summaryrefslogtreecommitdiff
path: root/lib/lockref.c
diff options
context:
space:
mode:
authorArun Easi <aeasi@marvell.com>2019-06-21 09:50:22 -0700
committerMartin K. Petersen <martin.petersen@oracle.com>2019-06-27 00:09:18 -0400
commit6a81533d616fe581b0d421ee6db3319eeac9486d (patch)
tree6d4d1ae6016352c11f95a62e5ee3ccfc9d9b7520 /lib/lockref.c
parentf5258d6e01f3c707d9ba70b2a14a158a6fadef11 (diff)
scsi: qla2xxx: Fix kernel crash after disconnecting NVMe devices
BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffffc050d10c>] qla_nvme_unregister_remote_port+0x6c/0xf0 [qla2xxx] PGD 800000084cf41067 PUD 84d288067 PMD 0 Oops: 0000 [#1] SMP Call Trace: [<ffffffff98abcfdf>] process_one_work+0x17f/0x440 [<ffffffff98abdca6>] worker_thread+0x126/0x3c0 [<ffffffff98abdb80>] ? manage_workers.isra.26+0x2a0/0x2a0 [<ffffffff98ac4f81>] kthread+0xd1/0xe0 [<ffffffff98ac4eb0>] ? insert_kthread_work+0x40/0x40 [<ffffffff9918ad37>] ret_from_fork_nospec_begin+0x21/0x21 [<ffffffff98ac4eb0>] ? insert_kthread_work+0x40/0x40 RIP [<ffffffffc050d10c>] qla_nvme_unregister_remote_port+0x6c/0xf0 [qla2xxx] The crash is due to a bad entry in the nvme_rport_list. This list is not protected, and when a remoteport_delete callback is called, driver traverses the list and crashes. Actually, the list could be removed and driver could traverse the main fcport list instead. Fix does exactly that. Signed-off-by: Arun Easi <aeasi@marvell.com> Signed-off-by: Himanshu Madhani <hmadhani@redhat.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Diffstat (limited to 'lib/lockref.c')
0 files changed, 0 insertions, 0 deletions