From: James Smart <james.smart@broadcom.com>
Date: Mon, 30 Nov 2020 10:12:26 -0800
Subject: scsi: lpfc: Correct null ndlp reference on routine exit
Patch-mainline: v5.11-rc1
Git-commit: 9d8de441db261dbb4abb989674a62d1c13fe4f93
References: bsc#1164780
smatch correctly called out a logic error with accessing a pointer after
checking it for null:
drivers/scsi/lpfc/lpfc_els.c:2043 lpfc_cmpl_els_plogi()
error: we previously assumed 'ndlp' could be null (see line 1942)
Adjust the exit point to avoid the trace printf ndlp reference. A trace
entry was already generated when the ndlp was checked for null.
Link: https://lore.kernel.org/r/20201130181226.16675-1-james.smart@broadcom.com
Fixes: 4430f7fd09ec ("scsi: lpfc: Rework locations of ndlp reference taking")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Acked-by: Daniel Wagner <dwagner@suse.de>
---
drivers/scsi/lpfc/lpfc_els.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/drivers/scsi/lpfc/lpfc_els.c
+++ b/drivers/scsi/lpfc/lpfc_els.c
@@ -1946,7 +1946,7 @@ lpfc_cmpl_els_plogi(struct lpfc_hba *phb
irsp->un.elsreq64.remoteID,
irsp->ulpStatus, irsp->un.ulpWord[4],
irsp->ulpIoTag);
- goto out;
+ goto out_freeiocb;
}
/* Since ndlp can be freed in the disc state machine, note if this node
@@ -2042,6 +2042,7 @@ lpfc_cmpl_els_plogi(struct lpfc_hba *phb
"PLOGI Cmpl PUT: did:x%x refcnt %d",
ndlp->nlp_DID, kref_read(&ndlp->kref), 0);
+out_freeiocb:
/* Release the reference on the original I/O request. */
free_ndlp = (struct lpfc_nodelist *)cmdiocb->context1;