On 10/18/2019 9:21 AM, Daniel Wagner wrote:
The queue pointer might not be valid. The rest of the code checks the
pointer before accessing it. lpfc_sli4_process_missed_mbox_completions
is the only place where the check is missing.
Fixes: 657add4e5e15 ("scsi: lpfc: Fix poor use of hardware queues if fewer irq vectors")
Cc: James Smart <jsmart2021@xxxxxxxxx>
Signed-off-by: Daniel Wagner <dwagner@xxxxxxx>
---
Hi,
Not entirely sure if this correct. I tried to understand the logic of
the mentioned patch but failed to grasps all the details. Anyway, we
observe a crash in lpfc_sli4_process_missed_mbox_completions() while
iterating the array. All but the last one entry has a valid pointer.
Thanks,
Daniel
drivers/scsi/lpfc/lpfc_sli.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/lpfc/lpfc_sli.c b/drivers/scsi/lpfc/lpfc_sli.c
index 379c37451645..149966ba8a17 100644
--- a/drivers/scsi/lpfc/lpfc_sli.c
+++ b/drivers/scsi/lpfc/lpfc_sli.c
@@ -7906,7 +7906,7 @@ lpfc_sli4_process_missed_mbox_completions(struct lpfc_hba *phba)
if (sli4_hba->hdwq) {
for (eqidx = 0; eqidx < phba->cfg_irq_chann; eqidx++) {
eq = phba->sli4_hba.hba_eq_hdl[eqidx].eq;
- if (eq->queue_id == sli4_hba->mbx_cq->assoc_qid) {
+ if (eq && eq->queue_id == sli4_hba->mbx_cq->assoc_qid) {
fpeq = eq;
break;
}
looks fine. Thanks!
Reviewed by: James Smart <james.smart@xxxxxxxxxxxx>
-- james
