leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7b898542f6
linux/drivers
History
Quinn Tran 7b898542f6 qla2xxx: ABTS cause double free of qla_tgt_cmd +. 
Fix double free problem within qla2xxx driver where
current code prematurely free qla_tgt_cmd while firmware
still has the command.  When firmware release the command
after abort, the code attempt a second free as part of
command completion processing.

When TCM start the free process, NULL pointer was hit.

------
WARNING: CPU: 8 PID: 43613 at lib/list_debug.c:62 __list_del_entry+0x82/0xd0()
list_del corruption. next->prev should be ffff88082b5cfb08, but was 6b6b6b6b6b6b6b6b
CPU: 8 PID: 43613 Comm: kworker/8:0 Tainted: GF       W  O 3.13.0-rc3-nab_t10dif+ #6
Hardware name: HP ProLiant DL380p Gen8, BIOS P70 08/20/2012
Workqueue: events cache_reap
000000000000003e ffff88081b2e3c78 ffffffff815a051f 000000000000003e
ffff88081b2e3cc8 ffff88081b2e3cb8 ffffffff8104fc2c 0000000000000000
ffff88082b5cfb00 ffff88081c788d00 ffff88082b5d7200 ffff88082b5d3080
Call Trace:
[<ffffffff815a051f>] dump_stack+0x49/0x62
[<ffffffff8104fc2c>] warn_slowpath_common+0x8c/0xc0
[<ffffffff8104fd16>] warn_slowpath_fmt+0x46/0x50
[<ffffffff812b6592>] __list_del_entry+0x82/0xd0
[<ffffffff8106d48c>] process_one_work+0x12c/0x510
[<ffffffff8106d4d3>] ? process_one_work+0x173/0x510
[<ffffffff8106ebdf>] worker_thread+0x11f/0x3a0
[<ffffffff8106eac0>] ? manage_workers+0x170/0x170
[<ffffffff81074f26>] kthread+0xf6/0x120
[<ffffffff8109f103>] ? __lock_release+0x133/0x1b0
[<ffffffff81074e30>] ? __init_kthread_worker+0x70/0x70
[<ffffffff815aec2c>] ret_from_fork+0x7c/0xb0
[<ffffffff81074e30>] ? __init_kthread_worker+0x70/0x70
---[ end trace dfc05c3f7caf8ebe ]---
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: [<ffffffff8106d391>] process_one_work+0x31/0x510
-------

Signed-off-by: Quinn Tran <quinn.tran@qlogic.com>
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Saurav Kashyap <saurav.kashyap@qlogic.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
2014-05-19 13:31:05 +02:00
..
accessibility
acpi Merge branches 'acpi-ec' and 'acpi-processor' 2014-05-03 00:20:31 +02:00
amba ARM: SoC: driver changes 2014-04-05 15:37:40 -07:00
ata Merge branch 'for-3.15-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2014-04-24 09:57:02 -07:00
atm
auxdisplay
base drivercore: deferral race condition fix 2014-04-29 15:44:05 +01:00
bcma bcma: gpio: register 32 GPIOs on BCM5357 2014-03-27 14:20:04 -04:00
block floppy: don't write kernel-only members to FDRAWCMD ioctl output 2014-05-05 07:46:56 -07:00
bluetooth Bluetooth: Add support for Lite-on [04ca:3007] 2014-04-25 09:47:16 +03:00
bus ARM: SoC: driver changes 2014-04-05 15:37:40 -07:00
cdrom
char agp: info leak in agpioc_info_wrap() 2014-05-06 13:05:00 -07:00
clk vexpress: Initialise the sysregs before setting up the clocks 2014-05-04 11:35:29 +01:00
clocksource Merge branch 'clockevents/3.15-fixes' of git://git.linaro.org/people/daniel.lezcano/linux into timers/urgent 2014-04-29 19:26:58 +02:00
connector net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-04-24 13:44:54 -04:00
cpufreq cpufreq: ppc-corenet-cpufreq: Fix __udivdi3 modpost error 2014-04-29 01:28:17 +02:00
cpuidle Merge branch 'pm-cpuidle' 2014-04-08 13:27:40 +02:00
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2014-04-03 09:28:16 -07:00
dca
devfreq
dio
dma dma: fix eDMA driver as a subsys_initcall 2014-04-16 12:03:47 +05:30
edac Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2014-04-04 09:50:07 -07:00
eisa
extcon
firewire
firmware Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-11 11:58:33 -07:00
fmc
gpio A few fixes for the GPIO tree: 2014-04-22 09:28:02 -07:00
gpu Merge branch 'mullins' of git://people.freedesktop.org/~deathsimple/linux into drm-fixes 2014-05-07 09:10:28 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2014-05-07 16:07:58 -07:00
hsi
hv Drivers: hv: vmbus: Negotiate version 3.0 when running on ws2012r2 hosts 2014-04-16 14:14:07 -07:00
hwmon Revert "hwmon: (coretemp) Refine TjMax detection" 2014-05-01 04:07:52 -07:00
hwspinlock
i2c Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2014-04-09 08:45:40 -07:00
ide
idle intel_idle: fix IVT idle state table setting 2014-04-21 23:36:07 +02:00
iio iio: adc: Nothing in ADC should be a bool CONFIG 2014-04-26 11:22:16 +01:00
infiniband RDMA/cxgb4: Update Kconfig to include Chelsio T5 adapter 2014-04-28 17:29:41 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2014-05-08 14:06:45 -07:00
iommu Merge git://git.infradead.org/iommu-2.6 into iommu/fixes 2014-04-16 16:09:40 +02:00
ipack
irqchip mvebu irqchip ifxes for v3.15 2014-04-29 19:23:22 +02:00
isdn hisax/icc: add missing semicolon after label 2014-04-22 21:22:47 -04:00
leds Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/linux-leds 2014-04-10 09:06:10 -07:00
lguest drivers/lguest/page_tables.c: rename do_set_pte() 2014-04-07 16:35:52 -07:00
macintosh
mailbox
mcb drivers: mcb: fix memory leak in chameleon_parse_cells() error path 2014-04-16 12:28:47 -07:00
md A few dm-thinp fixes for changes merged in 3.15-rc1. 2014-05-02 14:14:02 -07:00
media platform: Fix timberdale dependencies 2014-04-16 11:57:27 +05:30
memory
memstick
message PCI changes for the v3.15 merge window: 2014-04-01 15:14:04 -07:00
mfd mmc: rtsx: Revert "mmc: rtsx: add support for pre_req and post_req" 2014-05-08 08:44:50 +01:00
misc misc: Grammar s/addition/additional/ 2014-04-16 12:28:47 -07:00
mmc mmc: rtsx: Revert "mmc: rtsx: add support for pre_req and post_req" 2014-05-08 08:44:50 +01:00
mtd MTD update for 3.15-rc5 2014-05-07 16:28:52 -07:00
net net: macb: Fix race between HW and driver 2014-05-05 17:11:18 -04:00
nfc
ntb ntb: Use pci_enable_msix_range() instead of pci_enable_msix() 2014-04-07 10:59:20 -07:00
nubus
of of/irq: do irq resolution in platform_get_irq 2014-04-24 21:40:22 +01:00
oprofile
parisc
parport
pci PCI: tegra: Use new OF interrupt mapping when possible 2014-04-16 10:24:32 -06:00
pcmcia PCI changes for the v3.15 merge window: 2014-04-01 15:14:04 -07:00
phy phy: fix kernel oops in phy_lookup() 2014-04-24 12:53:38 -07:00
pinctrl sh-pfc: r8a7791: Fix definition of MOD_SEL3 2014-04-23 16:09:53 +02:00
platform alienware-wmi: cover some scenarios where memory allocations would fail 2014-04-10 12:11:56 -04:00
pnp asmlinkage: Add explicit __visible to drivers/*, lib/*, kernel/* 2014-05-05 16:07:46 -07:00
power power/reset: vexpress: Fix restart/power off operation 2014-04-24 17:20:50 +01:00
powercap CPU hotplug notifiers registration fixes for 3.15-rc1 2014-04-07 14:55:46 -07:00
pps
ps3
ptp net: ptp: move PTP classifier in its own file 2014-04-01 16:43:18 -04:00
pwm Shiraz has moved 2014-04-18 16:40:08 -07:00
rapidio rapidio: rework device hierarchy and introduce mport class of devices 2014-04-07 16:36:07 -07:00
regulator regulator: pbias: Convert to use regmap helper functions 2014-04-14 22:16:25 +01:00
remoteproc
reset Merge branch 'reset/for_v3.15' of git://git.pengutronix.de/git/pza/linux into next/drivers 2014-03-27 01:28:19 +01:00
rpmsg
rtc drivers/rtc/rtc-pcf8523.c: fix month definition 2014-05-06 13:04:58 -07:00
s390 s390/chsc: fix SEI usage on old FW levels 2014-04-17 12:46:28 +02:00
sbus
scsi qla2xxx: ABTS cause double free of qla_tgt_cmd +. 2014-05-19 13:31:05 +02:00
sfi
sh ARM: SoC: sh driver changes 2014-04-05 15:38:41 -07:00
sn
spi Merge remote-tracking branches 'spi/fix/atmel', 'spi/fix/bfin5xx', 'spi/fix/hspi' and 'spi/fix/sirf' into spi-linus 2014-04-23 13:50:18 +01:00
spmi
ssb
staging Second set of fixes for IIO in the 3.15 cycle. 2014-04-30 14:19:23 -07:00
target Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-04-12 17:31:22 -07:00
tc
thermal Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2014-04-10 09:15:46 -07:00
tty tty: Fix lockless tty buffer race 2014-05-03 18:14:28 -04:00
uio
usb USB: Nokia 5300 should be treated as unusual dev 2014-05-03 19:41:07 -04:00
uwb uwb: don't call spin_unlock_irq in a USB completion handler 2014-04-24 12:45:40 -07:00
vfio VFIO updates for v3.15 include: 2014-04-03 14:05:02 -07:00
vhost Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2014-04-12 16:51:08 -07:00
video video: Kconfig: move drm and fb into separate menus 2014-04-17 08:10:20 +03:00
virt
virtio
vlynq
vme vme_tsi148: Utilize to_pci_dev() macro 2014-04-16 14:08:37 -07:00
w1 w1: avoid recursive device_add 2014-04-16 14:07:51 -07:00
watchdog CPU hotplug notifiers registration fixes for 3.15-rc1 2014-04-07 14:55:46 -07:00
xen Xen regression and bug fixes for 3.15-rc1. 2014-04-17 10:54:07 -07:00
zorro
Kconfig
Makefile video: move fbdev to drivers/video/fbdev 2014-04-17 08:10:19 +03:00