Defer adding a session to the session list until that session has
been fully initialized. This patch fixes the following kernel oops:
kernel BUG at drivers/target/target_core_transport.c:1398!
RIP: 0010:[<ffffffffa04489c0>] [<ffffffffa04489c0>] target_submit_cmd_map_sgls+0x1b0/0x290 [target_core_mod]
Call Trace:
[<ffffffffa0448af9>] target_submit_cmd+0x59/0x60 [target_core_mod]
[<ffffffffa02d8782>] ft_send_work+0x132/0x2f0 [tcm_fc]
[<ffffffff8107ce82>] process_one_work+0x1e2/0x880
[<ffffffff8107d58b>] worker_thread+0x6b/0x4b0
[<ffffffff8108370a>] kthread+0x10a/0x120
[<ffffffff815001e2>] ret_from_fork+0x42/0x70
Signed-off-by: Bart Van Assche <bart.vanassche@xxxxxxxxxxx>
Cc: Vasu Dev <vasu.dev@xxxxxxxxx>
Cc: stable <stable@xxxxxxxxxxxxxxx>
---
drivers/target/tcm_fc/tfc_sess.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/target/tcm_fc/tfc_sess.c b/drivers/target/tcm_fc/tfc_sess.c
index 97220e5..df4d252 100644
--- a/drivers/target/tcm_fc/tfc_sess.c
+++ b/drivers/target/tcm_fc/tfc_sess.c
@@ -229,13 +229,15 @@ static struct ft_sess *ft_sess_create(struct ft_tport *tport, u32 port_id,
sess->tport = tport;
sess->port_id = port_id;
kref_init(&sess->kref); /* ref for table entry */
- hlist_add_head_rcu(&sess->hash, head);
tport->sess_count++;
pr_debug("port_id %x sess %p\n", port_id, sess);
transport_register_session(&tport->tpg->se_tpg, &acl->se_node_acl,
sess->se_sess, sess);
+
+ hlist_add_head_rcu(&sess->hash, head);
+
return sess;
}
--
2.1.4
--
To unsubscribe from this list: send the line "unsubscribe target-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
