On 6/30/22 18:59, Hillf Danton wrote:
That hang can be skipped by removing the wait loop in srpt_release_sport() - in the direction of 9b64f7d0bb0a, sdev will not go home if any sport's refcount does not drop on ground. To do that, add port refcount to sdev in the diff below in bid to resurrect 9b64f7d0bb0a. Then gc work can be added for dying sports to drop tpg after delaying a second.
I'm afraid that the patch from your email will lead to a use-after-free of sdev->pd. As long as a session is live the ch->qp pointer may be dereferenced. The sdev->pd pointer is stored in the pd member of struct ib_qp and hence may be dereferenced by any function that uses ch->qp.
Thanks, Bart.
