[SCSI] BusLogic: Fix an oops when intializing multimaster adapter

This fixes an oops caused by buslogic driver when initializing a BusLogic MultiMaster adapter. Initialization code used scope of a variable incorrectly which created a NULL pointer. Oops message is below: BUG: unable to handle kernel NULL pointer dereference at 0000000c IP: [<c150c137>] blogic_init_mm_probeinfo.isra.17+0x20a/0x583 *pde = 00000000 Oops: 002 [#1] PREEMPT SMP Modules linked in: CPU: 1 PID: 1 Comm: swapper/0 Not tainted 3.11.1.puz1 #1 Hardware name: /Canterwood, BIOS 6.00 PG 05/16/2003 task: f7050000 ti: f7054000 task.ti: f7054000 EIP: 0060:[<c150c137>] EFLAGS: 00010246 CPU:1 EIP is at blogic_init_mm_probeinfo.isra.17+0x20a/0x583 EAX: 00000013 EBX: 00000000 ECX: 00000000 EDX: f8001000 ESI: f71cb800 EDI: f7388000 EBP: 00007800 ESP: f7055c84 DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 CR0: 8005003b CR2: 0000000c CR3: 0154f000 CR4: 000007d0 Stack: 0000001c 00000000 c11a59f6 f7055c98 00008130 ffffffff ffffffff 00000000 00000003 00000000 00000000 00000000 00000013 f8001000 00000001 000003d0 00000000 00000000 00000000 c14e3f84 f78803c8 00000000 f738c000 000000e9 Call Trace: [<c11a59f6>] ? pci_get_subsys+0x33/0x38 [<c150c4fb>] ? blogic_init_probeinfo_list+0x4b/0x19e [<c108d593>] ? __alloc_pages_nodemask+0xe3/0x623 [<c108d593>] ? __alloc_pages_nodemask+0xe3/0x623 [<c10fb99e>] ? sysfs_link_sibling+0x61/0x8d [<c10b0519>] ? kmem_cache_alloc+0x8b/0xb5 [<c150cce5>] ? blogic_init+0xa1/0x10e8 [<c10fc0a8>] ? sysfs_add_one+0x10/0x9d [<c10fc18a>] ? sysfs_addrm_finish+0x12/0x85 [<c10fca37>] ? sysfs_do_create_link_sd+0x9d/0x1b4 [<c117c272>] ? blk_register_queue+0x69/0xb3 [<c10fcb68>] ? sysfs_create_link+0x1a/0x2c [<c1181a07>] ? add_disk+0x1a1/0x3c7 [<c138737b>] ? klist_next+0x60/0xc3 [<c122cc3a>] ? scsi_dh_detach+0x68/0x68 [<c1213e36>] ? bus_for_each_dev+0x51/0x61 [<c1000356>] ? do_one_initcall+0x22/0x12c [<c10f3688>] ? __proc_create+0x8c/0xba [<c150cc44>] ? blogic_setup+0x5f6/0x5f6 [<c14e94aa>] ? repair_env_string+0xf/0x4d [<c14e949b>] ? do_early_param+0x71/0x71 [<c103efaa>] ? parse_args+0x21f/0x33d [<c14e9a54>] ? kernel_init_freeable+0xdf/0x17d [<c14e949b>] ? do_early_param+0x71/0x71 [<c1388b64>] ? kernel_init+0x8/0xc0 [<c1392222>] ? ret_from_kernel_thread+0x6/0x28 [<c1392227>] ? ret_from_kernel_thread+0x1b/0x28 [<c1388b5c>] ? rest_init+0x6c/0x6c Code: 89 44 24 10 0f b6 44 24 3d 89 44 24 0c c7 44 24 08 00 00 00 00 c7 44 24 04 38 62 46 c1 c7 04 24 02 00 00 00 e8 78 13 d2 ff 31 db <89> 6b 0c b0 20 89 ea ee c7 44 24 08 04 00 00 00 8d 44 24 4c 89 EIP: [<c150c137>] blogic_init_mm_probeinfo.isra.17+0x20a/0x583 SS:ESP 0068:f7055c84 CR2: 000000000000000c ---[ end trace 17f45f5196d40487 ]--- Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 Signed-off-by: Khalid Aziz <khalid.aziz@oracle.com> Cc: <stable@vger.kernel.org> # 3.11.x Reported-by: Pierre Uszynski <pierre@rahul.net> Tested-by: Pierre Uszynski <pierre@rahul.net> Signed-off-by: James Bottomley <JBottomley@Parallels.com>
author: Khalid Aziz <khalid.aziz@oracle.com> 2013-09-25 13:45:11 -0400
committer: James Bottomley <JBottomley@Parallels.com> 2013-10-16 08:57:14 -0400
commit: 6541932ea2f7de0b0c5203decf666b143ad5fa33 (patch)
tree: 6f14a2138799131676f8928a705580250f6394dc
parent: 61e6cfa80de5760bbe406f4e815b7739205754d2 (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/drivers/scsi/BusLogic.c b/drivers/scsi/BusLogic.c
index feab3a5e50b5..757eb0716d45 100644
--- a/drivers/scsi/BusLogic.c
+++ b/drivers/scsi/BusLogic.c
@@ -696,7 +696,7 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
        while ((pci_device = pci_get_device(PCI_VENDOR_ID_BUSLOGIC,
                                        PCI_DEVICE_ID_BUSLOGIC_MULTIMASTER,
                                        pci_device)) != NULL) {
-                struct blogic_adapter *adapter = adapter;
+                struct blogic_adapter *host_adapter = adapter;
                struct blogic_adapter_info adapter_info;
                enum blogic_isa_ioport mod_ioaddr_req;
                unsigned char bus;
@@ -744,9 +744,9 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
                   known and enabled, note that the particular Standard ISA I/O
                   Address should not be probed.
                 */
-                adapter->io_addr = io_addr;
+                host_adapter->io_addr = io_addr;
-                blogic_intreset(adapter);
+                blogic_intreset(host_adapter);
-                if (blogic_cmd(adapter, BLOGIC_INQ_PCI_INFO, NULL, 0,
+                if (blogic_cmd(host_adapter, BLOGIC_INQ_PCI_INFO, NULL, 0,
                                &adapter_info, sizeof(adapter_info)) ==
                                sizeof(adapter_info)) {
                        if (adapter_info.isa_port < 6)
@@ -762,7 +762,7 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
                   I/O Address assigned at system initialization.
                 */
                mod_ioaddr_req = BLOGIC_IO_DISABLE;
-                blogic_cmd(adapter, BLOGIC_MOD_IOADDR, &mod_ioaddr_req,
+                blogic_cmd(host_adapter, BLOGIC_MOD_IOADDR, &mod_ioaddr_req,
                                sizeof(mod_ioaddr_req), NULL, 0);
                /*
                   For the first MultiMaster Host Adapter enumerated,
@@ -779,12 +779,12 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
                        fetch_localram.offset = BLOGIC_AUTOSCSI_BASE + 45;
                        fetch_localram.count = sizeof(autoscsi_byte45);
-                        blogic_cmd(adapter, BLOGIC_FETCH_LOCALRAM,
+                        blogic_cmd(host_adapter, BLOGIC_FETCH_LOCALRAM,
                                        &fetch_localram, sizeof(fetch_localram),
                                        &autoscsi_byte45,
                                        sizeof(autoscsi_byte45));
-                        blogic_cmd(adapter, BLOGIC_GET_BOARD_ID, NULL, 0, &id,
+                        blogic_cmd(host_adapter, BLOGIC_GET_BOARD_ID, NULL, 0,
-                                        sizeof(id));
+                                        &id, sizeof(id));
                        if (id.fw_ver_digit1 == '5')
                                force_scan_order =
                                        autoscsi_byte45.force_scan_order;
author	Khalid Aziz <khalid.aziz@oracle.com>	2013-09-25 13:45:11 -0400
committer	James Bottomley <JBottomley@Parallels.com>	2013-10-16 08:57:14 -0400
commit	6541932ea2f7de0b0c5203decf666b143ad5fa33 (patch)
tree	6f14a2138799131676f8928a705580250f6394dc
parent	61e6cfa80de5760bbe406f4e815b7739205754d2 (diff)

diff --git a/drivers/scsi/BusLogic.c b/drivers/scsi/BusLogic.c index feab3a5e50b5..757eb0716d45 100644 --- a/drivers/scsi/BusLogic.c +++ b/drivers/scsi/BusLogic.c
@@ -696,7 +696,7 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
696	while ((pci_device = pci_get_device(PCI_VENDOR_ID_BUSLOGIC,	696	while ((pci_device = pci_get_device(PCI_VENDOR_ID_BUSLOGIC,
697	PCI_DEVICE_ID_BUSLOGIC_MULTIMASTER,	697	PCI_DEVICE_ID_BUSLOGIC_MULTIMASTER,
698	pci_device)) != NULL) {	698	pci_device)) != NULL) {
699	struct blogic_adapter *adapter = adapter;	699	struct blogic_adapter *host_adapter = adapter;
700	struct blogic_adapter_info adapter_info;	700	struct blogic_adapter_info adapter_info;
701	enum blogic_isa_ioport mod_ioaddr_req;	701	enum blogic_isa_ioport mod_ioaddr_req;
702	unsigned char bus;	702	unsigned char bus;
@@ -744,9 +744,9 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
744	known and enabled, note that the particular Standard ISA I/O	744	known and enabled, note that the particular Standard ISA I/O
745	Address should not be probed.	745	Address should not be probed.
746	*/	746	*/
747	adapter->io_addr = io_addr;	747	host_adapter->io_addr = io_addr;
748	blogic_intreset(adapter);	748	blogic_intreset(host_adapter);
749	if (blogic_cmd(adapter, BLOGIC_INQ_PCI_INFO, NULL, 0,	749	if (blogic_cmd(host_adapter, BLOGIC_INQ_PCI_INFO, NULL, 0,
750	&adapter_info, sizeof(adapter_info)) ==	750	&adapter_info, sizeof(adapter_info)) ==
751	sizeof(adapter_info)) {	751	sizeof(adapter_info)) {
752	if (adapter_info.isa_port < 6)	752	if (adapter_info.isa_port < 6)
@@ -762,7 +762,7 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
762	I/O Address assigned at system initialization.	762	I/O Address assigned at system initialization.
763	*/	763	*/
764	mod_ioaddr_req = BLOGIC_IO_DISABLE;	764	mod_ioaddr_req = BLOGIC_IO_DISABLE;
765	blogic_cmd(adapter, BLOGIC_MOD_IOADDR, &mod_ioaddr_req,	765	blogic_cmd(host_adapter, BLOGIC_MOD_IOADDR, &mod_ioaddr_req,
766	sizeof(mod_ioaddr_req), NULL, 0);	766	sizeof(mod_ioaddr_req), NULL, 0);
767	/*	767	/*
768	For the first MultiMaster Host Adapter enumerated,	768	For the first MultiMaster Host Adapter enumerated,
@@ -779,12 +779,12 @@ static int __init blogic_init_mm_probeinfo(struct blogic_adapter *adapter)
779		779
780	fetch_localram.offset = BLOGIC_AUTOSCSI_BASE + 45;	780	fetch_localram.offset = BLOGIC_AUTOSCSI_BASE + 45;
781	fetch_localram.count = sizeof(autoscsi_byte45);	781	fetch_localram.count = sizeof(autoscsi_byte45);
782	blogic_cmd(adapter, BLOGIC_FETCH_LOCALRAM,	782	blogic_cmd(host_adapter, BLOGIC_FETCH_LOCALRAM,
783	&fetch_localram, sizeof(fetch_localram),	783	&fetch_localram, sizeof(fetch_localram),
784	&autoscsi_byte45,	784	&autoscsi_byte45,
785	sizeof(autoscsi_byte45));	785	sizeof(autoscsi_byte45));
786	blogic_cmd(adapter, BLOGIC_GET_BOARD_ID, NULL, 0, &id,	786	blogic_cmd(host_adapter, BLOGIC_GET_BOARD_ID, NULL, 0,
787	sizeof(id));	787	&id, sizeof(id));
788	if (id.fw_ver_digit1 == '5')	788	if (id.fw_ver_digit1 == '5')
789	force_scan_order =	789	force_scan_order =
790	autoscsi_byte45.force_scan_order;	790	autoscsi_byte45.force_scan_order;