Commit fe4e74ee authored by Michael J. Ruhl's avatar Michael J. Ruhl Committed by Doug Ledford

IB/hfi1: Initialize TID lists to avoid crash on cleanup

The expected receive lists (tid_xxx_list) are not initialized until
late in the receive context initialization.  If an error happens
before the initialization, a NULL pointer access will occur during
cleanup.

Initialized the lists sooner rather than later to avoid this Oops:

IP: unlock_exp_tids.isra.11+0x26/0xd0 [hfi1]
RIP: 0010:unlock_exp_tids.isra.11+0x26/0xd0 [hfi1]
Call Trace:
 hfi1_user_exp_rcv_free+0x79/0xb0 [hfi1]
 hfi1_file_close+0x87/0x360 [hfi1]
 __fput+0xe7/0x210
 ____fput+0xe/0x10
Reviewed-by: default avatarMike Marciniszyn <mike.marciniszyn@intel.com>
Reviewed-by: default avatarSebastian Sanchez <sebastian.sanchez@intel.com>
Signed-off-by: default avatarMichael J. Ruhl <michael.j.ruhl@intel.com>
Signed-off-by: default avatarDennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
parent 581d01aa
...@@ -69,10 +69,6 @@ int hfi1_alloc_ctxt_rcv_groups(struct hfi1_ctxtdata *rcd) ...@@ -69,10 +69,6 @@ int hfi1_alloc_ctxt_rcv_groups(struct hfi1_ctxtdata *rcd)
struct tid_group *grp; struct tid_group *grp;
int i; int i;
hfi1_exp_tid_group_init(&rcd->tid_group_list);
hfi1_exp_tid_group_init(&rcd->tid_used_list);
hfi1_exp_tid_group_init(&rcd->tid_full_list);
tidbase = rcd->expected_base; tidbase = rcd->expected_base;
for (i = 0; i < rcd->expected_count / for (i = 0; i < rcd->expected_count /
dd->rcv_entries.group_size; i++) { dd->rcv_entries.group_size; i++) {
......
...@@ -67,6 +67,7 @@ ...@@ -67,6 +67,7 @@
#include "aspm.h" #include "aspm.h"
#include "affinity.h" #include "affinity.h"
#include "vnic.h" #include "vnic.h"
#include "exp_rcv.h"
#undef pr_fmt #undef pr_fmt
#define pr_fmt(fmt) DRIVER_NAME ": " fmt #define pr_fmt(fmt) DRIVER_NAME ": " fmt
...@@ -221,6 +222,9 @@ struct hfi1_ctxtdata *hfi1_create_ctxtdata(struct hfi1_pportdata *ppd, u32 ctxt, ...@@ -221,6 +222,9 @@ struct hfi1_ctxtdata *hfi1_create_ctxtdata(struct hfi1_pportdata *ppd, u32 ctxt,
hfi1_cdbg(PROC, "setting up context %u\n", ctxt); hfi1_cdbg(PROC, "setting up context %u\n", ctxt);
INIT_LIST_HEAD(&rcd->qp_wait_list); INIT_LIST_HEAD(&rcd->qp_wait_list);
hfi1_exp_tid_group_init(&rcd->tid_group_list);
hfi1_exp_tid_group_init(&rcd->tid_used_list);
hfi1_exp_tid_group_init(&rcd->tid_full_list);
rcd->ppd = ppd; rcd->ppd = ppd;
rcd->dd = dd; rcd->dd = dd;
__set_bit(0, rcd->in_use_ctxts); __set_bit(0, rcd->in_use_ctxts);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment