fcst: Avoid that login triggers a crash

mirror of https://github.com/SCST-project/scst.git synced 2026-05-17 10:41:26 +00:00

Fix the following crash triggered by FCoE initiator login:

BUG: unable to handle kernel NULL pointer dereference at 0000000000000002
IP: [<ffffffffa04b282b>] ft_prli+0x4b/0x350 [fcst]
PGD 1a7ba4067 PUD 1a7ba3067 PMD 0
Oops: 0000 [#1] SMP
CPU 0
Modules linked in: netconsole configfs ib_srpt fcst scst_vdisk scst
crc32c libcrc32c fcoe libfcoe libfc scsi_transport_fc snd_pcm_oss
snd_mixer_oss snd_seq snd_seq_device af_packet rdma_ucm rdma_cm iw_cm
ib_addr ib_ipoib ib_cm ib_sa ib_uverbs ib_umad mlx4_ib ib_mad ib_core
microcode cpufreq_conservative cpufreq_userspace cpufreq_powersave
acpi_cpufreq mperf dm_mod snd_hda_codec_hdmi snd_hda_codec_analog
snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_timer snd intel_agp
mlx4_core sr_mod sg intel_gtt cdrom soundcore i2c_i801 agpgart
snd_page_alloc i2c_core pcspkr button uhci_hcd sd_mod crc_t10dif
ehci_hcd usbcore edd ext3 mbcache jbd fan ata_generic ata_piix
pata_marvell ahci libahci libata scsi_mod thermal processor
thermal_sys hwmon [last unloaded: scst]

Pid: 3562, comm: fcoethread/0 Not tainted 3.1.5-debug+ #1 System
manufacturer P5Q DELUXE/P5Q DELUXE
RIP: 0010:[<ffffffffa04b282b>]  [<ffffffffa04b282b>] ft_prli+0x4b/0x350 [fcst]
RSP: 0018:ffff8801a6273b70  EFLAGS: 00010282
RAX: ffff8801a6273fd8 RBX: 0000000000000000 RCX: 0000000000000006
RDX: 0000000000000001 RSI: 2222222222222222 RDI: 2222222222222222
RBP: ffff8801a6273be0 R08: 2222222222222222 R09: 2222222222222222
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004
R13: ffff8801a6291c7c R14: ffff8801a6290800 R15: ffff8801a6290848
FS:  0000000000000000(0000) GS:ffff8801bfc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000002 CR3: 00000001a7ba1000 CR4: 00000000000406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process fcoethread/0 (pid: 3562, threadinfo ffff8801a6272000, task
ffff8801b13ecce0)
Stack:
 ffff8801a6273bc0 ffffffff812f7593 00000000000000c0 ffff8801b9002a00
 0000000000000100 000000000000002c 0000000000000000 ffff8801ae1a4a18
 ffff8801b1a1d600 ffff8801a6290800 ffff8801b1a1ce00 ffff8801ae1a4a18
Call Trace:
 [<ffffffff812f7593>] ? __alloc_skb+0x83/0x170
 [<ffffffffa03b95ec>] fc_rport_enter_prli+0xec/0x220 [libfc]
 [<ffffffffa03ba531>] fc_rport_recv_req+0x541/0x1280 [libfc]
 [<ffffffff81082e8d>] ? trace_hardirqs_on_caller+0x11d/0x1b0
 [<ffffffff813d44ad>] ? mutex_lock_nested+0x26d/0x330
 [<ffffffffa03b6c00>] ? fc_lport_recv_els_req+0x30/0x140 [libfc]
 [<ffffffffa03b6c1f>] fc_lport_recv_els_req+0x4f/0x140 [libfc]
 [<ffffffffa03b5f14>] fc_lport_recv_req+0x174/0x230 [libfc]
 [<ffffffffa03b5dd1>] ? fc_lport_recv_req+0x31/0x230 [libfc]
 [<ffffffff81082f2d>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffffa03b2f6c>] fc_exch_recv+0x63c/0xe50 [libfc]
 [<ffffffffa03ce3b8>] fcoe_recv_frame+0x1d8/0x410 [fcoe]
 [<ffffffff81082e8d>] ? trace_hardirqs_on_caller+0x11d/0x1b0
 [<ffffffffa03ceaf8>] ? fcoe_percpu_receive_thread+0x68/0xf0 [fcoe]
 [<ffffffff8104caf7>] ? local_bh_enable_ip+0x87/0xf0
 [<ffffffffa03ceb00>] fcoe_percpu_receive_thread+0x70/0xf0 [fcoe]
 [<ffffffffa03cea90>] ? fcoe_rcv+0x450/0x450 [fcoe]
 [<ffffffff81069656>] kthread+0x96/0xa0
 [<ffffffff813e0b74>] kernel_thread_helper+0x4/0x10
 [<ffffffff813d6d9d>] ? retint_restore_args+0xe/0xe
 [<ffffffff810695c0>] ? __init_kthread_worker+0x70/0x70
 [<ffffffff813e0b70>] ? gs_change+0xb/0xb
Code: 90 f6 05 e8 2c 00 00 02 49 89 fe 48 89 d3 49 89 cd 0f 85 8e 02
00 00 31 f6 48 c7 c7 00 50 4b a0 41 bc 04 00 00 00 e8 15 1a f2 e0 <0f>
b6 43 02 a8 c0 75 65 8b 4b 0c 41 b4 08 0f c9 f6 c1 30 74 58
RIP  [<ffffffffa04b282b>] ft_prli+0x4b/0x350 [fcst]
 RSP <ffff8801a6273b70>
CR2: 0000000000000002
---[ end trace c06e7c64e9c18831 ]---

BSD-signed-off-by: Bart Van Assche <bvanassche@acm.org>
Reviewed-by: Yi Zou <yi.zou@intel.com>


git-svn-id: http://svn.code.sf.net/p/scst/svn/trunk@4025 d57e44dd-8a1f-0410-8b47-8ef2f437770f

This commit is contained in:

Bart Van Assche

2011-12-21 09:28:50 +00:00

parent 393fed29d2

commit 19a0804026

1 changed files with 6 additions and 4 deletions

									
										10

fcst/ft_sess.c
									
												View File
												
				@@ -344,6 +344,9 @@ static int ft_prli_locked(struct fc_rport_priv *rdata, u32 spp_len,

					u32 fcp_parm;

					int ret;

					if (!rspp)

						goto fill;

					if (rspp->spp_flags & (FC_SPP_OPA_VAL | FC_SPP_RPA_VAL))

						return FC_SPP_RESP_NO_PA;

				@@ -377,6 +380,7 @@ static int ft_prli_locked(struct fc_rport_priv *rdata, u32 spp_len,

					 * If the initiator indicates RETRY, we must support that, too.

					 * Don't force RETRY on the initiator, though.

					 */

				fill:

					fcp_parm = ntohl(spp->spp_params);	/* response parameters */

					spp->spp_params = htonl(fcp_parm | FCP_SPPF_TARG_FCN);

					return FC_SPP_RESP_ACK;

				@@ -400,10 +404,8 @@ int ft_prli(struct fc_rport_priv *rdata, u32 spp_len,

					mutex_lock(&ft_lport_lock);

					ret = ft_prli_locked(rdata, spp_len, rspp, spp);

					mutex_unlock(&ft_lport_lock);

					FT_SESS_DBG("port_id %x flags %x parms %x ret %x\n",

							rdata->ids.port_id,

							rspp->spp_flags,

							ntohl(spp->spp_params), ret);

					FT_SESS_DBG("port_id %x flags %x parms %x ret %x\n", rdata->ids.port_id,

						    rspp ? rspp->spp_flags : 0, ntohl(spp->spp_params), ret);

					return ret;

				}

fcst: Avoid that login triggers a crash

10 fcst/ft_sess.c Unescape Escape View File

10

fcst/ft_sess.c

View File