The error is due to dereference a null pointer in function
reset_one_sub_crq_queue():
if (!scrq) {
netdev_dbg(adapter->netdev,
"Invalid scrq reset. irq (%d) or msgs(%p).\n",
scrq->irq, scrq->msgs);
return -EINVAL;
}
If the expression is true, scrq must be a null pointer and cannot
dereference.
Signed-off-by: YANG LI <[email protected]>
Reported-by: Abaci <[email protected]>
---
drivers/net/ethernet/ibm/ibmvnic.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/ibm/ibmvnic.c b/drivers/net/ethernet/ibm/ibmvnic.c
index f302504..d7472be 100644
--- a/drivers/net/ethernet/ibm/ibmvnic.c
+++ b/drivers/net/ethernet/ibm/ibmvnic.c
@@ -2981,9 +2981,7 @@ static int reset_one_sub_crq_queue(struct ibmvnic_adapter *adapter,
int rc;
if (!scrq) {
- netdev_dbg(adapter->netdev,
- "Invalid scrq reset. irq (%d) or msgs (%p).\n",
- scrq->irq, scrq->msgs);
+ netdev_dbg(adapter->netdev, "Invalid scrq reset.\n");
return -EINVAL;
}
--
1.8.3.1
On Wed, Dec 30, 2020 at 03:23:14PM +0800, YANG LI wrote:
> The error is due to dereference a null pointer in function
> reset_one_sub_crq_queue():
>
> if (!scrq) {
> netdev_dbg(adapter->netdev,
> "Invalid scrq reset. irq (%d) or msgs(%p).\n",
> scrq->irq, scrq->msgs);
> return -EINVAL;
> }
>
> If the expression is true, scrq must be a null pointer and cannot
> dereference.
>
> Signed-off-by: YANG LI <[email protected]>
> Reported-by: Abaci <[email protected]>
Fixes: 9281cf2d5840 ("ibmvnic: avoid memset null scrq msgs")
> ---
> drivers/net/ethernet/ibm/ibmvnic.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/drivers/net/ethernet/ibm/ibmvnic.c b/drivers/net/ethernet/ibm/ibmvnic.c
> index f302504..d7472be 100644
> --- a/drivers/net/ethernet/ibm/ibmvnic.c
> +++ b/drivers/net/ethernet/ibm/ibmvnic.c
> @@ -2981,9 +2981,7 @@ static int reset_one_sub_crq_queue(struct ibmvnic_adapter *adapter,
> int rc;
>
> if (!scrq) {
> - netdev_dbg(adapter->netdev,
> - "Invalid scrq reset. irq (%d) or msgs (%p).\n",
> - scrq->irq, scrq->msgs);
> + netdev_dbg(adapter->netdev, "Invalid scrq reset.\n");
> return -EINVAL;
> }
>
> --
> 1.8.3.1
>
On Wed, Dec 30, 2020 at 1:25 AM YANG LI <[email protected]> wrote:
>
> The error is due to dereference a null pointer in function
> reset_one_sub_crq_queue():
>
> if (!scrq) {
> netdev_dbg(adapter->netdev,
> "Invalid scrq reset. irq (%d) or msgs(%p).\n",
> scrq->irq, scrq->msgs);
> return -EINVAL;
> }
>
> If the expression is true, scrq must be a null pointer and cannot
> dereference.
>
> Signed-off-by: YANG LI <[email protected]>
> Reported-by: Abaci <[email protected]>
> ---
Acked-by: Lijun Pan <[email protected]>
Hello:
This patch was applied to netdev/net.git (refs/heads/master):
On Wed, 30 Dec 2020 15:23:14 +0800 you wrote:
> The error is due to dereference a null pointer in function
> reset_one_sub_crq_queue():
>
> if (!scrq) {
> netdev_dbg(adapter->netdev,
> "Invalid scrq reset. irq (%d) or msgs(%p).\n",
> scrq->irq, scrq->msgs);
> return -EINVAL;
> }
>
> [...]
Here is the summary with links:
- ibmvnic: fix: NULL pointer dereference.
https://git.kernel.org/netdev/net/c/862aecbd9569
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html