Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 9c5dd699 authored by Zhu Yanjun's avatar Zhu Yanjun Committed by Greg Kroah-Hartman
Browse files

RDMA/rxe: Fix "kernel NULL pointer dereference" error 

[ Upstream commit a625ca30eff806395175ebad3ac1399014bdb280 ]

When rxe_queue_init in the function rxe_qp_init_req fails,
both qp->req.task.func and qp->req.task.arg are not initialized.

Because of creation of qp fails, the function rxe_create_qp will
call rxe_qp_do_cleanup to handle allocated resource.

Before calling __rxe_do_task, both qp->req.task.func and
qp->req.task.arg should be checked.

Fixes: 8700e3e7 ("Soft RoCE driver")
Link: https://lore.kernel.org/r/20220822011615.805603-2-yanjun.zhu@linux.dev


Reported-by: default avatar <syzbot+ab99dc4c6e961eed8b8e@syzkaller.appspotmail.com>
Signed-off-by: default avatarZhu Yanjun <yanjun.zhu@linux.dev>
Reviewed-by: default avatarLi Zhijian <lizhijian@fujitsu.com>
Reviewed-by: default avatarBob Pearson <rpearsonhpe@gmail.com>
Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 3c38467c
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment