Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1005531yba;
        Thu, 4 Apr 2019 02:14:07 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzrCGJ/WBz1h6oZdI68QPyu0SmjJ7czgttFCud4Xf8X+7hiRkrBTOMbJJH9rv8+8RTHPRE1
X-Received: by 2002:a63:6a45:: with SMTP id f66mr4507305pgc.7.1554369247629;
        Thu, 04 Apr 2019 02:14:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554369247; cv=none;
        d=google.com; s=arc-20160816;
        b=zqJSz2JOb17l4vUgUEoLaLEp2gU/DxaBeyWppZIIN4/dOoWimuJ+HtE8q+ll7Rvlgg
         Fi2P3eWpGUlvSayVRqnce8RQHsnZxz1OKViNGuVnT1JH2EQmWxQJsSgpVrwU34+0R+B3
         1yqsNFhAl6x9AQV4fPMd7i1di/z/iDuxIuJ+4OdDObYO+VYwr+o9H81yfZUgY6zepzlZ
         X1apRzMgK7Dv1hkfajcrCjCS9kG8gsnJROlXI3MWJGPvyRdnjXsZEaimHrDf2AYKD5Bv
         tvg2eci6UbfXQ1EzlLm/eiYjq0HgKIOaqGmRIN7kHqsADgSbjUSc55WcIEWIRQGn3OHe
         wWhA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=uRMxXTbVc6v9z6xqv18/Mh6Bxt2yB1AO6r3cPazLyPM=;
        b=DJvTxKupd7BVIJmMyZSa89zIWuoKJCpYqLF/xEdby0L93dMkguRcGNm83ymZ3Q1+9j
         T5XP041Rxl77BeMnE+IrVVJjamuREOiXz3QcA1a6fY26CBhhQz5McZG+fHAXG1IBUBbt
         oScnX6bmDZ8qPOipSg5kXQDM9Bnof9skOP1LPPHyCgcPFnr6KWMkCMzzqlkhsUPR1vA7
         nJc+ZAP9LsKC0PD7pmniGfg5GryZiGZxAYNv6ZGXP3D2qukGivueJtVt1ErypD1Wr91R
         /yMmgtsy7DRygdNzV8Pd4A68ZVCLlOBP/Kh/lPtHt2OdOsz1ARdP0cAKg1OBF++6VDVa
         ykPw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=PR6XxLPE;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e2si15308209plt.197.2019.04.04.02.13.52;
        Thu, 04 Apr 2019 02:14:07 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=PR6XxLPE;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1733261AbfDDJMF (ORCPT <rfc822;xqjcool@gmail.com> + 99 others);
        Thu, 4 Apr 2019 05:12:05 -0400
Received: from mail.kernel.org ([198.145.29.99]:52002 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1733250AbfDDJMD (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 4 Apr 2019 05:12:03 -0400
Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 93B6D20652;
        Thu,  4 Apr 2019 09:12:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1554369122;
        bh=LYH/JWbp2av3eafoAMyzfRiH6n3AJG0UeT2wSz+gzAU=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=PR6XxLPEurpXp5cXmmjTatSwelRGlolbVSZ2zOkx+1jV2I/seQhiZSYBSFUOgrMhs
         Rg20oDLgmRoQnKzFODVQAiDj4HwEEeZYzAHBxSCqu1oeX8IKCfOAoR4BYdgzSBmr4E
         Kf9jjHEn90sndIjUDYccnwjXqxP2Lo/RcwxKMELw=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Jason Yan <yanaijie@huawei.com>,
        Sumit Saxena <sumit.saxena@broadcom.com>,
        "Martin K. Petersen" <martin.petersen@oracle.com>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.0 105/246] scsi: megaraid_sas: return error when create DMA pool failed
Date:   Thu,  4 Apr 2019 10:46:45 +0200
Message-Id: <20190404084622.824093575@linuxfoundation.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190404084619.236418459@linuxfoundation.org>
References: <20190404084619.236418459@linuxfoundation.org>
User-Agent: quilt/0.65
X-stable: review
X-Patchwork-Hint: ignore
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

5.0-stable review patch.  If anyone has any objections, please let me know.

------------------

[ Upstream commit bcf3b67d16a4c8ffae0aa79de5853435e683945c ]

when create DMA pool for cmd frames failed, we should return -ENOMEM,
instead of 0.
In some case in:

    megasas_init_adapter_fusion()

    -->megasas_alloc_cmds()
       -->megasas_create_frame_pool
          create DMA pool failed,
        --> megasas_free_cmds() [1]

    -->megasas_alloc_cmds_fusion()
       failed, then goto fail_alloc_cmds.
    -->megasas_free_cmds() [2]

we will call megasas_free_cmds twice, [1] will kfree cmd_list,
[2] will use cmd_list.it will cause a problem:

Unable to handle kernel NULL pointer dereference at virtual address
00000000
pgd = ffffffc000f70000
[00000000] *pgd=0000001fbf893003, *pud=0000001fbf893003,
*pmd=0000001fbf894003, *pte=006000006d000707
Internal error: Oops: 96000005 [#1] SMP
 Modules linked in:
 CPU: 18 PID: 1 Comm: swapper/0 Not tainted
 task: ffffffdfb9290000 ti: ffffffdfb923c000 task.ti: ffffffdfb923c000
 PC is at megasas_free_cmds+0x30/0x70
 LR is at megasas_free_cmds+0x24/0x70
 ...
 Call trace:
 [<ffffffc0005b779c>] megasas_free_cmds+0x30/0x70
 [<ffffffc0005bca74>] megasas_init_adapter_fusion+0x2f4/0x4d8
 [<ffffffc0005b926c>] megasas_init_fw+0x2dc/0x760
 [<ffffffc0005b9ab0>] megasas_probe_one+0x3c0/0xcd8
 [<ffffffc0004a5abc>] local_pci_probe+0x4c/0xb4
 [<ffffffc0004a5c40>] pci_device_probe+0x11c/0x14c
 [<ffffffc00053a5e4>] driver_probe_device+0x1ec/0x430
 [<ffffffc00053a92c>] __driver_attach+0xa8/0xb0
 [<ffffffc000538178>] bus_for_each_dev+0x74/0xc8
  [<ffffffc000539e88>] driver_attach+0x28/0x34
 [<ffffffc000539a18>] bus_add_driver+0x16c/0x248
 [<ffffffc00053b234>] driver_register+0x6c/0x138
 [<ffffffc0004a5350>] __pci_register_driver+0x5c/0x6c
 [<ffffffc000ce3868>] megasas_init+0xc0/0x1a8
 [<ffffffc000082a58>] do_one_initcall+0xe8/0x1ec
 [<ffffffc000ca7be8>] kernel_init_freeable+0x1c8/0x284
 [<ffffffc0008d90b8>] kernel_init+0x1c/0xe4

Signed-off-by: Jason Yan <yanaijie@huawei.com>
Acked-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/scsi/megaraid/megaraid_sas_base.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c
index fcbff83c0097..c9811d1aa007 100644
--- a/drivers/scsi/megaraid/megaraid_sas_base.c
+++ b/drivers/scsi/megaraid/megaraid_sas_base.c
@@ -4188,6 +4188,7 @@ int megasas_alloc_cmds(struct megasas_instance *instance)
 	if (megasas_create_frame_pool(instance)) {
 		dev_printk(KERN_DEBUG, &instance->pdev->dev, "Error creating frame DMA pool\n");
 		megasas_free_cmds(instance);
+		return -ENOMEM;
 	}
 
 	return 0;
-- 
2.19.1