From 5dce9869b2f612699fe4216c7091bd336ca62c14 Mon Sep 17 00:00:00 2001 From: Sean Hefty Date: Mon, 10 Jun 2019 11:41:16 -0700 Subject: [PATCH 1/2] util/mr: Set default mr.fid.ops.bind call Set the default call to fi_no_bind, rather than leaving null. This avoids a potential null deref, as seen when running fi_multi_mr test over the rxd provider with udp. Signed-off-by: Sean Hefty --- prov/util/src/util_mr_map.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/prov/util/src/util_mr_map.c b/prov/util/src/util_mr_map.c index 7ac450c16d3..d25f031c0fc 100644 --- a/prov/util/src/util_mr_map.c +++ b/prov/util/src/util_mr_map.c @@ -208,8 +208,9 @@ int ofi_mr_close(struct fid *fid) static struct fi_ops ofi_mr_fi_ops = { .size = sizeof(struct fi_ops), .close = ofi_mr_close, + .bind = fi_no_bind, .control = fi_no_control, - .ops_open = fi_no_ops_open, + .ops_open = fi_no_ops_open }; int ofi_mr_regattr(struct fid *fid, const struct fi_mr_attr *attr, From f94a4e2aabec21febcd1a24de97a647dbd3831b9 Mon Sep 17 00:00:00 2001 From: William Zhang Date: Mon, 10 Jun 2019 12:01:01 -0700 Subject: [PATCH 2/2] util_buf.c: Fix error handling segfault case Error path called free on an mmapped region. Added a check to unmap instead. Signed-off-by: William Zhang Signed-off-by: Raghu Raja Signed-off-by: Sean Hefty --- prov/util/src/util_buf.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/prov/util/src/util_buf.c b/prov/util/src/util_buf.c index 2d468f84805..d2f116f918f 100644 --- a/prov/util/src/util_buf.c +++ b/prov/util/src/util_buf.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2016 Intel Corporation. All rights reserved. - * Copyright (c) 2018 Amazon.com, Inc. or its affiliates. All rights reserved. + * Copyright (c) 2018-2019 Amazon.com, Inc. or its affiliates. All rights reserved. * * This software is available to you under a choice of one of two * licenses. You may choose to be licensed under the terms of the GNU @@ -161,7 +161,10 @@ int util_buf_grow(struct util_buf_pool *pool) if (pool->attr.free_hndlr) pool->attr.free_hndlr(pool->attr.ctx, buf_region->context); err2: - ofi_freealign(buf_region->mem_region); + if (pool->attr.is_mmap_region) + ofi_free_hugepage_buf(buf_region->mem_region, buf_region->size); + else + ofi_freealign(buf_region->mem_region); err1: free(buf_region); return -1;