From: Leon Romanovsky <leon@kernel.org>
To: Bart Van Assche <bart.vanassche@sandisk.com>
Cc: Doug Ledford <dledford@redhat.com>,
linux-rdma@vger.kernel.org, Israel Rukshin <israelr@mellanox.com>,
Max Gurtovoy <maxg@mellanox.com>,
Laurence Oberman <loberman@redhat.com>,
Steve Feeley <Steve.Feeley@sandisk.com>,
stable@vger.kernel.org
Subject: Re: [PATCH v2 2/8] IB/srp: Avoid that duplicate responses trigger a kernel bug
Date: Wed, 15 Feb 2017 09:22:48 +0200 [thread overview]
Message-ID: <20170215072248.GO6989@mtr-leonro.local> (raw)
In-Reply-To: <20170214185636.29250-3-bart.vanassche@sandisk.com>
[-- Attachment #1: Type: text/plain, Size: 1304 bytes --]
On Tue, Feb 14, 2017 at 10:56:30AM -0800, Bart Van Assche wrote:
> After srp_process_rsp() returns there is a short time during which
> the scsi_host_find_tag() call will return a pointer to the SCSI
> command that is being completed. If during that time a duplicate
> response is received, avoid that the following call stack appears:
>
> BUG: unable to handle kernel NULL pointer dereference at (null)
> IP: srp_recv_done+0x450/0x6b0 [ib_srp]
> Oops: 0000 [#1] SMP
> CPU: 10 PID: 0 Comm: swapper/10 Not tainted 4.10.0-rc7-dbg+ #1
> Call Trace:
> <IRQ>
> __ib_process_cq+0x4b/0xd0 [ib_core]
> ib_poll_handler+0x1d/0x70 [ib_core]
> irq_poll_softirq+0xba/0x120
> __do_softirq+0xba/0x4c0
> irq_exit+0xbe/0xd0
> smp_apic_timer_interrupt+0x38/0x50
> apic_timer_interrupt+0x90/0xa0
> </IRQ>
> RIP: srp_recv_done+0x450/0x6b0 [ib_srp] RSP: ffff88046f483e20
>
> Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
> Cc: Israel Rukshin <israelr@mellanox.com>
> Cc: Max Gurtovoy <maxg@mellanox.com>
> Cc: Laurence Oberman <loberman@redhat.com>
> Cc: Steve Feeley <Steve.Feeley@sandisk.com>
> Cc: <stable@vger.kernel.org>
> ---
> drivers/infiniband/ulp/srp/ib_srp.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
Thanks,
Reviewed-by: Leon Romanovsky <leonro@mellanox.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2017-02-15 7:22 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-14 18:56 [PATCH v2 0/8] IB/srp bug fixes Bart Van Assche
[not found] ` <20170214185636.29250-1-bart.vanassche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
2017-02-14 18:56 ` [PATCH v2 1/8] IB/SRP: Avoid using IB_MR_TYPE_SG_GAPS Bart Van Assche
[not found] ` <20170214185636.29250-2-bart.vanassche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
2017-02-15 0:22 ` Bart Van Assche
2017-02-15 7:14 ` Leon Romanovsky
2017-02-15 8:19 ` Leon Romanovsky
[not found] ` <20170215081945.GP6989-U/DQcQFIOTAAJjI8aNfphQ@public.gmane.org>
2017-02-15 13:33 ` Laurence Oberman
2017-02-15 13:43 ` Laurence Oberman
2017-02-15 13:47 ` Leon Romanovsky
2017-02-15 14:53 ` Laurence Oberman
[not found] ` <242820990.31706010.1487170436012.JavaMail.zimbra-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-02-15 15:18 ` Leon Romanovsky
2017-02-15 15:42 ` Sagi Grimberg
2017-02-15 15:38 ` Sagi Grimberg
[not found] ` <cebcaeae-94a6-de82-cfc8-ce055b273836-NQWnxTmZq1alnMjI0IkVqw@public.gmane.org>
2017-02-15 15:42 ` Laurence Oberman
2017-02-15 16:18 ` Max Gurtovoy
2017-02-15 16:27 ` Sagi Grimberg
[not found] ` <0514bb01-95cf-c10a-b883-494f149845f3-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2017-02-15 16:30 ` Leon Romanovsky
2017-02-15 16:37 ` Laurence Oberman
2017-02-15 16:55 ` Sagi Grimberg
2017-02-15 23:49 ` Bart Van Assche
2017-02-16 6:14 ` Leon Romanovsky
2017-02-16 9:11 ` Max Gurtovoy
2017-02-14 18:56 ` [PATCH v2 2/8] IB/srp: Avoid that duplicate responses trigger a kernel bug Bart Van Assche
2017-02-15 7:22 ` Leon Romanovsky [this message]
2017-02-14 18:56 ` [PATCH v2 3/8] IB/srp: Fix race conditions related to task management Bart Van Assche
2017-02-14 18:56 ` [PATCH v2 4/8] IB/srp: Document locking conventions Bart Van Assche
2017-02-14 18:56 ` [PATCH v2 5/8] IB/srp: Make a diagnostic message more informative Bart Van Assche
2017-02-14 18:56 ` [PATCH v2 6/8] IB/srp: Improve an error path Bart Van Assche
2017-02-14 18:56 ` [PATCH v2 7/8] IB/core: Add support for draining IB_POLL_DIRECT completion queues Bart Van Assche
[not found] ` <20170214185636.29250-8-bart.vanassche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
2017-02-14 19:00 ` Steve Wise
2017-02-15 7:21 ` Leon Romanovsky
2017-02-14 18:56 ` [PATCH v2 8/8] IB/srp: Drain the send queue before destroying a QP Bart Van Assche
2017-02-19 14:21 ` [PATCH v2 0/8] IB/srp bug fixes Doug Ledford
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170215072248.GO6989@mtr-leonro.local \
--to=leon@kernel.org \
--cc=Steve.Feeley@sandisk.com \
--cc=bart.vanassche@sandisk.com \
--cc=dledford@redhat.com \
--cc=israelr@mellanox.com \
--cc=linux-rdma@vger.kernel.org \
--cc=loberman@redhat.com \
--cc=maxg@mellanox.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox