[PATCH 4.4 073/268] scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
From: Greg Kroah-Hartman
Date: Mon May 28 2018 - 06:17:31 EST
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Chad Dupuis <chad.dupuis@xxxxxxxxxx>
[ Upstream commit ecf7ff49945f5741fa1da112f994939f942031d3 ]
When a request times out we set the io_req flag BNX2FC_FLAG_IO_COMPL so
that if a subsequent completion comes in on that task ID we will ignore
it. The issue is that in the check for this flag there is a missing
return so we will continue to process a request which may have already
been returned to the ownership of the SCSI layer. This can cause
unpredictable results.
Solution is to add in the missing return.
[mkp: typo plus title shortening]
Signed-off-by: Chad Dupuis <chad.dupuis@xxxxxxxxxx>
Reviewed-by: Laurence Oberman <loberman@xxxxxxxxxx>
Tested-by: Laurence Oberman <loberman@xxxxxxxxxx>
Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/scsi/bnx2fc/bnx2fc_io.c | 1 +
1 file changed, 1 insertion(+)
--- a/drivers/scsi/bnx2fc/bnx2fc_io.c
+++ b/drivers/scsi/bnx2fc/bnx2fc_io.c
@@ -1858,6 +1858,7 @@ void bnx2fc_process_scsi_cmd_compl(struc
/* we will not receive ABTS response for this IO */
BNX2FC_IO_DBG(io_req, "Timer context finished processing "
"this scsi cmd\n");
+ return;
}
/* Cancel the timeout_work, as we received IO completion */