start_next_msg() issues a message placed in smi_info->waiting_msg if it is non-NULL. However, sender() sets a message to smi_info->curr_msg and NULL to smi_info->waiting_msg in the context of run_to_completion mode. As the result, it leads an infinite loop by waiting the completion of unissued message when leaving dying message after kernel panic.
sender() should set the message to smi_info->waiting_msg not curr_msg. Signed-off-by: Hidehiro Kawai <[email protected]> Cc: Corey Minyard <[email protected]> Cc: [email protected] Cc: [email protected] --- drivers/char/ipmi/ipmi_si_intf.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c index 5e90a18..3d49c70 100644 --- a/drivers/char/ipmi/ipmi_si_intf.c +++ b/drivers/char/ipmi/ipmi_si_intf.c @@ -942,8 +942,7 @@ static void sender(void *send_info, * If we are running to completion, start it and run * transactions until everything is clear. */ - smi_info->curr_msg = msg; - smi_info->waiting_msg = NULL; + smi_info->waiting_msg = msg; /* * Run to completion means we are single-threaded, no -- 1.8.3.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
