Commit 414f91a0 authored Nov 20, 2024 by Alex Michon Committed by Jim Harris Nov 25, 2024

lib/nvmf: Fix double free of connect request



When a duplicated qid is detected, we store the connect request to retry
the connect later (in case the other queue with the same qid was in a
disconnection process).
If we successfully create the qpair on second try, we should clear the
connect_req, otherwise it may be confused with a first_fused_req
(because of the union).
When we receive an IO later, we think that there was a previous fused
command, so we abort the fused command (i.e. the connect request). So
this command is freed twice.

Change-Id: I66d0e6c813c2b4378bf03ebac68914340737632c
Signed-off-by: Alex Michon <amichon@kalrayinc.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/25460


Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: Shuhei Matsumoto <smatsumoto@nvidia.com>
Community-CI: Broadcom CI <spdk-ci.pdl@broadcom.com>
Community-CI: Mellanox Build Bot
Community-CI: Community CI Samsung <spdk.community.ci.samsung@gmail.com>
Reviewed-by: Changpeng Liu <changpeliu@tencent.com>

parent d8f6e798

lib/nvmf/ctrlr.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -311,6 +311,8 @@ nvmf_ctrlr_add_qpair(struct spdk_nvmf_qpair *qpair,
		return;
		}

		qpair->connect_req = NULL;

		SPDK_DTRACE_PROBE4_TICKS(nvmf_ctrlr_add_qpair, qpair, qpair->qid, ctrlr->subsys->subnqn,
		ctrlr->hostnqn);
		nvmf_qpair_set_ctrlr(qpair, ctrlr);