Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1024450yba;
        Thu, 4 Apr 2019 02:40:52 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxJEXrN3aJT1+JWNoS67iaScNJZHuELpAo9Gw+1JZS559o/oJcM1zsUq0f+j/93VqZYd5ee
X-Received: by 2002:aa7:8b08:: with SMTP id f8mr4747619pfd.146.1554370852841;
        Thu, 04 Apr 2019 02:40:52 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554370852; cv=none;
        d=google.com; s=arc-20160816;
        b=GTeM33DQiLEjn2AH0J1jVqSXqbeEx+dXbv7+9myjvEq+aUlLzJV9NZKuFQMN0L9uQY
         9LWJ1ek/+ouFXfIAWtIwTfJlNJzQM5asdaBSZNxMvzBM2RYkDb65zSq1C9n2ncnyTLWJ
         0o5ZVXp+bKvtGicRDVe9pof8U8CVlk7hSP/nmvL3QvGPz++0w8jrsSF/4kZ7aIIW3ETi
         V2PwxeDxmt8f+3ml6J0vDIPOpRsNfYqI3ERV6GvQ0BNty5JgKTcEMBpruRcCt3MsAG7u
         D5+flzG7SrInVLKd+NbCm3gCKVYf79WOHvIXqTb4Q4Fjp/b6Mb9COW9K24fwQVENw/Gk
         N2aw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=Qn6ON75i0zaXnRJis6Zdf/ZjhUhqtDAsl6O62PMDjOY=;
        b=uOUKidp7rMQFPBbxPicdMIHHfQrjUXq0dNzKow+XB0ZxJjzV+4jNIUx0ZZim5jbwPX
         CLjQsM2OzcjjlDEPzaMmsInQ6Jwx6dABXZb7vrZ4TQt7XFGV0+HnwJFihPrs+exoA6Wf
         VKfHkExR5BrKSXGrBBlEmhT4ZfW5ULJVtesXVvVwgq2M8Vg5z7scB+7xdx4hh1apUG8Q
         gBfNRIHwOH4RWDmjj2WVZm7l5Nyuk77uOlMs0RqovEBJvr9x4D/RvYT7+Q2HoKiwVbpb
         yemowdUSG8mhxkZ8rmnupC1QLuIZYMfKpczWn+f2vLB2FFdBkltpdSithK+w8CNwUB3l
         X93Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=kMv9TY00;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b10si3273089plb.401.2019.04.04.02.40.37;
        Thu, 04 Apr 2019 02:40:52 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=kMv9TY00;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731468AbfDDJDI (ORCPT <rfc822;xqjcool@gmail.com> + 99 others);
        Thu, 4 Apr 2019 05:03:08 -0400
Received: from mail.kernel.org ([198.145.29.99]:40690 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1731707AbfDDJDF (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 4 Apr 2019 05:03:05 -0400
Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id E02FD2177E;
        Thu,  4 Apr 2019 09:03:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1554368584;
        bh=WlwNroLe3VmHv5MTW3DstOq2YLZml95MzoBl5zpQTSk=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=kMv9TY00zJRYB9Fg23O3e6+Wj7goB7Q3B+0YGEb8JgheQSDk0GTfjpy1ILzQ+ToN5
         PIasp2vAoDwJIoPg/mjoD/zh2ieWkSd4i5BDHFHCsxtX/BkBV6RVbx+P+rIOgnIkvJ
         /jf3VgYQzrAt1E/lyDV69iAIxFyyxiRtnIe3H4Qg=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Jason Yan <yanaijie@huawei.com>,
        Sumit Saxena <sumit.saxena@broadcom.com>,
        "Martin K. Petersen" <martin.petersen@oracle.com>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.19 077/187] scsi: megaraid_sas: return error when create DMA pool failed
Date:   Thu,  4 Apr 2019 10:46:54 +0200
Message-Id: <20190404084606.665684421@linuxfoundation.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190404084603.119654039@linuxfoundation.org>
References: <20190404084603.119654039@linuxfoundation.org>
User-Agent: quilt/0.65
X-stable: review
X-Patchwork-Hint: ignore
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

4.19-stable review patch.  If anyone has any objections, please let me know.

------------------

[ Upstream commit bcf3b67d16a4c8ffae0aa79de5853435e683945c ]

when create DMA pool for cmd frames failed, we should return -ENOMEM,
instead of 0.
In some case in:

    megasas_init_adapter_fusion()

    -->megasas_alloc_cmds()
       -->megasas_create_frame_pool
          create DMA pool failed,
        --> megasas_free_cmds() [1]

    -->megasas_alloc_cmds_fusion()
       failed, then goto fail_alloc_cmds.
    -->megasas_free_cmds() [2]

we will call megasas_free_cmds twice, [1] will kfree cmd_list,
[2] will use cmd_list.it will cause a problem:

Unable to handle kernel NULL pointer dereference at virtual address
00000000
pgd = ffffffc000f70000
[00000000] *pgd=0000001fbf893003, *pud=0000001fbf893003,
*pmd=0000001fbf894003, *pte=006000006d000707
Internal error: Oops: 96000005 [#1] SMP
 Modules linked in:
 CPU: 18 PID: 1 Comm: swapper/0 Not tainted
 task: ffffffdfb9290000 ti: ffffffdfb923c000 task.ti: ffffffdfb923c000
 PC is at megasas_free_cmds+0x30/0x70
 LR is at megasas_free_cmds+0x24/0x70
 ...
 Call trace:
 [<ffffffc0005b779c>] megasas_free_cmds+0x30/0x70
 [<ffffffc0005bca74>] megasas_init_adapter_fusion+0x2f4/0x4d8
 [<ffffffc0005b926c>] megasas_init_fw+0x2dc/0x760
 [<ffffffc0005b9ab0>] megasas_probe_one+0x3c0/0xcd8
 [<ffffffc0004a5abc>] local_pci_probe+0x4c/0xb4
 [<ffffffc0004a5c40>] pci_device_probe+0x11c/0x14c
 [<ffffffc00053a5e4>] driver_probe_device+0x1ec/0x430
 [<ffffffc00053a92c>] __driver_attach+0xa8/0xb0
 [<ffffffc000538178>] bus_for_each_dev+0x74/0xc8
  [<ffffffc000539e88>] driver_attach+0x28/0x34
 [<ffffffc000539a18>] bus_add_driver+0x16c/0x248
 [<ffffffc00053b234>] driver_register+0x6c/0x138
 [<ffffffc0004a5350>] __pci_register_driver+0x5c/0x6c
 [<ffffffc000ce3868>] megasas_init+0xc0/0x1a8
 [<ffffffc000082a58>] do_one_initcall+0xe8/0x1ec
 [<ffffffc000ca7be8>] kernel_init_freeable+0x1c8/0x284
 [<ffffffc0008d90b8>] kernel_init+0x1c/0xe4

Signed-off-by: Jason Yan <yanaijie@huawei.com>
Acked-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/scsi/megaraid/megaraid_sas_base.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c
index f6de7526ded5..acb503ea8f0c 100644
--- a/drivers/scsi/megaraid/megaraid_sas_base.c
+++ b/drivers/scsi/megaraid/megaraid_sas_base.c
@@ -4155,6 +4155,7 @@ int megasas_alloc_cmds(struct megasas_instance *instance)
 	if (megasas_create_frame_pool(instance)) {
 		dev_printk(KERN_DEBUG, &instance->pdev->dev, "Error creating frame DMA pool\n");
 		megasas_free_cmds(instance);
+		return -ENOMEM;
 	}
 
 	return 0;
-- 
2.19.1