On 5/23/21 10:57 AM, Mike Christie wrote: > The comment in iscsi_eh_session_reset is wrong and we don't wait for the > EH to complete before tearing down the conn. This has us get a ref to the > conn when we are not holding the eh_mutex/frwd_lock so it does not get > freed from under us. > > Signed-off-by: Mike Christie <michael.christie@xxxxxxxxxx> > --- > drivers/scsi/libiscsi.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c > index 6ca3d35a3d11..b7445d9e99d6 100644 > --- a/drivers/scsi/libiscsi.c > +++ b/drivers/scsi/libiscsi.c > @@ -2492,7 +2492,6 @@ int iscsi_eh_session_reset(struct scsi_cmnd *sc) > > cls_session = starget_to_session(scsi_target(sc->device)); > session = cls_session->dd_data; > - conn = session->leadconn; > > mutex_lock(&session->eh_mutex); > spin_lock_bh(&session->frwd_lock); > @@ -2507,13 +2506,14 @@ int iscsi_eh_session_reset(struct scsi_cmnd *sc) > return FAILED; > } > > + conn = session->leadconn; > + iscsi_get_conn(conn->cls_conn); > + > spin_unlock_bh(&session->frwd_lock); > mutex_unlock(&session->eh_mutex); > - /* > - * we drop the lock here but the leadconn cannot be destoyed while > - * we are in the scsi eh > - */ > + > iscsi_conn_failure(conn, ISCSI_ERR_SCSI_EH_SESSION_RST); > + iscsi_put_conn(conn->cls_conn); > > ISCSI_DBG_EH(session, "wait for relogin\n"); > wait_event_interruptible(conn->ehwait, > Reviewed-by: Lee Duncan <lduncan@xxxxxxxx>
