Re: [PATCH] scsi: lpfc: Fix improper handling of refcount in lpfc_bsg_hba_get_event()

From: Justin Tee
Date: Tue Nov 05 2024 - 14:31:54 EST

Next message: Jiasheng Jiang: "[PATCH] iio: trigger: stm32-timer-trigger: Add check for clk_enable()"
Previous message: Nathan Chancellor: "Re: [PATCH v5 01/16] x86/stackprotector: Work around strict Clang TLS symbol requirements"
In reply to: Qiu-ji Chen: "[PATCH] scsi: lpfc: Fix improper handling of refcount in lpfc_bsg_hba_get_event()"
Next in thread: kernel test robot: "Re: [PATCH] scsi: lpfc: Fix improper handling of refcount in lpfc_bsg_hba_get_event()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Qiu-ji,

Similar to the other suggested patch, this does not look logically
correct. if (evt_dat == NULL) evaluates to true, then that means the
list_for_each_entry_safe(evt, evt_next, &phba->ct_ev_waiters, node)
loop did not find an evt lpfc_bsg_event object of interest or that the
phba->ct_ev_waiters list is empty.

Why would this patch want to call lpfc_bsg_event_unref on an evt
object that is not of specified interest indicated by the bsg
event_req object?

Even worse, as mentioned in the other email, this patch could kref_put
on the phba->ct_ev_waiters head which is not a preallocated
lpfc_bsg_event object leading to references on an uninitialized memory
region.

Sorry, but I cannot acknowledge this patch as well.

Regards,
Justin

Next message: Jiasheng Jiang: "[PATCH] iio: trigger: stm32-timer-trigger: Add check for clk_enable()"
Previous message: Nathan Chancellor: "Re: [PATCH v5 01/16] x86/stackprotector: Work around strict Clang TLS symbol requirements"
In reply to: Qiu-ji Chen: "[PATCH] scsi: lpfc: Fix improper handling of refcount in lpfc_bsg_hba_get_event()"
Next in thread: kernel test robot: "Re: [PATCH] scsi: lpfc: Fix improper handling of refcount in lpfc_bsg_hba_get_event()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]