dapl: Fix segfault while freeing qp

In function dapls_ib_qp_free(), pointers qp and cm_ptr->cm_id->qp are pointing to the same qp
structure, initialized in function dapls_ib_qp_alloc(). The memory pointed by these pointers are freed
twice in function dapls_ib_qp_free(), using rdma_destroy_qp() for the case _OPENIB_CMA defined and
then further using ibv_destroy_qp(), causing a segmentation fault while freeing the qp. Therefore
assigned NULL value to qp to avoid freeing illegal memory.

Fixes: 7ff4f840bf11 ("common: add CM-EP linking to support mutiple CM's and proper protection during
destruction")

Signed-off-by: Bharat Potnuri <bharat@chelsio.com>
Acked-by: Arlin Davis <arlin.r.davis@intel.com>

diff --git a/dapl/openib_common/qp.c b/dapl/openib_common/qp.c
index 527fc1d4c46b62b4ca3f95a8471619a755056e7e..01f91ca2bd8305849a3171571203b21d26b8c42b 100644 (file)
--- a/dapl/openib_common/qp.c
+++ b/dapl/openib_common/qp.c
@@ -397,6 +397,7 @@ DAT_RETURN dapls_ib_qp_free(IN DAPL_IA * ia_ptr, IN DAPL_EP * ep_ptr)
 #ifdef _OPENIB_CMA_
                rdma_destroy_qp(cm_ptr->cm_id);
                cm_ptr->cm_id->qp = NULL;
+               qp = NULL;
 #endif
 
 #ifdef _OPENIB_MCM_