On Mon, 2018-03-12 at 21:26 +0200, Leon Romanovsky wrote:
> From: Leon Romanovsky <leonro@xxxxxxxxxxxx>
>
> The failure in rereg_mr flow caused to set garbage value (error value)
> into mr->umem pointer. This pointer is accessed at the release stage
> and it causes to the following crash.
>
> There is not enough to simply change umem to point to NULL, because the
> MR struct is needed to be accessed during MR deregistration phase, so
> delay kfree too.
[ snip ]
Thanks, applied to for-rc.
--
Doug Ledford <dledford@xxxxxxxxxx>
GPG KeyID: B826A3330E572FDD
Key fingerprint = AE6B 1BDA 122B 23B4 265B 1274 B826 A333 0E57 2FDDAttachment:
signature.asc
Description: This is a digitally signed message part
