* [PATCH 0/2] IB/iSER bugfixes
@ 2008-03-03 10:35 Arne Redlich
0 siblings, 0 replies; only message in thread
From: Arne Redlich @ 2008-03-03 10:35 UTC (permalink / raw)
To: Roland Dreier; +Cc: ofa-general, lkml, erezz
Hi,
While reading through the iSER code I noticed two rather nasty issues:
1. The iteration through the list of "iser_device"s during device
lookup/creation is broken - it might result in an infinite loop if more
than 1 HCA is used with iSER. Use list_for_each_entry() instead of the
custom, flawed list iteration code.
2. "iser_device" allocation failure is "handled" with a BUG_ON() right
before dereferencing the NULL-pointer.
This is really scary, so here's my idea of a fix. Someone with a deeper
understanding of the code should have a look at it since I'm not sure it
does The Right Thing.
Both patches are merely compile tested, and patch #2 needs to be applied
on top of #1.
Cheers,
Arne
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2008-03-03 10:57 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-03-03 10:35 [PATCH 0/2] IB/iSER bugfixes Arne Redlich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox