From ce244a77a97274b973198c1f398fe56c34a1a99e Mon Sep 17 00:00:00 2001
From: Shi Jin <sjina@amazon.com>
Date: Tue, 2 Apr 2024 22:57:47 +0000
Subject: [PATCH] prov/efa: Fix error handling in efa_rdm_cq_poll_ibv_cq

When ibv_start_poll or ibv_next_poll return error, it may read
a cqe from a destroyed EP (QP). In this case we shouldn't call
efa_rdm_cq_get_prov_errno, which may use a freed EP from the
pkt_entry (wr_id) and cause segmentation fault.

Signed-off-by: Shi Jin <sjina@amazon.com>
---
 prov/efa/src/rdm/efa_rdm_cq.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prov/efa/src/rdm/efa_rdm_cq.c b/prov/efa/src/rdm/efa_rdm_cq.c
index 128259e6d7c..a70552f3f09 100644
--- a/prov/efa/src/rdm/efa_rdm_cq.c
+++ b/prov/efa/src/rdm/efa_rdm_cq.c
@@ -381,7 +381,7 @@ void efa_rdm_cq_poll_ibv_cq(ssize_t cqe_to_process, struct efa_ibv_cq *ibv_cq)
 
 	if (err && err != ENOENT) {
 		err = err > 0 ? err : -err;
-		prov_errno = efa_rdm_cq_get_prov_errno(ibv_cq->ibv_cq_ex);
+		prov_errno = ibv_wc_read_vendor_err(ibv_cq->ibv_cq_ex);
 		EFA_WARN(FI_LOG_CQ, "Unexpected error when polling ibv cq, err: %s (%zd) prov_errno: %s (%d)\n", fi_strerror(err), err, efa_strerror(prov_errno), prov_errno);
 		efa_show_help(prov_errno);
 		err_entry = (struct fi_cq_err_entry) {