From: Bharat Potnuri <bharat@chelsio.com>
Date: Tue, 29 Sep 2015 15:49:10 +0000 (-0700)
Subject: dapl: Fix segfault while freeing qp
X-Git-Tag: dapl-2.1.7-1~2
X-Git-Url: https://openfabrics.org/gitweb/?a=commitdiff_plain;h=5410203cf0f5908540b43bfa2a219de4b9042a01;p=~ardavis%2Fdapl.git

dapl: Fix segfault while freeing qp

In function dapls_ib_qp_free(), pointers qp and cm_ptr->cm_id->qp are pointing to the same qp
structure, initialized in function dapls_ib_qp_alloc(). The memory pointed by these pointers are freed
twice in function dapls_ib_qp_free(), using rdma_destroy_qp() for the case _OPENIB_CMA defined and
then further using ibv_destroy_qp(), causing a segmentation fault while freeing the qp. Therefore
assigned NULL value to qp to avoid freeing illegal memory.

Fixes: 7ff4f840bf11 ("common: add CM-EP linking to support mutiple CM's and proper protection during
destruction")

Signed-off-by: Bharat Potnuri <bharat@chelsio.com>
Acked-by: Arlin Davis <arlin.r.davis@intel.com>
---

diff --git a/dapl/openib_common/qp.c b/dapl/openib_common/qp.c
index 527fc1d..01f91ca 100644
--- a/dapl/openib_common/qp.c
+++ b/dapl/openib_common/qp.c
@@ -397,6 +397,7 @@ DAT_RETURN dapls_ib_qp_free(IN DAPL_IA * ia_ptr, IN DAPL_EP * ep_ptr)
 #ifdef _OPENIB_CMA_
 		rdma_destroy_qp(cm_ptr->cm_id);
 		cm_ptr->cm_id->qp = NULL;
+		qp = NULL;
 #endif
 
 #ifdef _OPENIB_MCM_