forked from Minki/linux
25c1ca6eca
Receiving a zero length message leads to the following warnings because the CQE is processed twice: refcount_t: underflow; use-after-free. WARNING: CPU: 0 PID: 0 at lib/refcount.c:28 RIP: 0010:refcount_warn_saturate+0xd9/0xe0 Call Trace: <IRQ> nvme_rdma_recv_done+0xf3/0x280 [nvme_rdma] __ib_process_cq+0x76/0x150 [ib_core] ... Sanity check the received data length, to avoids this. Thanks to Chao Leng & Sagi for suggestions. Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Reviewed-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Christoph Hellwig <hch@lst.de> |
||
---|---|---|
.. | ||
core.c | ||
fabrics.c | ||
fabrics.h | ||
fault_inject.c | ||
fc.c | ||
fc.h | ||
hwmon.c | ||
Kconfig | ||
lightnvm.c | ||
Makefile | ||
multipath.c | ||
nvme.h | ||
pci.c | ||
rdma.c | ||
tcp.c | ||
trace.c | ||
trace.h | ||
zns.c |