Virtualization - Jul 2013 - [PATCH] virtio-scsi: Fix virtqueue affinity setup

vscsi->num_queues counts the number of request virtqueue which does not
include the control and event virtqueue. It is wrong to subtract
VIRTIO_SCSI_VQ_BASE from vscsi->num_queues.

This patch fixes the following panic.

(qemu) device_del scsi0

 BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
 IP: [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
 PGD 0
 Oops: 0000 [#1] SMP
 Modules linked in:
 CPU: 0 PID: 659 Comm: kworker/0:1 Not tainted 3.11.0-rc2+ #1172
 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
 Workqueue: kacpi_hotplug _handle_hotplug_event_func
 task: ffff88007bee1cc0 ti: ffff88007bfe4000 task.ti: ffff88007bfe4000
 RIP: 0010:[<ffffffff8179b29f>]  [<ffffffff8179b29f>]
__virtscsi_set_affinity+0x6f/0x120
 RSP: 0018:ffff88007bfe5a38  EFLAGS: 00010202
 RAX: 0000000000000010 RBX: ffff880077fd0d28 RCX: 0000000000000050
 RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000000
 RBP: ffff88007bfe5a58 R08: ffff880077f6ff00 R09: 0000000000000001
 R10: ffffffff8143e673 R11: 0000000000000001 R12: 0000000000000001
 R13: ffff880077fd0800 R14: 0000000000000000 R15: ffff88007bf489b0
 FS:  0000000000000000(0000) GS:ffff88007ea00000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
 CR2: 0000000000000020 CR3: 0000000079f8b000 CR4: 00000000000006f0
 Stack:
  ffff880077fd0d28 0000000000000000 ffff880077fd0800 0000000000000008
  ffff88007bfe5a78 ffffffff8179b37d ffff88007bccc800 ffff88007bccc800
  ffff88007bfe5a98 ffffffff8179b3b6 ffff88007bccc800 ffff880077fd0d28
 Call Trace:
  [<ffffffff8179b37d>] virtscsi_set_affinity+0x2d/0x40
  [<ffffffff8179b3b6>] virtscsi_remove_vqs+0x26/0x50
  [<ffffffff8179c7d2>] virtscsi_remove+0x82/0xa0
  [<ffffffff814cb6b2>] virtio_dev_remove+0x22/0x70
  [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
  [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
  [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
  [<ffffffff81679936>] device_del+0x126/0x1e0
  [<ffffffff81679a06>] device_unregister+0x16/0x30
  [<ffffffff814cb889>] unregister_virtio_device+0x19/0x30
  [<ffffffff814cdad6>] virtio_pci_remove+0x36/0x80
  [<ffffffff81464ae7>] pci_device_remove+0x37/0x70
  [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
  [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
  [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
  [<ffffffff81679936>] device_del+0x126/0x1e0
  [<ffffffff8145edfc>] pci_stop_bus_device+0x9c/0xb0
  [<ffffffff8145f036>] pci_stop_and_remove_bus_device+0x16/0x30
  [<ffffffff81474a9e>] acpiphp_disable_slot+0x8e/0x150
  [<ffffffff81474f6a>] hotplug_event_func+0xba/0x1a0
  [<ffffffff814906c8>] ? acpi_os_release_object+0xe/0x12
  [<ffffffff81475911>] _handle_hotplug_event_func+0x31/0x70
  [<ffffffff810b5333>] process_one_work+0x183/0x500
  [<ffffffff810b66e2>] worker_thread+0x122/0x400
  [<ffffffff810b65c0>] ? manage_workers+0x2d0/0x2d0
  [<ffffffff810bc5de>] kthread+0xce/0xe0
  [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
  [<ffffffff81ca045c>] ret_from_fork+0x7c/0xb0
  [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
 Code: 01 00 00 00 74 59 45 31 e4 83 bb c8 01 00 00 02 74 46 66 2e 0f 1f 84 00
00 00 00 00 49 63 c4 48 c1 e0 04 48 8b bc 0
3 10 02 00 00 <48> 8b 47 20 48 8b 80 d0 01 00 00 48 8b 40 50 48 85 c0 74
07 be
 RIP  [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
  RSP <ffff88007bfe5a38>
 CR2: 0000000000000020
 ---[ end trace 99679331a3775f48 ]---

CC: stable at vger.kernel.org
Signed-off-by: Asias He <asias at redhat.com>
---
 drivers/scsi/virtio_scsi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c
index 2168258..74b88ef 100644
--- a/drivers/scsi/virtio_scsi.c
+++ b/drivers/scsi/virtio_scsi.c
@@ -751,7 +751,7 @@ static void __virtscsi_set_affinity(struct virtio_scsi
*vscsi, bool affinity)
 
 		vscsi->affinity_hint_set = true;
 	} else {
-		for (i = 0; i < vscsi->num_queues - VIRTIO_SCSI_VQ_BASE; i++)
+		for (i = 0; i < vscsi->num_queues; i++)
 			virtqueue_set_affinity(vscsi->req_vqs[i].vq, -1);
 
 		vscsi->affinity_hint_set = false;
-- 
1.8.3.1

On 07/31/2013 10:17 PM, Asias He wrote:
> vscsi->num_queues counts the number of request virtqueue which does not
> include the control and event virtqueue. It is wrong to subtract
> VIRTIO_SCSI_VQ_BASE from vscsi->num_queues.
> 
> This patch fixes the following panic.
> 
> (qemu) device_del scsi0
> 
>  BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
>  IP: [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
>  PGD 0
>  Oops: 0000 [#1] SMP
>  Modules linked in:
>  CPU: 0 PID: 659 Comm: kworker/0:1 Not tainted 3.11.0-rc2+ #1172
>  Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
>  Workqueue: kacpi_hotplug _handle_hotplug_event_func
>  task: ffff88007bee1cc0 ti: ffff88007bfe4000 task.ti: ffff88007bfe4000
>  RIP: 0010:[<ffffffff8179b29f>]  [<ffffffff8179b29f>]
__virtscsi_set_affinity+0x6f/0x120
>  RSP: 0018:ffff88007bfe5a38  EFLAGS: 00010202
>  RAX: 0000000000000010 RBX: ffff880077fd0d28 RCX: 0000000000000050
>  RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000000
>  RBP: ffff88007bfe5a58 R08: ffff880077f6ff00 R09: 0000000000000001
>  R10: ffffffff8143e673 R11: 0000000000000001 R12: 0000000000000001
>  R13: ffff880077fd0800 R14: 0000000000000000 R15: ffff88007bf489b0
>  FS:  0000000000000000(0000) GS:ffff88007ea00000(0000)
knlGS:0000000000000000
>  CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>  CR2: 0000000000000020 CR3: 0000000079f8b000 CR4: 00000000000006f0
>  Stack:
>   ffff880077fd0d28 0000000000000000 ffff880077fd0800 0000000000000008
>   ffff88007bfe5a78 ffffffff8179b37d ffff88007bccc800 ffff88007bccc800
>   ffff88007bfe5a98 ffffffff8179b3b6 ffff88007bccc800 ffff880077fd0d28
>  Call Trace:
>   [<ffffffff8179b37d>] virtscsi_set_affinity+0x2d/0x40
>   [<ffffffff8179b3b6>] virtscsi_remove_vqs+0x26/0x50
>   [<ffffffff8179c7d2>] virtscsi_remove+0x82/0xa0
>   [<ffffffff814cb6b2>] virtio_dev_remove+0x22/0x70
>   [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
>   [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
>   [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
>   [<ffffffff81679936>] device_del+0x126/0x1e0
>   [<ffffffff81679a06>] device_unregister+0x16/0x30
>   [<ffffffff814cb889>] unregister_virtio_device+0x19/0x30
>   [<ffffffff814cdad6>] virtio_pci_remove+0x36/0x80
>   [<ffffffff81464ae7>] pci_device_remove+0x37/0x70
>   [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
>   [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
>   [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
>   [<ffffffff81679936>] device_del+0x126/0x1e0
>   [<ffffffff8145edfc>] pci_stop_bus_device+0x9c/0xb0
>   [<ffffffff8145f036>] pci_stop_and_remove_bus_device+0x16/0x30
>   [<ffffffff81474a9e>] acpiphp_disable_slot+0x8e/0x150
>   [<ffffffff81474f6a>] hotplug_event_func+0xba/0x1a0
>   [<ffffffff814906c8>] ? acpi_os_release_object+0xe/0x12
>   [<ffffffff81475911>] _handle_hotplug_event_func+0x31/0x70
>   [<ffffffff810b5333>] process_one_work+0x183/0x500
>   [<ffffffff810b66e2>] worker_thread+0x122/0x400
>   [<ffffffff810b65c0>] ? manage_workers+0x2d0/0x2d0
>   [<ffffffff810bc5de>] kthread+0xce/0xe0
>   [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
>   [<ffffffff81ca045c>] ret_from_fork+0x7c/0xb0
>   [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
>  Code: 01 00 00 00 74 59 45 31 e4 83 bb c8 01 00 00 02 74 46 66 2e 0f 1f 84
00 00 00 00 00 49 63 c4 48 c1 e0 04 48 8b bc 0
> 3 10 02 00 00 <48> 8b 47 20 48 8b 80 d0 01 00 00 48 8b 40 50 48 85 c0
74 07 be
>  RIP  [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
>   RSP <ffff88007bfe5a38>
>  CR2: 0000000000000020
>  ---[ end trace 99679331a3775f48 ]---
> 
> CC: stable at vger.kernel.org
> Signed-off-by: Asias He <asias at redhat.com>
Reviewed-by: Wanlong Gao <gaowanlong at cn.fujitsu.com>

> ---
>  drivers/scsi/virtio_scsi.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c
> index 2168258..74b88ef 100644
> --- a/drivers/scsi/virtio_scsi.c
> +++ b/drivers/scsi/virtio_scsi.c
> @@ -751,7 +751,7 @@ static void __virtscsi_set_affinity(struct virtio_scsi
*vscsi, bool affinity)
>  
>  		vscsi->affinity_hint_set = true;
>  	} else {
> -		for (i = 0; i < vscsi->num_queues - VIRTIO_SCSI_VQ_BASE; i++)
> +		for (i = 0; i < vscsi->num_queues; i++)
>  			virtqueue_set_affinity(vscsi->req_vqs[i].vq, -1);
>  
>  		vscsi->affinity_hint_set = false;
>

Asias He <asias at redhat.com> writes:
> vscsi->num_queues counts the number of request virtqueue which does not
> include the control and event virtqueue. It is wrong to subtract
> VIRTIO_SCSI_VQ_BASE from vscsi->num_queues.
>
> This patch fixes the following panic.
Applied.

Thanks,
Rusty.
>
> (qemu) device_del scsi0
>
>  BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
>  IP: [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
>  PGD 0
>  Oops: 0000 [#1] SMP
>  Modules linked in:
>  CPU: 0 PID: 659 Comm: kworker/0:1 Not tainted 3.11.0-rc2+ #1172
>  Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
>  Workqueue: kacpi_hotplug _handle_hotplug_event_func
>  task: ffff88007bee1cc0 ti: ffff88007bfe4000 task.ti: ffff88007bfe4000
>  RIP: 0010:[<ffffffff8179b29f>]  [<ffffffff8179b29f>]
__virtscsi_set_affinity+0x6f/0x120
>  RSP: 0018:ffff88007bfe5a38  EFLAGS: 00010202
>  RAX: 0000000000000010 RBX: ffff880077fd0d28 RCX: 0000000000000050
>  RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000000
>  RBP: ffff88007bfe5a58 R08: ffff880077f6ff00 R09: 0000000000000001
>  R10: ffffffff8143e673 R11: 0000000000000001 R12: 0000000000000001
>  R13: ffff880077fd0800 R14: 0000000000000000 R15: ffff88007bf489b0
>  FS:  0000000000000000(0000) GS:ffff88007ea00000(0000)
knlGS:0000000000000000
>  CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>  CR2: 0000000000000020 CR3: 0000000079f8b000 CR4: 00000000000006f0
>  Stack:
>   ffff880077fd0d28 0000000000000000 ffff880077fd0800 0000000000000008
>   ffff88007bfe5a78 ffffffff8179b37d ffff88007bccc800 ffff88007bccc800
>   ffff88007bfe5a98 ffffffff8179b3b6 ffff88007bccc800 ffff880077fd0d28
>  Call Trace:
>   [<ffffffff8179b37d>] virtscsi_set_affinity+0x2d/0x40
>   [<ffffffff8179b3b6>] virtscsi_remove_vqs+0x26/0x50
>   [<ffffffff8179c7d2>] virtscsi_remove+0x82/0xa0
>   [<ffffffff814cb6b2>] virtio_dev_remove+0x22/0x70
>   [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
>   [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
>   [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
>   [<ffffffff81679936>] device_del+0x126/0x1e0
>   [<ffffffff81679a06>] device_unregister+0x16/0x30
>   [<ffffffff814cb889>] unregister_virtio_device+0x19/0x30
>   [<ffffffff814cdad6>] virtio_pci_remove+0x36/0x80
>   [<ffffffff81464ae7>] pci_device_remove+0x37/0x70
>   [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
>   [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
>   [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
>   [<ffffffff81679936>] device_del+0x126/0x1e0
>   [<ffffffff8145edfc>] pci_stop_bus_device+0x9c/0xb0
>   [<ffffffff8145f036>] pci_stop_and_remove_bus_device+0x16/0x30
>   [<ffffffff81474a9e>] acpiphp_disable_slot+0x8e/0x150
>   [<ffffffff81474f6a>] hotplug_event_func+0xba/0x1a0
>   [<ffffffff814906c8>] ? acpi_os_release_object+0xe/0x12
>   [<ffffffff81475911>] _handle_hotplug_event_func+0x31/0x70
>   [<ffffffff810b5333>] process_one_work+0x183/0x500
>   [<ffffffff810b66e2>] worker_thread+0x122/0x400
>   [<ffffffff810b65c0>] ? manage_workers+0x2d0/0x2d0
>   [<ffffffff810bc5de>] kthread+0xce/0xe0
>   [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
>   [<ffffffff81ca045c>] ret_from_fork+0x7c/0xb0
>   [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
>  Code: 01 00 00 00 74 59 45 31 e4 83 bb c8 01 00 00 02 74 46 66 2e 0f 1f 84
00 00 00 00 00 49 63 c4 48 c1 e0 04 48 8b bc 0
> 3 10 02 00 00 <48> 8b 47 20 48 8b 80 d0 01 00 00 48 8b 40 50 48 85 c0
74 07 be
>  RIP  [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
>   RSP <ffff88007bfe5a38>
>  CR2: 0000000000000020
>  ---[ end trace 99679331a3775f48 ]---
>
> CC: stable at vger.kernel.org
> Signed-off-by: Asias He <asias at redhat.com>
> ---
>  drivers/scsi/virtio_scsi.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c
> index 2168258..74b88ef 100644
> --- a/drivers/scsi/virtio_scsi.c
> +++ b/drivers/scsi/virtio_scsi.c
> @@ -751,7 +751,7 @@ static void __virtscsi_set_affinity(struct virtio_scsi
*vscsi, bool affinity)
>  
>  		vscsi->affinity_hint_set = true;
>  	} else {
> -		for (i = 0; i < vscsi->num_queues - VIRTIO_SCSI_VQ_BASE; i++)
> +		for (i = 0; i < vscsi->num_queues; i++)
>  			virtqueue_set_affinity(vscsi->req_vqs[i].vq, -1);
>  
>  		vscsi->affinity_hint_set = false;
> -- 
> 1.8.3.1

> vscsi->num_queues counts the number of request virtqueue which does not
> include the control and event virtqueue. It is wrong to subtract
> VIRTIO_SCSI_VQ_BASE from vscsi->num_queues.
Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
> This patch fixes the following panic.
> 
> (qemu) device_del scsi0
> 
>  BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
>  IP: [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
>  PGD 0
>  Oops: 0000 [#1] SMP
>  Modules linked in:
>  CPU: 0 PID: 659 Comm: kworker/0:1 Not tainted 3.11.0-rc2+ #1172
>  Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
>  Workqueue: kacpi_hotplug _handle_hotplug_event_func
>  task: ffff88007bee1cc0 ti: ffff88007bfe4000 task.ti: ffff88007bfe4000
>  RIP: 0010:[<ffffffff8179b29f>]  [<ffffffff8179b29f>]
>  __virtscsi_set_affinity+0x6f/0x120
>  RSP: 0018:ffff88007bfe5a38  EFLAGS: 00010202
>  RAX: 0000000000000010 RBX: ffff880077fd0d28 RCX: 0000000000000050
>  RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000000
>  RBP: ffff88007bfe5a58 R08: ffff880077f6ff00 R09: 0000000000000001
>  R10: ffffffff8143e673 R11: 0000000000000001 R12: 0000000000000001
>  R13: ffff880077fd0800 R14: 0000000000000000 R15: ffff88007bf489b0
>  FS:  0000000000000000(0000) GS:ffff88007ea00000(0000)
knlGS:0000000000000000
>  CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>  CR2: 0000000000000020 CR3: 0000000079f8b000 CR4: 00000000000006f0
>  Stack:
>   ffff880077fd0d28 0000000000000000 ffff880077fd0800 0000000000000008
>   ffff88007bfe5a78 ffffffff8179b37d ffff88007bccc800 ffff88007bccc800
>   ffff88007bfe5a98 ffffffff8179b3b6 ffff88007bccc800 ffff880077fd0d28
>  Call Trace:
>   [<ffffffff8179b37d>] virtscsi_set_affinity+0x2d/0x40
>   [<ffffffff8179b3b6>] virtscsi_remove_vqs+0x26/0x50
>   [<ffffffff8179c7d2>] virtscsi_remove+0x82/0xa0
>   [<ffffffff814cb6b2>] virtio_dev_remove+0x22/0x70
>   [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
>   [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
>   [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
>   [<ffffffff81679936>] device_del+0x126/0x1e0
>   [<ffffffff81679a06>] device_unregister+0x16/0x30
>   [<ffffffff814cb889>] unregister_virtio_device+0x19/0x30
>   [<ffffffff814cdad6>] virtio_pci_remove+0x36/0x80
>   [<ffffffff81464ae7>] pci_device_remove+0x37/0x70
>   [<ffffffff8167ca49>] __device_release_driver+0x69/0xd0
>   [<ffffffff8167cb9d>] device_release_driver+0x2d/0x40
>   [<ffffffff8167bb96>] bus_remove_device+0x116/0x150
>   [<ffffffff81679936>] device_del+0x126/0x1e0
>   [<ffffffff8145edfc>] pci_stop_bus_device+0x9c/0xb0
>   [<ffffffff8145f036>] pci_stop_and_remove_bus_device+0x16/0x30
>   [<ffffffff81474a9e>] acpiphp_disable_slot+0x8e/0x150
>   [<ffffffff81474f6a>] hotplug_event_func+0xba/0x1a0
>   [<ffffffff814906c8>] ? acpi_os_release_object+0xe/0x12
>   [<ffffffff81475911>] _handle_hotplug_event_func+0x31/0x70
>   [<ffffffff810b5333>] process_one_work+0x183/0x500
>   [<ffffffff810b66e2>] worker_thread+0x122/0x400
>   [<ffffffff810b65c0>] ? manage_workers+0x2d0/0x2d0
>   [<ffffffff810bc5de>] kthread+0xce/0xe0
>   [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
>   [<ffffffff81ca045c>] ret_from_fork+0x7c/0xb0
>   [<ffffffff810bc510>] ? kthread_freezable_should_stop+0x70/0x70
>  Code: 01 00 00 00 74 59 45 31 e4 83 bb c8 01 00 00 02 74 46 66 2e 0f 1f 84
>  00 00 00 00 00 49 63 c4 48 c1 e0 04 48 8b bc 0
> 3 10 02 00 00 <48> 8b 47 20 48 8b 80 d0 01 00 00 48 8b 40 50 48 85 c0
74 07
> be
>  RIP  [<ffffffff8179b29f>] __virtscsi_set_affinity+0x6f/0x120
>   RSP <ffff88007bfe5a38>
>  CR2: 0000000000000020
>  ---[ end trace 99679331a3775f48 ]---
> 
> CC: stable at vger.kernel.org
> Signed-off-by: Asias He <asias at redhat.com>
> ---
>  drivers/scsi/virtio_scsi.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c
> index 2168258..74b88ef 100644
> --- a/drivers/scsi/virtio_scsi.c
> +++ b/drivers/scsi/virtio_scsi.c
> @@ -751,7 +751,7 @@ static void __virtscsi_set_affinity(struct virtio_scsi
> *vscsi, bool affinity)
>  
>  		vscsi->affinity_hint_set = true;
>  	} else {
> -		for (i = 0; i < vscsi->num_queues - VIRTIO_SCSI_VQ_BASE; i++)
> +		for (i = 0; i < vscsi->num_queues; i++)
>  			virtqueue_set_affinity(vscsi->req_vqs[i].vq, -1);
>  
>  		vscsi->affinity_hint_set = false;
> --
> 1.8.3.1
> 
>