1. 22 12月, 2010 1 次提交
  2. 09 12月, 2010 5 次提交
    • C
      [SCSI] zfcp: Issue FCP command without holding SCSI host_lock · e55f8753
      Christof Schmitt 提交于
      Interrupting the connection to the FCP channel while I/O requests are
      being issued can lead to this deadlock. scsi_dispatch_cmd already
      holds the host_lock while the recovery trigger tries to acquire the
      host_lock again when iterating through the scsi_devices.
      
       INFO: lockdep is turned off.
       BUG: spinlock lockup on CPU#1, blast/9660, 0000000078f38878
       CPU: 1 Not tainted 2.6.35.7SWEN2 #2
       Process blast (pid: 9660, task: 0000000071f75940, ksp: 0000000074393ac0)
              0000000074393640 00000000743935c0 0000000000000002 0000000000000000
              0000000074393660 00000000743935d8 00000000743935d8 00000000005590c2
              0000000000000000 0000000078f38878 0000000026ede800 0000000078f38878
              000000000000000d 040000000000000c 0000000074393628 0000000000000000
              0000000000000000 0000000000100b2a 00000000743935c0 0000000074393600
       Call Trace:
       ([<0000000000100a32>] show_trace+0xee/0x144)
        [<00000000003be202>] do_raw_spin_lock+0x112/0x178
        [<000000000055d408>] _raw_spin_lock_irqsave+0x90/0xb0
        [<00000000003f1514>] __scsi_iterate_devices+0x38/0xbc
        [<00000000004849b0>] zfcp_erp_clear_adapter_status+0xd0/0x16c
        [<000000000048587a>] zfcp_erp_adapter_reopen+0x3a/0xb4
        [<0000000000489812>] zfcp_fsf_req_send+0x166/0x180
        [<000000000048c8d6>] zfcp_fsf_fcp_cmnd+0x272/0x408
        [<000000000048f864>] zfcp_scsi_queuecommand+0x11c/0x1e0
        [<00000000003f1f2a>] scsi_dispatch_cmd+0x1d6/0x324
        [<00000000003f9910>] scsi_request_fn+0x42c/0x56c
        [<00000000003828ae>] __blk_run_queue+0x86/0x140
        [<000000000037f742>] elv_insert+0x11a/0x208
        [<000000000038104c>] blk_insert_cloned_request+0x84/0xe4
        [<000003c0032b7c64>] dm_dispatch_request+0x6c/0x94 [dm_mod]
        [<000003c0032b7d5c>] map_request+0xd0/0x100 [dm_mod]
        [<000003c0032b9a78>] dm_request_fn+0xec/0x1bc [dm_mod]
        [<0000000000382c0e>] generic_unplug_device+0x5a/0x6c
        [<000003c0032b7f98>] dm_unplug_all+0x74/0x9c [dm_mod]
        [<00000000001d1272>] sync_page+0x76/0x9c
        [<00000000001d12ba>] sync_page_killable+0x22/0x60
        [<000000000055a768>] __wait_on_bit_lock+0xc0/0x124
        [<00000000001d1140>] __lock_page_killable+0x78/0x84
        [<00000000001d351c>] generic_file_aio_read+0x5a4/0x7e8
        [<0000000000228ec0>] do_sync_read+0xc8/0x12c
        [<0000000000229edc>] vfs_read+0xac/0x1ac
        [<000000000022a0d8>] SyS_read+0x58/0xa8
        [<00000000001146de>] sysc_noemu+0x10/0x16
        [<00000200000493c4>] 0x200000493c4
       INFO: lockdep is turned off.
      
      Call zfcp_fsf_fcp_cmnd without the host_lock and disable the
      interrupts when acquiring the req_q_lock. According to the patch
      description in "[PATCH] Eliminate error handler overload of the SCSI
      serial number", the serial_number is not used, so simply drop the
      queuecommand wrapper function and run zfcp_scsi_queuecommand without
      holding the host_lock.
      Reviewed-by: NSwen Schillig <swen@vnet.ibm.com>
      Signed-off-by: NChristof Schmitt <christof.schmitt@de.ibm.com>
      Signed-off-by: NJames Bottomley <James.Bottomley@suse.de>
      e55f8753
    • S
      [SCSI] zfcp: Prevent usage w/o holding a reference · 14718e3c
      Swen Schillig 提交于
      The ERP got values assigned for which no reference was taken.  This
      can lead to an unpredictable race condition.  Fix this by only
      assigning the values which are required and for which a reference was
      pulled or is held implicitly.
      Signed-off-by: NSwen Schillig <swen@vnet.ibm.com>
      Signed-off-by: NChristof Schmitt <christof.schmitt@de.ibm.com>
      Signed-off-by: NJames Bottomley <James.Bottomley@suse.de>
      14718e3c
    • S
      [SCSI] zfcp: No ERP escalation on gpn_ft eval · d3e1088d
      Swen Schillig 提交于
      If the evaluation of GPN_FT requests wants to remove an invalid port
      from the system the zfcp_erp_port_shutdown function is triggered.
      Depending on the system status a superior action (e.g. adapter reopen)
      is required. This can lead to an invalid mem access of the port struct
      which might be freed at the time since the superior action is not
      holding a reference of the port which triggered this ERP action.
      Signed-off-by: NSwen Schillig <swen@vnet.ibm.com>
      Signed-off-by: NChristof Schmitt <christof.schmitt@de.ibm.com>
      Signed-off-by: NJames Bottomley <James.Bottomley@suse.de>
      d3e1088d
    • S
      [SCSI] zfcp: Correct false abort data assignment. · 6fbf25e8
      Swen Schillig 提交于
      The request data assignment between the fsf abort initiator and its
      corresponding handler is not consistent and leads to an unpredictable
      behaviour, e.g. kernel panic.  This patch fixes this issue and assigns
      the correct value.
      Signed-off-by: NSwen Schillig <swen@vnet.ibm.com>
      Signed-off-by: NChristof Schmitt <christof.schmitt@de.ibm.com>
      Signed-off-by: NJames Bottomley <James.Bottomley@suse.de>
      6fbf25e8
    • S
      [SCSI] zfcp: Fix common FCP request reception · 5bfb2c31
      Swen Schillig 提交于
      The reception of a common FCP request should only be evaluated if the
      corresponding SCSI request data is available. Therefore put the
      information under the lock protection and verify the existence before
      processing.  This fixes the following kernel panic.
      
      Unable to handle kernel pointer dereference at virtual kernel address 0000000180000000
      Oops: 003b [#1] PREEMPT SMP DEBUG_PAGEALLOC
      CPU: 0 Not tainted 2.6.35.7-45.x.20101007-s390xdefault #1
      Process blast (pid: 9711, task: 00000000a3be8e40, ksp: 00000000b221bac0)
      Krnl PSW : 0704300180000000 0000000000489878 (zfcp_fsf_fcp_handler_common+0x4c/0x3a0)
                 R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:0 CC:3 PM:0 EA:3
      Krnl GPRS: 00000000b663c1b8 0000000180000000 000000007ab5bdf0 0000000000000000
                 00000000b0ccd800 0000000000000018 07000000a3be8e78 00000000b5d3e600
                 000000007ab5bdf0 0000000000000066 00000000b72137f0 00000000b72137f0
                 0000000000000000 00000000005a8178 00000000bdf37a60 00000000bdf379f0
      Krnl Code: 0000000000489866: e3c030000004       lg      %r12,0(%r3)
                 000000000048986c: e310c0000004       lg      %r1,0(%r12)
                 0000000000489872: e31011e00004       lg      %r1,480(%r1)
                >0000000000489878: 581011ec           l       %r1,492(%r1)
                 000000000048987c: a774001c           brc     7,4898b4
                 0000000000489880: b91400b1           lgfr    %r11,%r1
                 0000000000489884: 5810405c           l       %r1,92(%r4)
                 0000000000489888: 5510d00c           cl      %r1,12(%r13)
      Call Trace:
      ([<000000000010d344>] debug_event_common+0x22c/0x244)
       [<000000000048a0b4>] zfcp_fsf_fcp_cmnd_handler+0x2c/0x3b4
       [<000000000048b5b6>] zfcp_fsf_req_complete+0x1b6/0x9dc
       [<000000000048bede>] zfcp_fsf_reqid_check+0x102/0x138
       [<000000000048e478>] zfcp_qdio_int_resp+0x70/0x110
       [<000000000044a1ec>] qdio_kick_handler+0xb0/0x19c
       [<000000000044c228>] __tiqdio_inbound_processing+0x30c/0xebc
       [<000000000014a5fc>] tasklet_action+0x1b4/0x1e8
       [<000000000014b676>] __do_softirq+0x106/0x1cc
       [<000000000010d91a>] do_softirq+0xe6/0xec
       [<000000000014b0c8>] irq_exit+0xd4/0xd8
       [<00000000004307ec>] do_IRQ+0x7c0/0xf54
       [<0000000000114d28>] io_return+0x0/0x16
       [<000000000055fef0>] sub_preempt_count+0x50/0xe4
      ([<00000000b1f873c0>] 0xb1f873c0)
       [<000000000055e25a>] _raw_spin_unlock+0x46/0x74
       [<0000000000241c40>] __d_lookup+0x288/0x2c8
       [<000000000023502c>] do_lookup+0x7c/0x25c
       [<0000000000237fa8>] link_path_walk+0x5e4/0xe2c
       [<0000000000238a00>] path_walk+0x98/0x148
       [<0000000000238c98>] do_path_lookup+0x74/0xc0
       [<000000000023989c>] user_path_at+0x64/0xa4
       [<000000000022e366>] vfs_fstatat+0x4e/0xb0
       [<000000000022e4d6>] SyS_newstat+0x2e/0x54
       [<00000000001146de>] sysc_noemu+0x10/0x16
       [<0000020000153456>] 0x20000153456
      INFO: lockdep is turned off.
      Last Breaking-Event-Address:
       [<000000000048a0ae>] zfcp_fsf_fcp_cmnd_handler+0x26/0x3b4
      Signed-off-by: NSwen Schillig <swen@vnet.ibm.com>
      Signed-off-by: NChristof Schmitt <christof.schmitt@de.ibm.com>
      Signed-off-by: NJames Bottomley <James.Bottomley@suse.de>
      5bfb2c31
  3. 17 11月, 2010 1 次提交
    • J
      SCSI host lock push-down · f281233d
      Jeff Garzik 提交于
      Move the mid-layer's ->queuecommand() invocation from being locked
      with the host lock to being unlocked to facilitate speeding up the
      critical path for drivers who don't need this lock taken anyway.
      
      The patch below presents a simple SCSI host lock push-down as an
      equivalent transformation.  No locking or other behavior should change
      with this patch.  All existing bugs and locking orders are preserved.
      
      Additionally, add one parameter to queuecommand,
      	struct Scsi_Host *
      and remove one parameter from queuecommand,
      	void (*done)(struct scsi_cmnd *)
      
      Scsi_Host* is a convenient pointer that most host drivers need anyway,
      and 'done' is redundant to struct scsi_cmnd->scsi_done.
      
      Minimal code disturbance was attempted with this change.  Most drivers
      needed only two one-line modifications for their host lock push-down.
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      Acked-by: NJames Bottomley <James.Bottomley@suse.de>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      f281233d
  4. 25 10月, 2010 3 次提交
  5. 15 10月, 2010 1 次提交
    • A
      llseek: automatically add .llseek fop · 6038f373
      Arnd Bergmann 提交于
      All file_operations should get a .llseek operation so we can make
      nonseekable_open the default for future file operations without a
      .llseek pointer.
      
      The three cases that we can automatically detect are no_llseek, seq_lseek
      and default_llseek. For cases where we can we can automatically prove that
      the file offset is always ignored, we use noop_llseek, which maintains
      the current behavior of not returning an error from a seek.
      
      New drivers should normally not use noop_llseek but instead use no_llseek
      and call nonseekable_open at open time.  Existing drivers can be converted
      to do the same when the maintainer knows for certain that no user code
      relies on calling seek on the device file.
      
      The generated code is often incorrectly indented and right now contains
      comments that clarify for each added line why a specific variant was
      chosen. In the version that gets submitted upstream, the comments will
      be gone and I will manually fix the indentation, because there does not
      seem to be a way to do that using coccinelle.
      
      Some amount of new code is currently sitting in linux-next that should get
      the same modifications, which I will do at the end of the merge window.
      
      Many thanks to Julia Lawall for helping me learn to write a semantic
      patch that does all this.
      
      ===== begin semantic patch =====
      // This adds an llseek= method to all file operations,
      // as a preparation for making no_llseek the default.
      //
      // The rules are
      // - use no_llseek explicitly if we do nonseekable_open
      // - use seq_lseek for sequential files
      // - use default_llseek if we know we access f_pos
      // - use noop_llseek if we know we don't access f_pos,
      //   but we still want to allow users to call lseek
      //
      @ open1 exists @
      identifier nested_open;
      @@
      nested_open(...)
      {
      <+...
      nonseekable_open(...)
      ...+>
      }
      
      @ open exists@
      identifier open_f;
      identifier i, f;
      identifier open1.nested_open;
      @@
      int open_f(struct inode *i, struct file *f)
      {
      <+...
      (
      nonseekable_open(...)
      |
      nested_open(...)
      )
      ...+>
      }
      
      @ read disable optional_qualifier exists @
      identifier read_f;
      identifier f, p, s, off;
      type ssize_t, size_t, loff_t;
      expression E;
      identifier func;
      @@
      ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
      {
      <+...
      (
         *off = E
      |
         *off += E
      |
         func(..., off, ...)
      |
         E = *off
      )
      ...+>
      }
      
      @ read_no_fpos disable optional_qualifier exists @
      identifier read_f;
      identifier f, p, s, off;
      type ssize_t, size_t, loff_t;
      @@
      ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
      {
      ... when != off
      }
      
      @ write @
      identifier write_f;
      identifier f, p, s, off;
      type ssize_t, size_t, loff_t;
      expression E;
      identifier func;
      @@
      ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
      {
      <+...
      (
        *off = E
      |
        *off += E
      |
        func(..., off, ...)
      |
        E = *off
      )
      ...+>
      }
      
      @ write_no_fpos @
      identifier write_f;
      identifier f, p, s, off;
      type ssize_t, size_t, loff_t;
      @@
      ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
      {
      ... when != off
      }
      
      @ fops0 @
      identifier fops;
      @@
      struct file_operations fops = {
       ...
      };
      
      @ has_llseek depends on fops0 @
      identifier fops0.fops;
      identifier llseek_f;
      @@
      struct file_operations fops = {
      ...
       .llseek = llseek_f,
      ...
      };
      
      @ has_read depends on fops0 @
      identifier fops0.fops;
      identifier read_f;
      @@
      struct file_operations fops = {
      ...
       .read = read_f,
      ...
      };
      
      @ has_write depends on fops0 @
      identifier fops0.fops;
      identifier write_f;
      @@
      struct file_operations fops = {
      ...
       .write = write_f,
      ...
      };
      
      @ has_open depends on fops0 @
      identifier fops0.fops;
      identifier open_f;
      @@
      struct file_operations fops = {
      ...
       .open = open_f,
      ...
      };
      
      // use no_llseek if we call nonseekable_open
      ////////////////////////////////////////////
      @ nonseekable1 depends on !has_llseek && has_open @
      identifier fops0.fops;
      identifier nso ~= "nonseekable_open";
      @@
      struct file_operations fops = {
      ...  .open = nso, ...
      +.llseek = no_llseek, /* nonseekable */
      };
      
      @ nonseekable2 depends on !has_llseek @
      identifier fops0.fops;
      identifier open.open_f;
      @@
      struct file_operations fops = {
      ...  .open = open_f, ...
      +.llseek = no_llseek, /* open uses nonseekable */
      };
      
      // use seq_lseek for sequential files
      /////////////////////////////////////
      @ seq depends on !has_llseek @
      identifier fops0.fops;
      identifier sr ~= "seq_read";
      @@
      struct file_operations fops = {
      ...  .read = sr, ...
      +.llseek = seq_lseek, /* we have seq_read */
      };
      
      // use default_llseek if there is a readdir
      ///////////////////////////////////////////
      @ fops1 depends on !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      identifier readdir_e;
      @@
      // any other fop is used that changes pos
      struct file_operations fops = {
      ... .readdir = readdir_e, ...
      +.llseek = default_llseek, /* readdir is present */
      };
      
      // use default_llseek if at least one of read/write touches f_pos
      /////////////////////////////////////////////////////////////////
      @ fops2 depends on !fops1 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      identifier read.read_f;
      @@
      // read fops use offset
      struct file_operations fops = {
      ... .read = read_f, ...
      +.llseek = default_llseek, /* read accesses f_pos */
      };
      
      @ fops3 depends on !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      identifier write.write_f;
      @@
      // write fops use offset
      struct file_operations fops = {
      ... .write = write_f, ...
      +	.llseek = default_llseek, /* write accesses f_pos */
      };
      
      // Use noop_llseek if neither read nor write accesses f_pos
      ///////////////////////////////////////////////////////////
      
      @ fops4 depends on !fops1 && !fops2 && !fops3 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      identifier read_no_fpos.read_f;
      identifier write_no_fpos.write_f;
      @@
      // write fops use offset
      struct file_operations fops = {
      ...
       .write = write_f,
       .read = read_f,
      ...
      +.llseek = noop_llseek, /* read and write both use no f_pos */
      };
      
      @ depends on has_write && !has_read && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      identifier write_no_fpos.write_f;
      @@
      struct file_operations fops = {
      ... .write = write_f, ...
      +.llseek = noop_llseek, /* write uses no f_pos */
      };
      
      @ depends on has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      identifier read_no_fpos.read_f;
      @@
      struct file_operations fops = {
      ... .read = read_f, ...
      +.llseek = noop_llseek, /* read uses no f_pos */
      };
      
      @ depends on !has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
      identifier fops0.fops;
      @@
      struct file_operations fops = {
      ...
      +.llseek = noop_llseek, /* no read or write fn */
      };
      ===== End semantic patch =====
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Cc: Julia Lawall <julia@diku.dk>
      Cc: Christoph Hellwig <hch@infradead.org>
      6038f373
  6. 08 10月, 2010 1 次提交
  7. 17 9月, 2010 11 次提交
  8. 11 9月, 2010 1 次提交
  9. 10 9月, 2010 1 次提交
  10. 09 9月, 2010 1 次提交
  11. 28 7月, 2010 14 次提交