github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-10 15:42:19 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
dc953e8985
linux/drivers
History
Asias He 96e9cd3d06 virtio-scsi: Fix virtqueue affinity setup 
commit aa52aeea27 upstream.

vscsi->num_queues counts the number of request virtqueue which does not
include the control and event virtqueue. It is wrong to subtract
VIRTIO_SCSI_VQ_BASE from vscsi->num_queues.

This patch fixes the following panic.

(qemu) device_del scsi0

 BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
 IP: [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
 PGD 0
 Oops: 0000 [#1] SMP
 Modules linked in:
 CPU: 0 PID: 659 Comm: kworker/0:1 Not tainted 3.11.0-rc2+ #1172
 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
 Workqueue: kacpi_hotplug _handle_hotplug_event_func
 task: ffff88007bee1cc0 ti: ffff88007bfe4000 task.ti: ffff88007bfe4000
 RIP: 0010:[<ffffffff8179b29f>]  [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
 RSP: 0018:ffff88007bfe5a38  EFLAGS: 00010202
 RAX: 0000000000000010 RBX: ffff880077fd0d28 RCX: 0000000000000050
 RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000000
 RBP: ffff88007bfe5a58 R08: ffff880077f6ff00 R09: 0000000000000001
 R10: ffffffff8143e673 R11: 0000000000000001 R12: 0000000000000001
 R13: ffff880077fd0800 R14: 0000000000000000 R15: ffff88007bf489b0
 FS:  0000000000000000(0000) GS:ffff88007ea00000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
 CR2: 0000000000000020 CR3: 0000000079f8b000 CR4: 00000000000006f0
 Stack:
  ffff880077fd0d28 0000000000000000 ffff880077fd0800 0000000000000008
  ffff88007bfe5a78 ffffffff8179b37d ffff88007bccc800 ffff88007bccc800
  ffff88007bfe5a98 ffffffff8179b3b6 ffff88007bccc800 ffff880077fd0d28
 Call Trace:
  [<ffffffff8179b37d>] virtscsi_set_affinity+0x2d/0x40
  [<ffffffff8179b3b6>] virtscsi_remove_vqs+0x26/0x50
  [<ffffffff8179c7d2>] virtscsi_remove+0x82/0xa0
  [<ffffffff814cb6b2>] virtio_dev_remove+0x22/0x70
  [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
  [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
  [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
  [<ffffffff81679936>] device_del+0x126/0x1e0
  [<ffffffff81679a06>] device_unregister+0x16/0x30
  [<ffffffff814cb889>] unregister_virtio_device+0x19/0x30
  [<ffffffff814cdad6>] virtio_pci_remove+0x36/0x80
  [<ffffffff81464ae7>] pci_device_remove+0x37/0x70
  [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
  [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
  [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
  [<ffffffff81679936>] device_del+0x126/0x1e0
  [<ffffffff8145edfc>] pci_stop_bus_device+0x9c/0xb0
  [<ffffffff8145f036>] pci_stop_and_remove_bus_device+0x16/0x30
  [<ffffffff81474a9e>] acpiphp_disable_slot+0x8e/0x150
  [<ffffffff81474f6a>] hotplug_event_func+0xba/0x1a0
  [<ffffffff814906c8>] ? acpi_os_release_object+0xe/0x12
  [<ffffffff81475911>] _handle_hotplug_event_func+0x31/0x70
  [<ffffffff810b5333>] process_one_work+0x183/0x500
  [<ffffffff810b66e2>] worker_thread+0x122/0x400
  [<ffffffff810b65c0>] ? manage_workers+0x2d0/0x2d0
  [<ffffffff810bc5de>] kthread+0xce/0xe0
  [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
  [<ffffffff81ca045c>] ret_from_fork+0x7c/0xb0
  [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
 Code: 01 00 00 00 74 59 45 31 e4 83 bb c8 01 00 00 02 74 46 66 2e 0f 1f 84 00 00 00 00 00 49 63 c4 48 c1 e0 04 48 8b bc 0
3 10 02 00 00 <48> 8b 47 20 48 8b 80 d0 01 00 00 48 8b 40 50 48 85 c0 74 07 be
 RIP  [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
  RSP <ffff88007bfe5a38>
 CR2: 0000000000000020
 ---[ end trace 99679331a3775f48 ]---

Signed-off-by: Asias He <asias@redhat.com>
Reviewed-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-08-14 22:59:04 -07:00
..
accessibility
acpi ACPI / battery: Fix parsing _BIX return value 2013-08-11 18:35:24 -07:00
amba
ata libata: make it clear that sata_inic162x is experimental 2013-08-04 16:50:55 +08:00
atm atm: he: use mdelay instead of large udelay constants 2013-04-29 13:26:48 -04:00
auxdisplay
base regmap: cache: bail in regmap_async_complete() for bus-less maps 2013-08-04 16:50:58 +08:00
bcma bcma: add more core IDs 2013-05-17 14:31:05 -04:00
block xen-blkfront: use a different scatterlist for each request 2013-08-11 18:35:24 -07:00
bluetooth Bluetooth: fix wrong use of PTR_ERR() in btusb 2013-08-11 18:35:23 -07:00
bus
cdrom drivers/cdrom/cdrom.c: use kzalloc() for failing hardware 2013-07-13 11:42:26 -07:00
char hwrng: bcm2835: fix MODULE_LICENSE tag 2013-08-11 18:35:26 -07:00
clk ARM: tegra30: clocks: Fix pciex clock registration 2013-06-16 11:25:45 -07:00
clocksource clocksource: dw_apb: Fix error check 2013-07-25 14:07:29 -07:00
connector
cpufreq cpufreq: Fix cpufreq driver module refcount balance after suspend/resume 2013-08-11 18:35:24 -07:00
cpuidle Revert "cpuidle: Quickly notice prediction failure for repeat mode" 2013-08-11 18:35:24 -07:00
crypto crypto: caam - Fixed the memory out of bound overwrite issue 2013-08-04 16:50:57 +08:00
dca
devfreq
dio
dma dma: pl330: Fix cyclic transfers 2013-08-11 18:35:21 -07:00
edac EDAC: Fix lockdep splat 2013-07-28 16:30:11 -07:00
eisa PCI changes for the v3.10 merge window: 2013-04-29 09:30:25 -07:00
extcon Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
firewire firewire: fix libdc1394/FlyCap2 iso event regression 2013-08-04 16:50:38 +08:00
firmware efivar: fix oops in efivar_update_sysfs_entries() caused by memory reuse 2013-05-13 20:20:02 +01:00
gpio gpio/omap: don't use linear domain mapping for OMAP1 2013-06-25 23:13:40 -07:00
gpu drm/i915: make SDVO TV-out work for multifunction devices 2013-08-11 18:35:25 -07:00
hid HID: apple: Add support for the 2013 Macbook Air 2013-07-21 18:21:29 -07:00
hsi
hv Drivers: hv: balloon: Do not post pressure status if interrupted 2013-08-04 16:50:58 +08:00
hwmon hwmon: (max6697) fix MAX6581 ideality 2013-08-11 18:35:21 -07:00
hwspinlock A single patch from Vincent extending OMAP's hwspinlock support to OMAP5. 2013-05-07 14:01:27 -07:00
i2c i2c-piix4: Add AMD CZ SMBus device ID 2013-07-25 14:07:28 -07:00
ide block_device_operations->release() should return void 2013-05-07 02:16:21 -04:00
idle Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux 2013-05-11 15:23:17 -07:00
iio iio: inkern: fix iio_convert_raw_to_processed_unlocked 2013-07-25 14:07:23 -07:00
infiniband iscsi-target: Fix iscsit_sequence_cmd reject handling for iser 2013-08-04 16:51:17 +08:00
input Input: bcm5974 - add support for the 2013 MacBook Air 2013-07-21 18:21:29 -07:00
iommu iommu/amd: Only unmap large pages from the first pte 2013-07-25 14:07:42 -07:00
ipack
irqchip ARM: SoC fixes for 3.10-rc 2013-06-22 09:44:45 -10:00
isdn isdn/kcapi: fix a small underflow 2013-05-20 13:38:14 -07:00
leds drivers/leds/leds-ot200.c: fix error caused by shifted mask 2013-05-24 16:22:51 -07:00
lguest lguest: clear cached last cpu when guest_set_pgd() called. 2013-05-08 10:49:18 +09:30
macintosh powerpc/windfarm: Fix noisy slots-fan on Xserve (rm31) 2013-08-11 18:35:20 -07:00
mailbox
md dm verity: fix inability to use a few specific devices sizes 2013-08-04 16:51:02 +08:00
media media: dmxdev: remove dvb_ringbuffer_flush() on writer side 2013-07-28 16:30:21 -07:00
memory drivers/memory: don't check resource with devm_ioremap_resource 2013-05-18 11:55:52 +02:00
memstick block_device_operations->release() should return void 2013-05-07 02:16:21 -04:00
message Merge branch 'for-3.10/core' of git://git.kernel.dk/linux-block 2013-05-08 10:13:35 -07:00
mfd mfd: tps6586x: correct device name of the regulator cell 2013-06-24 12:37:47 +01:00
misc Char / Misc fixes for 3.10-rc6 2013-06-14 19:15:36 -10:00
mmc mmc: omap_hsmmc: Skip platform_get_resource_byname() for dt case 2013-05-26 14:23:11 -04:00
mtd drivers/mtd/nand: don't check resource with devm_ioremap_resource 2013-05-18 11:55:55 +02:00
net iwlwifi: dvm: don't send BT_CONFIG on devices w/o Bluetooth 2013-08-11 18:35:26 -07:00
nfc NFC: mei: Do not disable MEI devices from their remove routine 2013-05-21 10:48:41 +02:00
ntb NTB: Multiple NTB client fix 2013-05-15 10:58:22 -07:00
nubus nubus: Kill nubus_proc_detach_device() 2013-05-04 14:47:26 -04:00
of of: Fix address decoding on Bimini and js2x machines 2013-07-25 14:07:32 -07:00
oprofile
parisc parisc: Fix interrupt routing for C8000 serial ports 2013-08-11 18:35:21 -07:00
parport parisc: parport0: fix this legacy no-device port driver! 2013-06-01 14:46:42 +02:00
pci PCI: Retry allocation of only the resource type that failed 2013-08-11 18:35:24 -07:00
pcmcia pcmcia: at91_cf: fix gpio_get_value in at91_cf_get_status 2013-07-21 18:21:25 -07:00
pinctrl Renesas ARM based SoC fixes for v3.10 2013-06-07 18:11:02 -07:00
platform x86 / platform / hp_wmi: Fix bluetooth_rfkill misuse in hp_wmi_rfkill_setup() 2013-06-01 23:51:48 +02:00
pnp Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-05-02 10:16:16 -07:00
power charger-manager: Ensure event is not used as format string 2013-07-13 11:42:26 -07:00
pps Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
ps3
ptp ptp_pch: fix error handling in pch_probe() 2013-05-25 21:24:15 -07:00
pwm drivers/pwm: don't check resource with devm_ioremap_resource 2013-05-18 11:55:58 +02:00
rapidio RAPIDIO: IDT_GEN2: Fix build error. 2013-07-28 16:30:07 -07:00
regulator mfd: tps6586x: correct device name of the regulator cell 2013-06-24 12:37:47 +01:00
remoteproc This pull request contains: 2013-05-07 14:04:56 -07:00
reset
rpmsg A small pull request consisting of: 2013-05-07 14:02:00 -07:00
rtc drivers/rtc/rtc-rv3029c2.c: fix disabling AIE irq 2013-07-21 18:21:28 -07:00
s390 SCSI: zfcp: status read buffers on first adapter open with link down 2013-07-25 14:07:30 -07:00
sbus
scsi virtio-scsi: Fix virtqueue affinity setup 2013-08-14 22:59:04 -07:00
sfi
sh
sn
spi spi: spi-davinci: Fix direction in dma_map_single() 2013-08-11 18:35:25 -07:00
ssb - Lots of cleanups from Artem, including deletion of some obsolete drivers 2013-05-09 10:15:46 -07:00
ssbi
staging zram: protect sysfs handler from invalid memory access 2013-08-11 18:35:24 -07:00
target iscsi-target: Fix iscsit_sequence_cmd reject handling for iser 2013-08-04 16:51:17 +08:00
tc
thermal drivers/thermal: don't check resource with devm_ioremap_resource 2013-05-18 11:57:30 +02:00
tty serial/mxs-auart: increase time to wait for transmitter to become idle 2013-08-11 18:35:21 -07:00
uio uio: UIO_DMEM_GENIRQ should depend on HAS_DMA 2013-05-21 10:13:23 -07:00
usb USB: mos7840: fix pointer casts 2013-08-11 18:35:21 -07:00
uwb uwb: rename random32() to prandom_u32() 2013-04-29 18:28:43 -07:00
vfio vfio: fix crash on rmmod 2013-06-05 08:54:16 -06:00
vhost vhost-net: fix use-after-free in vhost_net_flush 2013-07-28 16:29:57 -07:00
video atmel_lcdfb: blank the backlight on remove 2013-06-01 03:18:55 +08:00
virt
virtio virtio: support unlocked queue poll 2013-07-28 16:29:55 -07:00
vlynq
vme
w1 drivers/w1/masters: don't check resource with devm_ioremap_resource 2013-05-18 11:58:03 +02:00
watchdog drivers/watchdog: don't check resource with devm_ioremap_resource 2013-05-18 11:58:04 +02:00
xen xen/evtchn: avoid a deadlock when unbinding an event channel 2013-08-04 16:51:15 +08:00
zorro proc: Supply PDE attribute setting accessor functions 2013-05-01 17:29:18 -04:00
Kconfig ARM: arm-soc driver changes for 3.10 2013-05-04 12:31:18 -07:00
Makefile ARM: arm-soc driver changes for 3.10 2013-05-04 12:31:18 -07:00