Douglas, > On error, kthread_create() returns an errno-encoded pointer, not NULL. > The routine qla2x00_probe_one() detects the error case and jumps > to probe_failed, but has already assigned the return value from > kthread_create() to ha->dpc_thread. Then probe_failed checks to see > if ha->dpc_thread is not NULL before doing cleanup on it. Since in the > error case this is also not NULL, it ends up trying to access an invalid > task pointer. > > Solution is to assign NULL to ha->dpc_thread in the error path to avoid > kthread cleanup in that case.
QLogic folks: Please review! -- Martin K. Petersen Oracle Linux Engineering
