FreeBSD Mail Archives

Date:      Tue, 7 Mar 2017 23:06:41 +0000 (UTC)
From:      Warner Losh <imp@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r314889 - head/sys/dev/nvme
Message-ID:  <201703072306.v27N6f5S007047@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: imp
Date: Tue Mar  7 23:06:41 2017
New Revision: 314889
URL: https://svnweb.freebsd.org/changeset/base/314889

Log:
  Avoid dereferencing unintialized elements in the error path.
  
  Some drives sometimes have errors for things like setting the number
  of queue entries in the submission queue. The error paths taken for
  these drives ensure a panic dereferencing uninialized data.
  
  Sponsored by: Netflix

Modified:
  head/sys/dev/nvme/nvme_ctrlr.c
  head/sys/dev/nvme/nvme_qpair.c

Modified: head/sys/dev/nvme/nvme_ctrlr.c
==============================================================================
--- head/sys/dev/nvme/nvme_ctrlr.c	Tue Mar  7 23:02:59 2017	(r314888)
+++ head/sys/dev/nvme/nvme_ctrlr.c	Tue Mar  7 23:06:41 2017	(r314889)
@@ -193,8 +193,10 @@ nvme_ctrlr_fail(struct nvme_controller *
 
 	ctrlr->is_failed = TRUE;
 	nvme_qpair_fail(&ctrlr->adminq);
-	for (i = 0; i < ctrlr->num_io_queues; i++)
-		nvme_qpair_fail(&ctrlr->ioq[i]);
+	if (ctrlr->ioq != NULL) {
+		for (i = 0; i < ctrlr->num_io_queues; i++)
+			nvme_qpair_fail(&ctrlr->ioq[i]);
+	}
 	nvme_notify_fail_consumers(ctrlr);
 }
 
@@ -397,7 +399,7 @@ nvme_ctrlr_set_num_qpairs(struct nvme_co
 	while (status.done == FALSE)
 		pause("nvme", 1);
 	if (nvme_completion_is_error(&status.cpl)) {
-		nvme_printf(ctrlr, "nvme_set_num_queues failed!\n");
+		nvme_printf(ctrlr, "nvme_ctrlr_set_num_qpairs failed!\n");
 		return (ENXIO);
 	}
 

Modified: head/sys/dev/nvme/nvme_qpair.c
==============================================================================
--- head/sys/dev/nvme/nvme_qpair.c	Tue Mar  7 23:02:59 2017	(r314888)
+++ head/sys/dev/nvme/nvme_qpair.c	Tue Mar  7 23:06:41 2017	(r314889)
@@ -1000,6 +1000,9 @@ nvme_qpair_fail(struct nvme_qpair *qpair
 	struct nvme_tracker		*tr;
 	struct nvme_request		*req;
 
+	if (!mtx_initialized(&qpair->lock))
+		return;
+
 	mtx_lock(&qpair->lock);
 
 	while (!STAILQ_EMPTY(&qpair->queued_req)) {

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703072306.v27N6f5S007047>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation