I applied Ralph's "fix dangling pointer references to ipoib_neigh and ipoib_path" patch to our local RHEL based kernel and experienced crashes in ipoib_neigh_cleanup. It turns out ipoib_neigh->list was not initialized properly. So the following code from Ralph's patch caused issues.
if (ipoib_cm_get(neigh)) ipoib_cm_destroy_tx(ipoib_cm_get(neigh)); Looking at Rolands upstream kernel it appears the same is true upstream. The patch below initializes ipoib_neigh->list correctly. Signed-off-by: Ira Weiny <wei...@llnl.gov> --- drivers/infiniband/ulp/ipoib/ipoib_main.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/ulp/ipoib/ipoib_main.c b/drivers/infiniband/ulp/ipoib/ipoib_main.c index b4b2257..fa38ede 100644 --- a/drivers/infiniband/ulp/ipoib/ipoib_main.c +++ b/drivers/infiniband/ulp/ipoib/ipoib_main.c @@ -882,6 +882,7 @@ struct ipoib_neigh *ipoib_neigh_alloc(struct neighbour *neighbour, if (!neigh) return NULL; + INIT_LIST_HEAD(&neigh->list); neigh->neighbour = neighbour; neigh->dev = dev; memset(&neigh->dgid.raw, 0, sizeof (union ib_gid)); -- 1.5.4.5 -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html