Himanshu?
> This patch fixes a crash on qla2x00_mailbox_command caused when the > driver is on UNLOADING state and tries to call qla2x00_poll, which > triggers a NULL pointer dereference. > > Signed-off-by: Rodrigo R. Galvao <[email protected]> > Signed-off-by: Mauro S. M. Rodrigues <[email protected]> > --- > drivers/scsi/qla2xxx/qla_mbx.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/drivers/scsi/qla2xxx/qla_mbx.c b/drivers/scsi/qla2xxx/qla_mbx.c > index d8a36c1..7e875f5 100644 > --- a/drivers/scsi/qla2xxx/qla_mbx.c > +++ b/drivers/scsi/qla2xxx/qla_mbx.c > @@ -292,6 +292,14 @@ qla2x00_mailbox_command(scsi_qla_host_t *vha, mbx_cmd_t > *mcp) > if (time_after(jiffies, wait_time)) > break; > > + /* > + * Check if it's UNLOADING, cause we cannot poll in > + * this case, or else a NULL pointer dereference > + * is triggered. > + */ > + if (unlikely(test_bit(UNLOADING, &base_vha->dpc_flags))) > + return QLA_FUNCTION_TIMEOUT; > + > /* Check for pending interrupts. */ > qla2x00_poll(ha->rsp_q_map[0]); -- Martin K. Petersen Oracle Linux Engineering
