davidlt/kernel-ark
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
49b53a93a6
kernel-ark/drivers/infiniband/core
History
Steve Wise b6bc1c731f IB/core: correctly handle rdma_rw_init_mrs() failure 
Function ib_create_qp() was failing to return an error when
rdma_rw_init_mrs() fails, causing a crash further down in ib_create_qp()
when trying to dereferece the qp pointer which was actually a negative
errno.

The crash:

crash> log|grep BUG
[  136.458121] BUG: unable to handle kernel NULL pointer dereference at 0000000000000098
crash> bt
PID: 3736   TASK: ffff8808543215c0  CPU: 2   COMMAND: "kworker/u64:2"
 #0 [ffff88084d323340] machine_kexec at ffffffff8105fbb0
 #1 [ffff88084d3233b0] __crash_kexec at ffffffff81116758
 #2 [ffff88084d323480] crash_kexec at ffffffff8111682d
 #3 [ffff88084d3234b0] oops_end at ffffffff81032bd6
 #4 [ffff88084d3234e0] no_context at ffffffff8106e431
 #5 [ffff88084d323530] __bad_area_nosemaphore at ffffffff8106e610
 #6 [ffff88084d323590] bad_area_nosemaphore at ffffffff8106e6f4
 #7 [ffff88084d3235a0] __do_page_fault at ffffffff8106ebdc
 #8 [ffff88084d323620] do_page_fault at ffffffff8106f057
 #9 [ffff88084d323660] page_fault at ffffffff816e3148
    [exception RIP: ib_create_qp+427]
    RIP: ffffffffa02554fb  RSP: ffff88084d323718  RFLAGS: 00010246
    RAX: 0000000000000004  RBX: fffffffffffffff4  RCX: 000000018020001f
    RDX: ffff880830997fc0  RSI: 0000000000000001  RDI: ffff88085f407200
    RBP: ffff88084d323778   R8: 0000000000000001   R9: ffffea0020bae210
    R10: ffffea0020bae218  R11: 0000000000000001  R12: ffff88084d3237c8
    R13: 00000000fffffff4  R14: ffff880859fa5000  R15: ffff88082eb89800
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
#10 [ffff88084d323780] rdma_create_qp at ffffffffa0782681 [rdma_cm]
#11 [ffff88084d3237b0] nvmet_rdma_create_queue_ib at ffffffffa07c43f3 [nvmet_rdma]
#12 [ffff88084d323860] nvmet_rdma_alloc_queue at ffffffffa07c5ba9 [nvmet_rdma]
#13 [ffff88084d323900] nvmet_rdma_queue_connect at ffffffffa07c5c96 [nvmet_rdma]
#14 [ffff88084d323980] nvmet_rdma_cm_handler at ffffffffa07c6450 [nvmet_rdma]
#15 [ffff88084d3239b0] iw_conn_req_handler at ffffffffa0787480 [rdma_cm]
#16 [ffff88084d323a60] cm_conn_req_handler at ffffffffa0775f06 [iw_cm]
#17 [ffff88084d323ab0] process_event at ffffffffa0776019 [iw_cm]
#18 [ffff88084d323af0] cm_work_handler at ffffffffa0776170 [iw_cm]
#19 [ffff88084d323cb0] process_one_work at ffffffff810a1483
#20 [ffff88084d323d90] worker_thread at ffffffff810a211d
#21 [ffff88084d323ec0] kthread at ffffffff810a6c5c
#22 [ffff88084d323f50] ret_from_fork at ffffffff816e1ebf

Fixes: 632bc3f650 ("IB/core, RDMA RW API: Do not exceed QP SGE send limit")
Signed-off-by: Steve Wise <swise@opengridcomputing.com>
Cc: stable@vger.kernel.org
Reviewed-by: Bart Van Assche <bart.vanassche@sandisk.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
2016-10-07 16:54:39 -04:00
..
addr.c IB/addr: Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:25 -04:00
agent.c IB: split struct ib_send_wr 2015-10-08 11:09:10 +01:00
agent.h
cache.c IB/core: Fix no default GIDs when netdevice reregisters 2016-06-23 10:03:57 -04:00
cm_msgs.h
cm.c IB/cm: Fix a recently introduced locking bug 2016-06-06 18:55:53 -04:00
cma_configfs.c configfs: switch ->default groups to a linked list 2016-03-06 16:11:24 +01:00
cma.c IB/cma: Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:24 -04:00
core_priv.h IB/core: Add IP to GID netlink offload 2016-05-24 14:44:04 -04:00
cq.c IB: add a proper completion queue abstraction 2015-12-11 14:10:43 -08:00
device.c IB/core: Add get FW version string to the core 2016-06-23 12:08:33 -04:00
fmr_pool.c IB/core: trivial prink cleanup. 2016-03-03 10:20:25 -05:00
iwcm.c IB/iwcm: Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:25 -04:00
iwcm.h iw_cm: free cm_id resources on the last deref 2016-08-02 13:15:18 -04:00
iwpm_msg.c RDMA/core: Fix indentation 2016-06-06 19:36:21 -04:00
iwpm_util.c Use smaller 512 byte messages for portmapper messages 2016-08-03 21:03:33 -04:00
iwpm_util.h iwpm: crash fix for large connections test 2016-03-16 13:48:32 -04:00
mad_priv.h IB/mad: use CQ abstraction 2016-01-19 15:25:45 -05:00
mad_rmpp.c
mad_rmpp.h
mad.c IB/mad: Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:23 -04:00
Makefile IB/SA: Integrate ib_sa module into ib_core module 2016-05-24 14:42:36 -04:00
mr_pool.c IB/core: add a simple MR pool 2016-05-13 13:37:18 -04:00
multicast.c IB/multicast: Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:23 -04:00
netlink.c IB/core: Add flow control to the portmapper netlink calls 2016-08-02 13:14:27 -04:00
opa_smi.h
packer.c IB/core: trivial prink cleanup. 2016-03-03 10:20:25 -05:00
roce_gid_mgmt.c IB/core: Move rdma_is_upper_dev_rcu to header file 2015-12-23 10:35:12 -05:00
rw.c IB/core, RDMA RW API: Do not exceed QP SGE send limit 2016-08-02 12:02:41 -04:00
sa_query.c IB/sa : Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:22 -04:00
sa.h
smi.c
smi.h
sysfs.c IB/{core,hw}: Add constant for node_desc 2016-10-07 16:54:34 -04:00
ucm.c IB/security: Restrict use of the write() interface 2016-04-28 12:03:16 -04:00
ucma.c IB/ucma: Remove deprecated create_singlethread_workqueue 2016-10-07 16:54:24 -04:00
ud_header.c IB/core: trivial prink cleanup. 2016-03-03 10:20:25 -05:00
umem_odp.c mm/gup: Introduce get_user_pages_remote() 2016-02-16 10:04:09 +01:00
umem_rbtree.c
umem.c dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
user_mad.c IB/mad: pass ib_mad_send_buf explicitly to the recv_handler 2016-01-19 15:25:36 -05:00
uverbs_cmd.c IB/core: Add more fields to IPv6 flow specification 2016-10-07 16:54:18 -04:00
uverbs_main.c Merge branches 'misc' and 'rxe' into k.o/for-4.8-1 2016-08-04 11:13:47 -04:00
uverbs_marshall.c IB/core: Add gid_type to gid attribute 2015-12-23 10:35:10 -05:00
uverbs.h Merge branches 'misc' and 'rxe' into k.o/for-4.8-1 2016-08-04 11:13:47 -04:00
verbs.c IB/core: correctly handle rdma_rw_init_mrs() failure 2016-10-07 16:54:39 -04:00