From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Fam Zheng <famz@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
James Bottomley <JBottomley@Parallels.com>
Subject: [PATCH 3.10 12/48] [SCSI] virtio-scsi: Skip setting affinity on uninitialized vq
Date: Sun, 11 May 2014 21:19:46 +0200 [thread overview]
Message-ID: <20140511191949.806756978@linuxfoundation.org> (raw)
In-Reply-To: <20140511191948.079900414@linuxfoundation.org>
3.10-stable review patch. If anyone has any objections, please let me know.
------------------
From: Fam Zheng <famz@redhat.com>
commit 0c8482ac92db5ac15792caf23b7f7df9e4f48ae1 upstream.
virtscsi_init calls virtscsi_remove_vqs on err, even before initializing
the vqs. The latter calls virtscsi_set_affinity, so let's check the
pointer there before setting affinity on it.
This fixes a panic when setting device's num_queues=2 on RHEL 6.5:
qemu-system-x86_64 ... \
-device virtio-scsi-pci,id=scsi0,addr=0x13,...,num_queues=2 \
-drive file=/stor/vm/dummy.raw,id=drive-scsi-disk,... \
-device scsi-hd,drive=drive-scsi-disk,...
[ 0.354734] scsi0 : Virtio SCSI HBA
[ 0.379504] BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
[ 0.380141] IP: [<ffffffff814741ef>] __virtscsi_set_affinity+0x4f/0x120
[ 0.380141] PGD 0
[ 0.380141] Oops: 0000 [#1] SMP
[ 0.380141] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 3.14.0+ #5
[ 0.380141] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2007
[ 0.380141] task: ffff88003c9f0000 ti: ffff88003c9f8000 task.ti: ffff88003c9f8000
[ 0.380141] RIP: 0010:[<ffffffff814741ef>] [<ffffffff814741ef>] __virtscsi_set_affinity+0x4f/0x120
[ 0.380141] RSP: 0000:ffff88003c9f9c08 EFLAGS: 00010256
[ 0.380141] RAX: 0000000000000000 RBX: ffff88003c3a9d40 RCX: 0000000000001070
[ 0.380141] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 0.380141] RBP: ffff88003c9f9c28 R08: 00000000000136c0 R09: ffff88003c801c00
[ 0.380141] R10: ffffffff81475229 R11: 0000000000000008 R12: 0000000000000000
[ 0.380141] R13: ffffffff81cc7ca8 R14: ffff88003cac3d40 R15: ffff88003cac37a0
[ 0.380141] FS: 0000000000000000(0000) GS:ffff88003e400000(0000) knlGS:0000000000000000
[ 0.380141] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 0.380141] CR2: 0000000000000020 CR3: 0000000001c0e000 CR4: 00000000000006f0
[ 0.380141] Stack:
[ 0.380141] ffff88003c3a9d40 0000000000000000 ffff88003cac3d80 ffff88003cac3d40
[ 0.380141] ffff88003c9f9c48 ffffffff814742e8 ffff88003c26d000 ffff88003c26d000
[ 0.380141] ffff88003c9f9c68 ffffffff81474321 ffff88003c26d000 ffff88003c3a9d40
[ 0.380141] Call Trace:
[ 0.380141] [<ffffffff814742e8>] virtscsi_set_affinity+0x28/0x40
[ 0.380141] [<ffffffff81474321>] virtscsi_remove_vqs+0x21/0x50
[ 0.380141] [<ffffffff81475231>] virtscsi_init+0x91/0x240
[ 0.380141] [<ffffffff81365290>] ? vp_get+0x50/0x70
[ 0.380141] [<ffffffff81475544>] virtscsi_probe+0xf4/0x280
[ 0.380141] [<ffffffff81363ea5>] virtio_dev_probe+0xe5/0x140
[ 0.380141] [<ffffffff8144c669>] driver_probe_device+0x89/0x230
[ 0.380141] [<ffffffff8144c8ab>] __driver_attach+0x9b/0xa0
[ 0.380141] [<ffffffff8144c810>] ? driver_probe_device+0x230/0x230
[ 0.380141] [<ffffffff8144c810>] ? driver_probe_device+0x230/0x230
[ 0.380141] [<ffffffff8144ac1c>] bus_for_each_dev+0x8c/0xb0
[ 0.380141] [<ffffffff8144c499>] driver_attach+0x19/0x20
[ 0.380141] [<ffffffff8144bf28>] bus_add_driver+0x198/0x220
[ 0.380141] [<ffffffff8144ce9f>] driver_register+0x5f/0xf0
[ 0.380141] [<ffffffff81d27c91>] ? spi_transport_init+0x79/0x79
[ 0.380141] [<ffffffff8136403b>] register_virtio_driver+0x1b/0x30
[ 0.380141] [<ffffffff81d27d19>] init+0x88/0xd6
[ 0.380141] [<ffffffff81d27c18>] ? scsi_init_procfs+0x5b/0x5b
[ 0.380141] [<ffffffff81ce88a7>] do_one_initcall+0x7f/0x10a
[ 0.380141] [<ffffffff81ce8aa7>] kernel_init_freeable+0x14a/0x1de
[ 0.380141] [<ffffffff81ce8b3b>] ? kernel_init_freeable+0x1de/0x1de
[ 0.380141] [<ffffffff817dec20>] ? rest_init+0x80/0x80
[ 0.380141] [<ffffffff817dec29>] kernel_init+0x9/0xf0
[ 0.380141] [<ffffffff817e68fc>] ret_from_fork+0x7c/0xb0
[ 0.380141] [<ffffffff817dec20>] ? rest_init+0x80/0x80
[ 0.380141] RIP [<ffffffff814741ef>] __virtscsi_set_affinity+0x4f/0x120
[ 0.380141] RSP <ffff88003c9f9c08>
[ 0.380141] CR2: 0000000000000020
[ 0.380141] ---[ end trace 8074b70c3d5e1d73 ]---
[ 0.475018] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009
[ 0.475018]
[ 0.475068] Kernel Offset: 0x0 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffff9fffffff)
[ 0.475068] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009
[jejb: checkpatch fixes]
Signed-off-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/scsi/virtio_scsi.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- a/drivers/scsi/virtio_scsi.c
+++ b/drivers/scsi/virtio_scsi.c
@@ -751,8 +751,12 @@ static void __virtscsi_set_affinity(stru
vscsi->affinity_hint_set = true;
} else {
- for (i = 0; i < vscsi->num_queues; i++)
+ for (i = 0; i < vscsi->num_queues; i++) {
+ if (!vscsi->req_vqs[i].vq)
+ continue;
+
virtqueue_set_affinity(vscsi->req_vqs[i].vq, -1);
+ }
vscsi->affinity_hint_set = false;
}
next prev parent reply other threads:[~2014-05-11 19:22 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-11 19:19 [PATCH 3.10 00/48] 3.10.40-stable review Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 01/48] drivers/tty/hvc: dont free hvc_console_setup after init Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 02/48] tty: serial: 8250_core.c Bug fix for Exar chips Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 03/48] n_tty: Fix n_tty_write crash when echoing in raw mode Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 04/48] floppy: ignore kernel-only members in FDRAWCMD ioctl input Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 05/48] floppy: dont write kernel-only members to FDRAWCMD ioctl output Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 06/48] iser-target: Add missing se_cmd put for WRITE_PENDING in tx_comp_err Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 07/48] ARM: 7840/1: LPAE: dont reject mapping /dev/mem above 4GB Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 08/48] KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155) Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 09/48] MIPS: KVM: Pass reserved instruction exceptions to guest Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 10/48] MIPS: Hibernate: Flush TLB entries in swsusp_arch_resume() Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 11/48] virtio_balloon: dont softlockup on huge balloon changes Greg Kroah-Hartman
2014-05-11 19:19 ` Greg Kroah-Hartman [this message]
2014-05-11 19:19 ` [PATCH 3.10 13/48] [SCSI] mpt2sas: Dont disable device twice at suspend Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 14/48] powerpc/compat: 32-bit little endian machine name is ppcle, not ppc Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 15/48] powerpc/tm: Disable IRQ in tm_recheckpoint Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 16/48] s390/chsc: fix SEI usage on old FW levels Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 17/48] s390/bpf,jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 18/48] ARC: Entry Handler tweaks: Simplify branch for in-kernel preemption Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 19/48] ARC: Entry Handler tweaks: Optimize away redundant IRQ_DISABLE_SAVE Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 20/48] framebuffer: fix cfb_copyarea Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 21/48] matroxfb: restore the registers M_ACCESS and M_PITCH Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 22/48] mach64: use unaligned access Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 23/48] mach64: fix cursor when character width is not a multiple of 8 pixels Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 24/48] b43: Fix machine check error due to improper access of B43_MMIO_PSM_PHY_HDR Greg Kroah-Hartman
2014-05-11 19:19 ` [PATCH 3.10 25/48] libata/ahci: accommodate tag ordered controllers Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 26/48] iwlwifi: dvm: take mutex when sending SYNC BT config command Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 27/48] mac80211: fix WPA with VLAN on AP side with ps-sta again Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 28/48] mac80211: fix software remain-on-channel implementation Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 29/48] mac80211: exclude AP_VLAN interfaces from tx power calculation Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 30/48] locks: allow __break_lease to sleep even when break_time is 0 Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 31/48] rtlwifi: rtl8723ae: Fix too long disable of IRQs Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 32/48] rtlwifi: rtl8188ee: " Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 33/48] rtlwifi: rtl8192cu: " Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 34/48] rtlwifi: rtl8192se: " Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 35/48] rtlwifi: rtl8192se: Fix regression due to commit 1bf4bbb Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 36/48] rtlwifi: rtl8188ee: initialize packet_beacon Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 37/48] gpio: mxs: Allow for recursive enable_irq_wake() call Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 38/48] tgafb: fix data copying Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 39/48] mtd: atmel_nand: Disable subpage NAND write when using Atmel PMECC Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 40/48] mtd: nuc900_nand: NULL dereference in nuc900_nand_enable() Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 41/48] mtd: sm_ftl: heap corruption in sm_create_sysfs_attributes() Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 42/48] Skip intel_crt_init for Dell XPS 8700 Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 43/48] dm transaction manager: fix corruption due to non-atomic transaction commit Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 44/48] dm thin: fix dangling bio in process_deferred_bios error path Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 45/48] lockd: ensure we tear down any live sockets when socket creation fails during lockd_up Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 46/48] Input: synaptics - add min/max quirk for ThinkPad T431s, L440, L540, S1 Yoga and X1 Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 47/48] Input: synaptics - add min/max quirk for ThinkPad Edge E431 Greg Kroah-Hartman
2014-05-11 19:20 ` [PATCH 3.10 48/48] drm: cirrus: add power management support Greg Kroah-Hartman
2014-05-11 22:50 ` [PATCH 3.10 00/48] 3.10.40-stable review Guenter Roeck
2014-05-12 21:54 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140511191949.806756978@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=JBottomley@Parallels.com \
--cc=famz@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.