OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/drivers
History
Damien Le Moal 0eced76360 scsi: mpt3sas: Fix unlock imbalance 
[ Upstream commit cb551b8dc0 ]

In BRM_status_show(), if the condition "!ioc->is_warpdrive" tested on entry
to the function is true, a "goto out" is called. This results in unlocking
ioc->pci_access_mutex without this mutex lock being taken.  This generates
the following splat:

[ 1148.539883] mpt3sas_cm2: BRM_status_show: BRM attribute is only for warpdrive
[ 1148.547184]
[ 1148.548708] =====================================
[ 1148.553501] WARNING: bad unlock balance detected!
[ 1148.558277] 5.8.0-rc3+ #827 Not tainted
[ 1148.562183] -------------------------------------
[ 1148.566959] cat/5008 is trying to release lock (&ioc->pci_access_mutex) at:
[ 1148.574035] [<ffffffffc070b7a3>] BRM_status_show+0xd3/0x100 [mpt3sas]
[ 1148.580574] but there are no more locks to release!
[ 1148.585524]
[ 1148.585524] other info that might help us debug this:
[ 1148.599624] 3 locks held by cat/5008:
[ 1148.607085]  #0: ffff92aea3e392c0 (&p->lock){+.+.}-{3:3}, at: seq_read+0x34/0x480
[ 1148.618509]  #1: ffff922ef14c4888 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x2a/0xb0
[ 1148.630729]  #2: ffff92aedb5d7310 (kn->active#224){.+.+}-{0:0}, at: kernfs_seq_start+0x32/0xb0
[ 1148.643347]
[ 1148.643347] stack backtrace:
[ 1148.655259] CPU: 73 PID: 5008 Comm: cat Not tainted 5.8.0-rc3+ #827
[ 1148.665309] Hardware name: HGST H4060-S/S2600STB, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019
[ 1148.678394] Call Trace:
[ 1148.684750]  dump_stack+0x78/0xa0
[ 1148.691802]  lock_release.cold+0x45/0x4a
[ 1148.699451]  __mutex_unlock_slowpath+0x35/0x270
[ 1148.707675]  BRM_status_show+0xd3/0x100 [mpt3sas]
[ 1148.716092]  dev_attr_show+0x19/0x40
[ 1148.723664]  sysfs_kf_seq_show+0x87/0x100
[ 1148.731193]  seq_read+0xbc/0x480
[ 1148.737882]  vfs_read+0xa0/0x160
[ 1148.744514]  ksys_read+0x58/0xd0
[ 1148.751129]  do_syscall_64+0x4c/0xa0
[ 1148.757941]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1148.766240] RIP: 0033:0x7f1230566542
[ 1148.772957] Code: Bad RIP value.
[ 1148.779206] RSP: 002b:00007ffeac1bcac8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1148.790063] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f1230566542
[ 1148.800284] RDX: 0000000000020000 RSI: 00007f1223460000 RDI: 0000000000000003
[ 1148.810474] RBP: 00007f1223460000 R08: 00007f122345f010 R09: 0000000000000000
[ 1148.820641] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000000
[ 1148.830728] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000

Fix this by returning immediately instead of jumping to the out label.

Link: https://lore.kernel.org/r/20200701085254.51740-1-damien.lemoal@wdc.com
Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
Acked-by: Sreekanth Reddy <sreekanth.reddy@broadcom.com>
Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-07-29 10:18:27 +02:00
..
accessibility
acpi ACPI: video: Use native backlight on Acer TravelMate 5735Z 2020-07-22 09:33:00 +02:00
amba ARM updates for 5.4-rc: 2019-10-23 06:26:33 -04:00
android binder: fix null deref of proc->context 2020-06-30 15:36:48 -04:00
ata ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function 2020-06-30 15:37:03 -04:00
atm fore200e: Fix incorrect checks of NULL pointer dereference 2020-02-24 08:36:36 +01:00
auxdisplay
base regmap: debugfs: Don't sleep while atomic for fast_io regmaps 2020-07-22 09:33:04 +02:00
bcma
block Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" 2020-07-22 09:33:12 +02:00
bluetooth Bluetooth: hci_bcm: fix freeing not-requested IRQ 2020-06-22 09:31:18 +02:00
bus bus: ti-sysc: Do not disable on suspend for no-idle 2020-07-22 09:33:01 +02:00
cdrom cdrom: respect device capabilities during opening action 2020-01-04 19:18:25 +01:00
char virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial 2020-07-22 09:33:11 +02:00
clk clk: qcom: gcc: Add missing UFS clocks for SM8150 2020-07-22 09:33:07 +02:00
clocksource arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040 2020-07-22 09:32:51 +02:00
connector
counter counter: 104-quad-8: Add lock guards - generic interface 2020-05-02 08:48:44 +02:00
cpufreq cpufreq: Fix up cpufreq_boost_set_sw() 2020-06-17 16:40:33 +02:00
cpuidle cpuidle: Fix three reference count leaks 2020-06-22 09:31:10 +02:00
crypto crypto: atmel - Fix build error of CRYPTO_AUTHENC 2020-07-22 09:32:46 +02:00
dax device-dax: don't leak kernel memory to user space after unloading kmem 2020-05-27 17:46:48 +02:00
dca
devfreq PM / devfreq: Add missing locking while setting suspend_freq 2020-05-10 10:31:34 +02:00
dio
dma dmaengine: fsl-edma-common: correct DSIZE_32BYTE 2020-07-22 09:33:15 +02:00
dma-buf dma-buf: Move dma_buf_release() from fops to dentry_ops 2020-07-09 09:37:56 +02:00
edac EDAC/amd64: Read back the scrub rate PCI register on F15h 2020-07-09 09:37:49 +02:00
eisa
extcon extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' 2020-06-24 17:50:36 +02:00
firewire net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:20:06 +01:00
firmware efi: Make it possible to disable efivar_ssdt entirely 2020-07-09 09:37:57 +02:00
fpga fpga: dfl: afu: Corrected error handling levels 2020-06-24 17:50:29 +02:00
fsi fsi: core: Fix small accesses and unaligned offsets via sysfs 2019-12-31 16:45:09 +01:00
gnss gnss: sirf: fix error return code in sirf_probe() 2020-06-22 09:31:20 +02:00
gpio gpio: arizona: put pm_runtime in case of failure 2020-07-29 10:18:26 +02:00
gpu drm/i915/gvt: Fix two CFL MMIO handling caused by regression. 2020-07-22 09:33:18 +02:00
greybus
hid HID: quirks: Ignore Simply Automated UPB PIM 2020-07-22 09:33:08 +02:00
hsi
hv Drivers: hv: vmbus: Always handle the VMBus messages on CPU0 2020-06-22 09:31:00 +02:00
hwmon hwmon: (emc2103) fix unable to change fan pwm1_enable attribute 2020-07-22 09:33:14 +02:00
hwspinlock
hwtracing intel_th: Fix a NULL dereference when hub driver is not loaded 2020-07-22 09:33:15 +02:00
i2c i2c: eg20t: Load module automatically if ID matches 2020-07-22 09:32:53 +02:00
i3c
ide ide: serverworks: potential overflow in svwks_set_pio_mode() 2020-02-24 08:36:53 +01:00
idle
iio iio: adc: ad7780: Fix a resource handling path in 'ad7780_probe()' 2020-07-22 09:33:02 +02:00
infiniband RDMA/mlx5: Verify that QP is created with RQ or SQ 2020-07-22 09:33:06 +02:00
input Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list 2020-07-22 09:33:13 +02:00
interconnect interconnect: qcom: qcs404: Walk the list safely on node removal 2019-12-17 19:55:39 +01:00
iommu iommu/vt-d: Make Intel SVM code 64-bit only 2020-07-22 09:33:18 +02:00
ipack ipack: tpci200: fix error return code in tpci200_register() 2020-05-27 17:46:47 +02:00
irqchip irqchip/gic: Atomically update affinity 2020-07-09 09:37:56 +02:00
isdn net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
leds leds: core: Fix warning message when init_data 2020-04-23 10:36:37 +02:00
lightnvm
macintosh drivers/macintosh: Fix memleak in windfarm_pm112 driver 2020-06-22 09:31:22 +02:00
mailbox mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in zynqmp_ipi_mbox_probe() 2020-06-24 17:50:36 +02:00
mcb
md dm writecache: reject asynchronous pmem devices 2020-07-16 08:16:47 +02:00
media media: ov5640: fix use of destroyed mutex 2020-06-22 09:31:19 +02:00
memory memory: mtk-smi: Add PM suspend and resume ops 2020-01-17 19:48:59 +01:00
memstick
message scsi: mptscsih: Fix read sense data size 2020-07-16 08:16:36 +02:00
mfd mfd: stmfx: Disable IRQ in suspend to avoid spurious interrupt 2020-06-24 17:50:33 +02:00
misc misc: atmel-ssc: lock with mutex instead of spinlock 2020-07-22 09:33:15 +02:00
mmc mmc: sdhci: do not enable card detect interrupt for gpio cd type 2020-07-22 09:32:59 +02:00
mtd mtd: rawnand: oxnas: Release all devices in the _remove() path 2020-07-22 09:33:07 +02:00
mux
net ionic: export features for vlans to use 2020-07-22 09:33:18 +02:00
nfc NFC: st21nfca: add missed kfree_skb() in an error path 2020-06-10 20:24:54 +02:00
ntb NTB: perf: Fix race condition when run with ntb_test 2020-06-24 17:50:41 +02:00
nubus
nvdimm libnvdimm: Out of bounds read in __nd_ioctl() 2020-04-23 10:36:42 +02:00
nvme nvme-rdma: assign completion vector correctly 2020-07-16 08:16:36 +02:00
nvmem nvmem: qfprom: remove incorrect write support 2020-06-10 20:24:57 +02:00
of of: of_mdio: Correct loop scanning logic 2020-07-22 09:32:55 +02:00
opp opp: Free static OPPs on errors while adding them 2020-02-24 08:36:34 +01:00
oprofile
parisc
parport parport: load lowlevel driver if ports not found 2019-12-31 16:45:25 +01:00
pci PCI/PM: Call .bridge_d3() hook only if non-NULL 2020-07-22 09:33:05 +02:00
pcmcia
perf drivers/perf: hisi: Fix wrong value for all counters enable 2020-06-24 17:50:41 +02:00
phy phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked 2020-07-22 09:33:01 +02:00
pinctrl pinctrl: amd: fix npins for uart0 in kerncz_groups 2020-07-29 10:18:26 +02:00
platform platform/x86: asus_wmi: Reserve more space for struct bias_args 2020-06-22 09:31:11 +02:00
pnp
power power: supply: smb347-charger: IRQSTAT_D is volatile 2020-06-24 17:50:25 +02:00
powercap powercap: intel_rapl: add NULL pointer check to rapl_mmio_cpu_online() 2020-01-14 20:08:18 +01:00
pps
ps3
ptp ptp: free ptp device pin descriptors properly 2020-01-23 08:22:51 +01:00
pwm pwm: jz4740: Fix build failure 2020-07-16 08:16:48 +02:00
rapidio rapidio: fix an error in get_user_pages_fast() error handling 2020-05-27 17:46:48 +02:00
ras
regulator regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 2020-06-30 15:36:54 -04:00
remoteproc remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use 2020-06-24 17:50:13 +02:00
reset reset: uniphier: Add SCSSI reset control for each channel 2020-02-24 08:36:41 +01:00
rpmsg rpmsg: char: release allocated memory 2020-01-14 20:08:37 +01:00
rtc rtc: rv3028: Add missed check for devm_regmap_init_i2c() 2020-06-24 17:50:36 +02:00
s390 s390/qeth: fix error handling for isolation mode cmds 2020-06-30 15:36:57 -04:00
sbus
scsi scsi: mpt3sas: Fix unlock imbalance 2020-07-29 10:18:27 +02:00
sfi
sh
siox
slimbus slimbus: core: Fix mismatch in of_node_get/put 2020-07-22 09:33:08 +02:00
soc soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner 2020-07-29 10:18:25 +02:00
soundwire soundwire: intel: fix memory leak with devm_kasprintf 2020-07-22 09:33:00 +02:00
spi spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH 2020-07-22 09:33:18 +02:00
spmi spmi: pmic-arb: Set lockdep class for hierarchical irq domains 2020-02-19 19:53:07 +01:00
ssb
staging staging: comedi: verify array index is correct before using it 2020-07-22 09:33:02 +02:00
target scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() 2020-06-24 17:50:34 +02:00
tc
tee tee: optee: Fix compilation issue with nommu 2020-02-05 21:22:49 +00:00
thermal thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power 2020-07-22 09:33:16 +02:00
thunderbolt thunderbolt: Prevent crash if non-active NVMem file is read 2020-02-28 17:22:13 +01:00
tty serial: mxs-auart: add missed iounmap() in probe failure and remove 2020-07-22 09:33:11 +02:00
uio uio_pdrv_genirq: fix use without device tree and no interrupt 2020-07-22 09:33:13 +02:00
usb USB: serial: option: add Quectel EG95 LTE modem 2020-07-22 09:33:11 +02:00
vfio vfio/mdev: Fix reference count leak in add_mdev_supported_type 2020-06-24 17:50:36 +02:00
vhost scsi: vhost: Notify TCM about the maximum sg entries supported per command 2020-06-24 17:50:17 +02:00
video backlight: lp855x: Ensure regulators are disabled on probe failure 2020-06-24 17:50:09 +02:00
virt virt: vbox: Fix guest capabilities mask check 2020-07-22 09:33:11 +02:00
virtio virtio_ring: Fix mem leak with vring_new_virtqueue() 2020-03-18 07:17:55 +01:00
visorbus visorbus: fix uninitialized variable access 2020-02-24 08:36:47 +01:00
vlynq
vme vme: bridges: reduce stack usage 2020-02-24 08:36:48 +01:00
w1 w1: omap-hdq: cleanup to add missing newline for some dev_dbg 2020-06-22 09:31:26 +02:00
watchdog watchdog: da9062: No need to ping manually before setting timeout 2020-06-24 17:50:32 +02:00
xen xen/pvcalls-back: test for errors when calling backend_connect() 2020-06-17 16:40:38 +02:00
zorro
Kconfig
Makefile