[PATCH 4.9 32/72] scsi: scsi_dh_alua: Check scsi_device_get() return value

From: Greg Kroah-Hartman
Date: Thu Apr 06 2017 - 05:24:45 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.9 14/72] xfs: mark speculative prealloc CoW fork extents unwritten"
Previous message: Greg Kroah-Hartman: "[PATCH 4.9 33/72] scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function"
In reply to: Greg Kroah-Hartman: "[PATCH 4.9 33/72] scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.9 14/72] xfs: mark speculative prealloc CoW fork extents unwritten"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

4.9-stable review patch. If anyone has any objections, please let me know.

------------------

From: Bart Van Assche <bart.vanassche@xxxxxxxxxxx>

commit 625fe857e4fac6518716f3c0ff5e5deb8ec6d238 upstream.

Do not queue ALUA work nor call scsi_device_put() if the
scsi_device_get() call fails. This patch fixes the following crash:

general protection fault: 0000 [#1] SMP
RIP: 0010:scsi_device_put+0xb/0x30
Call Trace:
scsi_disk_put+0x2d/0x40
sd_release+0x3d/0xb0
__blkdev_put+0x29e/0x360
blkdev_put+0x49/0x170
dm_put_table_device+0x58/0xc0 [dm_mod]
dm_put_device+0x70/0xc0 [dm_mod]
free_priority_group+0x92/0xc0 [dm_multipath]
free_multipath+0x70/0xc0 [dm_multipath]
multipath_dtr+0x19/0x20 [dm_multipath]
dm_table_destroy+0x67/0x120 [dm_mod]
dev_suspend+0xde/0x240 [dm_mod]
ctl_ioctl+0x1f5/0x520 [dm_mod]
dm_ctl_ioctl+0xe/0x20 [dm_mod]
do_vfs_ioctl+0x8f/0x700
SyS_ioctl+0x3c/0x70
entry_SYSCALL_64_fastpath+0x18/0xad

Fixes: commit 03197b61c5ec ("scsi_dh_alua: Use workqueue for RTPG")
Signed-off-by: Bart Van Assche <bart.vanassche@xxxxxxxxxxx>
Cc: Hannes Reinecke <hare@xxxxxxx>
Cc: Tang Junhui <tang.junhui@xxxxxxxxxx>
Reviewed-by: Hannes Reinecke <hare@xxxxxxx>
Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
drivers/scsi/device_handler/scsi_dh_alua.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)

--- a/drivers/scsi/device_handler/scsi_dh_alua.c
+++ b/drivers/scsi/device_handler/scsi_dh_alua.c
@@ -870,7 +870,7 @@ static void alua_rtpg_queue(struct alua_
unsigned long flags;
struct workqueue_struct *alua_wq = kaluad_wq;

- if (!pg)
+ if (!pg || scsi_device_get(sdev))
return;

spin_lock_irqsave(&pg->lock, flags);
@@ -884,14 +884,12 @@ static void alua_rtpg_queue(struct alua_
pg->flags |= ALUA_PG_RUN_RTPG;
kref_get(&pg->kref);
pg->rtpg_sdev = sdev;
- scsi_device_get(sdev);
start_queue = 1;
} else if (!(pg->flags & ALUA_PG_RUN_RTPG) && force) {
pg->flags |= ALUA_PG_RUN_RTPG;
/* Do not queue if the worker is already running */
if (!(pg->flags & ALUA_PG_RUNNING)) {
kref_get(&pg->kref);
- sdev = NULL;
start_queue = 1;
}
}
@@ -900,13 +898,15 @@ static void alua_rtpg_queue(struct alua_
alua_wq = kaluad_sync_wq;
spin_unlock_irqrestore(&pg->lock, flags);

- if (start_queue &&
- !queue_delayed_work(alua_wq, &pg->rtpg_work,
- msecs_to_jiffies(ALUA_RTPG_DELAY_MSECS))) {
- if (sdev)
- scsi_device_put(sdev);
- kref_put(&pg->kref, release_port_group);
+ if (start_queue) {
+ if (queue_delayed_work(alua_wq, &pg->rtpg_work,
+ msecs_to_jiffies(ALUA_RTPG_DELAY_MSECS)))
+ sdev = NULL;
+ else
+ kref_put(&pg->kref, release_port_group);
}
+ if (sdev)
+ scsi_device_put(sdev);
}

/*

Next message: Greg Kroah-Hartman: "[PATCH 4.9 14/72] xfs: mark speculative prealloc CoW fork extents unwritten"
Previous message: Greg Kroah-Hartman: "[PATCH 4.9 33/72] scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function"
In reply to: Greg Kroah-Hartman: "[PATCH 4.9 33/72] scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.9 14/72] xfs: mark speculative prealloc CoW fork extents unwritten"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]