20 Mar
2024
20 Mar
'24
9:39 p.m.
On 3/20/24 14:30, Alexander Wetzel wrote:
sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_put().
sg_device_destroy() is accessing the parent scsi device request_queue. Which will already be set to NULL when the preceding call to scsi_device_put() removed the last reference to the parent scsi device.
The resulting NULL pointer exception will then crash the kernel.
Reviewed-by: Bart Van Assche bvanassche@acm.org