linux/drivers
Leon Romanovsky 25fd08eb2b RDMA/uverbs: Store PR pointer before it is overwritten
The IB_MR_REREG_PD command rewrites mr->pd after successful
rereg_user_mr(), such change causes to lost usecnt information and
produces the following warning:

 WARNING: CPU: 1 PID: 1771 at drivers/infiniband/core/verbs.c:336 ib_dealloc_pd+0x4e/0x60 [ib_core]
 CPU: 1 PID: 1771 Comm: rereg_mr Tainted: G        W  OE 5.0.0-rc7-for-upstream-perf-2019-02-20_14-03-40-34 #1
 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
 RIP: 0010:ib_dealloc_pd+0x4e/0x60 [ib_core]
 RSP: 0018:ffffc90003923dc0 EFLAGS: 00010286
 RAX: 00000000ffffffff RBX: ffff88821f7f0400 RCX: ffff888236a40c00
 RDX: ffff88821f7f0400 RSI: 0000000000000001 RDI: 0000000000000000
 RBP: 0000000000000001 R08: ffff88835f665d80 R09: ffff8882209c90d8
 R10: ffff88835ec003e0 R11: 0000000000000000 R12: ffff888221680ba0
 R13: ffff888221680b00 R14: 00000000ffffffea R15: ffff88821f53c318
 FS:  00007f70db11e740(0000) GS:ffff88835f640000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 0000000001dfd030 CR3: 000000029d9d8000 CR4: 00000000000006e0
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 Call Trace:
  uverbs_free_pd+0x2d/0x30 [ib_uverbs]
  destroy_hw_idr_uobject+0x16/0x40 [ib_uverbs]
  uverbs_destroy_uobject+0x28/0x170 [ib_uverbs]
  __uverbs_cleanup_ufile+0x6b/0x90 [ib_uverbs]
  uverbs_destroy_ufile_hw+0x8b/0x110 [ib_uverbs]
  ib_uverbs_close+0x1f/0x80 [ib_uverbs]
  __fput+0xb1/0x220
  task_work_run+0x7f/0xa0
  exit_to_usermode_loop+0x6b/0xb2
  do_syscall_64+0xc5/0x100
  entry_SYSCALL_64_after_hwframe+0x44/0xa9
 RIP: 0033:0x7f70dad00664

Fixes: e278173fd1 ("RDMA/core: Cosmetic change - move member initialization to correct block")
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Reviewed-by: Majd Dibbiny <majd@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
2019-02-21 14:09:23 -07:00
..
accessibility
acpi acpi/nfit: Fix command-supported detection 2019-01-21 09:58:31 -08:00
amba
android binderfs: switch from d_add() to d_instantiate() 2019-01-22 12:25:54 +01:00
ata SCSI fixes on 20190125 2019-01-26 15:03:43 -08:00
atm atm: he: fix sign-extension overflow on large shift 2019-01-17 11:27:00 -08:00
auxdisplay auxdisplay: charlcd: fix x/y command parsing 2018-12-21 21:27:21 +01:00
base PM-runtime: Fix deadlock with ktime_get() 2019-01-30 22:49:06 +01:00
bcma
block for-linus-20190118 2019-01-20 09:12:50 +12:00
bluetooth Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading 2018-12-19 13:43:42 +01:00
bus ARM: SoC driver updates 2018-12-31 17:32:35 -08:00
cdrom gdrom: fix a memory leak bug 2018-12-29 08:20:44 -07:00
char Char/Misc driver fixes for 5.0-rc4 2019-01-25 13:03:34 -10:00
clk clk: qcom: gcc: Use active only source for CPUSS clocks 2019-01-24 11:41:48 -08:00
clocksource arch/csky patches for 4.21-rc1 2019-01-05 09:50:07 -08:00
connector
cpufreq Merge branches 'pm-cpuidle', 'pm-cpufreq' and 'pm-sleep' 2019-01-11 10:09:51 +01:00
cpuidle cpuidle: poll_state: Fix default time limit 2019-01-30 22:57:42 +01:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-01-31 23:09:00 -08:00
dax mm, devm_memremap_pages: fix shutdown handling 2018-12-28 12:11:47 -08:00
dca
devfreq PM / devfreq: add devfreq_suspend/resume() functions 2018-12-11 11:40:13 +09:00
dio
dma cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
dma-buf drivers/dma-buf/udmabuf.c: convert to use vm_fault_t 2019-01-04 13:13:46 -08:00
edac EDAC, altera: Fix S10 persistent register offset 2019-01-24 17:13:59 +01:00
eisa
extcon
firewire scsi: communicate max segment size to the DMA mapping code 2019-01-22 20:40:59 -05:00
firmware efi/arm64: Fix debugfs crash by adding a terminator for ptdump marker 2019-02-02 11:27:29 +01:00
fmc
fpga Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
fsi
gnss Merge 4.20-rc6 into tty-next 2018-12-10 10:17:45 +01:00
gpio gpio: vf610: Mask all GPIO interrupts 2019-01-28 15:28:43 +01:00
gpu lib/scatterlist: Provide a DMA page iterator 2019-02-11 15:02:33 -07:00
hid HID: core: simplify active collection tracking 2019-01-16 14:29:48 +01:00
hsi
hv vmbus: fix subchannel removal 2019-01-09 19:20:31 -05:00
hwmon hwmon: (tmp421) Correct the misspelling of the tmp442 compatible attribute in OF device ID table 2019-01-17 12:54:52 -08:00
hwspinlock hwspinlock: fix return value check in stm32_hwspinlock_probe() 2019-01-03 11:42:10 -08:00
hwtracing intel_th: msu: Fix an off-by-one in attribute store 2018-12-19 20:21:06 +01:00
i2c i2c: tegra: Fix Maximum transfer size 2019-01-11 00:15:04 +01:00
i3c i3c: master: dw: fix deadlock 2019-01-26 11:14:25 +01:00
ide ide: ensure atapi sense request aren't preempted 2019-01-31 08:25:09 -07:00
idle
iio - New Device Support 2019-01-15 06:24:36 +12:00
infiniband RDMA/uverbs: Store PR pointer before it is overwritten 2019-02-21 14:09:23 -07:00
input Mostly driver fixes, but there's a core framework fix in here too. 2019-01-31 23:22:57 -08:00
iommu IOMMU Fixes for Linux v5.0-rc4 2019-01-30 09:30:03 -08:00
ipack
irqchip xtensa fixes for v5.0-rc5 2019-02-01 16:56:30 -08:00
isdn isdn: avm: Fix string plus integer warning from Clang 2019-01-19 10:01:03 -08:00
leds leds: lp5523: fix a missing check of return value of lp55xx_read 2019-01-17 22:27:39 +01:00
lightnvm lightnvm: pblk: fix use-after-free bug 2018-12-22 14:45:35 -07:00
macintosh Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
mailbox mailbox: tegra-hsp: Use device-managed registration API 2018-12-21 22:31:26 -06:00
mcb
md md/raid5: fix 'out of memory' during raid cache recovery 2019-01-28 11:44:40 -08:00
media lib/scatterlist: Provide a DMA page iterator 2019-02-11 15:02:33 -07:00
memory ARM: SoC: late updates 2019-01-05 11:30:37 -08:00
memstick MMC core: 2018-12-28 16:52:18 -08:00
message scsi: flip the default on use_clustering 2018-12-18 23:13:12 -05:00
mfd mfd: Fix unmet dependency warning for MFD_TPS68470 2019-01-29 10:55:34 +01:00
misc drivers/mic/scif: do not use mmap_sem 2019-02-07 12:54:02 -07:00
mmc mmc: mediatek: fix incorrect register setting of hs400_cmd_int_delay 2019-01-28 12:49:28 +01:00
mtd mtd: rawnand: denali: get ->setup_data_interface() working again 2019-01-18 10:27:01 +01:00
mux
net Merge branch 'mlx5-next' into rdma.git for-next 2019-02-21 12:40:18 -07:00
nfc
ntb cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
nubus
nvdimm libnvdimm/security: Require nvdimm_security_setup_events() to succeed 2019-01-21 09:57:43 -08:00
nvme for-linus-20190125 2019-01-26 12:42:41 -08:00
nvmem
of OF: properties: add missing of_node_put 2019-01-16 12:49:53 -06:00
opp cpufreq: scpi/scmi: Fix freeing of dynamic OPPs 2019-01-04 12:19:40 +01:00
oprofile
parisc Kconfig file consolidation for v4.21 2018-12-29 13:40:29 -08:00
parport
pci pci-v5.0-fixes-3 2019-01-31 23:06:17 -08:00
pcmcia Included in this update: 2019-01-05 11:23:17 -08:00
perf drivers/perf: hisi: Fixup one DDRC PMU register offset 2019-01-04 10:13:27 +00:00
phy USB/PHY fixes for 5.0-rc4 2019-01-25 12:57:09 -10:00
pinctrl Pin control bulk changes for the v4.21 kernel cycle: 2019-01-01 13:19:16 -08:00
platform platform/x86: Fix unmet dependency warning for SAMSUNG_Q10 2019-01-29 10:59:07 +01:00
pnp Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
power power supply and reset changes for the v4.21 series 2018-12-28 20:22:45 -08:00
powercap
pps Kconfig updates for v4.21 2018-12-29 13:03:29 -08:00
ps3
ptp ptp: check that rsv field is zero in struct ptp_sys_offset_extended 2019-01-08 16:22:56 -05:00
pwm pwm: imx: Add ipg clock operation 2018-12-24 12:06:56 +01:00
rapidio cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
ras treewide: surround Kconfig file paths with double quotes 2018-12-22 00:25:54 +09:00
regulator Merge remote-tracking branch 'regulator/topic/coupled' into regulator-next 2018-12-21 13:43:35 +00:00
remoteproc virtio: don't allocate vqs when names[i] = NULL 2019-01-14 20:15:19 -05:00
reset reset: uniphier-glue: Add AHCI reset control support in glue layer 2019-01-07 16:38:51 +01:00
rpmsg
rtc RTC for 4.21 2019-01-01 13:24:31 -08:00
s390 SCSI fixes on 20190201 2019-02-02 10:12:53 -08:00
sbus Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-next 2018-12-26 10:32:18 -08:00
scsi SCSI fixes on 20190201 2019-02-02 10:12:53 -08:00
sfi
sh
siox
slimbus
sn
soc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-01-16 05:13:36 +12:00
soundwire
spi cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
spmi
ssb
staging staging: android: ion: Support cpu access during dma_buf_detach 2019-01-22 11:38:09 +01:00
target scsi: tcmu: fix use after free 2019-01-22 20:54:00 -05:00
tc
tee OP-TEE dynamic shm log message 2018-12-31 13:06:30 -08:00
thermal Merge branch 'for-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2019-01-23 16:23:41 +13:00
thunderbolt
tty RISC-V Fixes for 5.0-rc5 2019-02-02 10:26:14 -08:00
uio Char/Misc driver patches for 4.21-rc1 2018-12-28 20:54:57 -08:00
usb USB-serial fixes for 5.0-rc3 2019-01-18 12:58:20 +01:00
uwb
vfio vfio-pci/nvlink2: Fix ancient gcc warnings 2019-01-23 08:20:43 -07:00
vhost vhost: fix OOB in get_rx_bufs() 2019-01-28 22:53:09 -08:00
video TTY/Serial driver fixes for 5.0-rc4 2019-01-25 12:58:40 -10:00
virt
virtio virtio-balloon: tweak config_changed implementation 2019-01-14 20:15:20 -05:00
visorbus
vlynq
vme
w1 treewide: surround Kconfig file paths with double quotes 2018-12-22 00:25:54 +09:00
watchdog watchdog: tqmx86: Fix a couple IS_ERR() vs NULL bugs 2019-01-07 10:10:35 +01:00
xen arm64/xen: fix xen-swiotlb cache flushing 2019-01-23 22:14:56 +01:00
zorro
Kconfig Kconfig file consolidation for v4.21 2018-12-29 13:40:29 -08:00
Makefile