IIRC Rodrigo's email does not work anymore...looping Mauro, he should be able to forward to appropriate folks at IBM. Cheers, Guilherme On Wed, May 20, 2020 at 3:33 AM Saurav Kashyap <skashyap@xxxxxxxxxxx> wrote: > > Hi Rodrigo, > Any updates on this? > > Thanks, > ~Saurav > > > -----Original Message----- > > From: Saurav Kashyap > > Sent: Monday, May 18, 2020 12:20 PM > > To: rosattig@xxxxxxxxxxxxxxxxxx > > Cc: linux-scsi@xxxxxxxxxxxxxxx; Arun Easi <aeasi@xxxxxxxxxxx>; Girish Basrur > > <gbasrur@xxxxxxxxxxx>; Nilesh Javali <njavali@xxxxxxxxxxx> > > Subject: Regarding - Patch - Fix crash on qla2x00_mailbox_command > > > > Hi Rodrigo, > > We are seen regression introduced by below patch for QLA 82XX HBAs. On > > unload, the disable interrupt, mailbox command (MBX 0x10) fails because of > > this patch and leaves the FW/HW in unstable state. The next load fails with > > initialization FW timing out. > > The only way out of this is to reboot the server. I and test team have tried to > > reproduce an original problem that is fixed by below patch but we don't have > > any luck. > > > > We would like to revert the below patch but would like to address original > > problem as well. Can you share more details about the NULL pointer > > dereference? Which data structure was NULL and what was the test case? > > > > ============================== > > git show 3cb182b3fa8b7a61f05c671525494697cba39c6a > > commit 3cb182b3fa8b7a61f05c671525494697cba39c6a > > Author: Rodrigo R. Galvao <rosattig@xxxxxxxxxxxxxxxxxx> > > Date: Mon May 28 14:58:44 2018 -0300 > > > > scsi: qla2xxx: Fix crash on qla2x00_mailbox_command > > > > This patch fixes a crash on qla2x00_mailbox_command caused when the > > driver > > is on UNLOADING state and tries to call qla2x00_poll, which triggers a > > NULL pointer dereference. > > > > Signed-off-by: Rodrigo R. Galvao <rosattig@xxxxxxxxxxxxxxxxxx> > > Signed-off-by: Mauro S. M. Rodrigues <maurosr@xxxxxxxxxxxxxxxxxx> > > Acked-by: Himanshu Madhani <himanshu.madhani@xxxxxxxxxx> > > Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx> > > > > diff --git a/drivers/scsi/qla2xxx/qla_mbx.c b/drivers/scsi/qla2xxx/qla_mbx.c > > index d8a36c1..7e875f5 100644 > > --- a/drivers/scsi/qla2xxx/qla_mbx.c > > +++ b/drivers/scsi/qla2xxx/qla_mbx.c > > @@ -292,6 +292,14 @@ static int is_rom_cmd(uint16_t cmd) > > if (time_after(jiffies, wait_time)) > > break; > > > > + /* > > + * Check if it's UNLOADING, cause we cannot poll in > > + * this case, or else a NULL pointer dereference > > + * is triggered. > > + */ > > + if (unlikely(test_bit(UNLOADING, &base_vha->dpc_flags))) > > + return QLA_FUNCTION_TIMEOUT; > > + > > /* Check for pending interrupts. */ > > qla2x00_poll(ha->rsp_q_map[0]); > > ==================== > > > > Thanks, > > ~Saurav
