query(struct ib_d
                rec, query->sa_query.mad->data);
 
        *sa_query = &query->sa_query;
+       id        = query->sa_query.id;
+
        ret = send_mad(&query->sa_query, timeout_ms);
        if (ret) {
                *sa_query = NULL;
@@ -661,7 +667,7 @@ int ib_sa_mcmember_rec_query(struct ib_d
                kfree(query);
        }
 
-       return ret ? ret : query->sa_query.id;
+       return ret ? ret : id;
 }
 EXPORT_SYMBOL(ib_sa_mcmember_rec_query);
 
_______________________________________________
openib-general mailing list
[email protected]
http://openib.org/mailman/listinfo/openib-general

To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general

Reply via email to