1
linux/drivers/scsi/isci
Jeff Skirvin 0e2e27990e [SCSI] isci: Lookup device references through requests in completions.
The LLDD needs to obtain a reference to the device through the request
itself and not through the domain_device, because the
domain_device.lldd_dev is set to NULL early in the lldd_dev_gone call.
This relies on the fact that the isci_remote_device object is keeping a
seperate reference count of outstanding requests.  TODO: unify the
request count tracking with the isci_remote_device kref.

The failure signature of this condition looks like the following
log, where the important bits are the call to lldd_dev_gone followed
by a crash in isci_terminate_request_core:

[  229.151541] isci 0000:0b:00.0: isci_remote_device_gone: domain_device = ffff8801492d4800, isci_device = ffff880143c657d0, isci_port = ffff880143c63658
[  229.166007] isci 0000:0b:00.0: isci_remote_device_stop: isci_device = ffff880143c657d0
[  229.175317] isci 0000:0b:00.0: isci_terminate_pending_requests: idev=ffff880143c657d0 request=ffff88014741f000; task=ffff8801470f46c0 old_state=2
[  229.189702] isci 0000:0b:00.0: isci_terminate_request_core: device = ffff880143c657d0; request = ffff88014741f000
[  229.201339] isci 0000:0b:00.0: isci_terminate_request_core: before completion wait (ffff88014741f000/ffff880149715ad0)
[  229.213414] isci 0000:0b:00.0: sci_controller_process_completions: completion queue entry:0x8000a0e9
[  229.214401] BUG: unable to handle kernel NULL pointer dereference at 0000000000000228
[  229.214401] IP:jdskirvi-testlbo [<ffffffffa00a58be>] sci_request_completed_state_enter+0x50/0xafb [isci]
[  229.214401] PGD 13d19e067 PUD 13d104067 PMD 0
[  229.214401] Oops: 0000 [#1] SMP
[  229.214401] CPU 0 x kernel: [  226
[  229.214401] Modules linked in: ipv6 dm_multipath uinput nouveau snd_hda_codec_realtek snd_hda_intel ttm drm_kms_helper drm snd_hda_codec snd_hwdep snd_pcm snd_timer i2c_algo_bit isci snd libsas ioatdma mxm_wmi iTCO_wdt soundcore snd_page_alloc scsi_transport_sas iTCO_vendor_support wmi dca video i2c_i801 i2c_core [last unloaded: speedstep_lib]
[  229.214401]
[  229.214401] Pid: 5, comm: kworker/u:0 Not tainted 3.0.0-isci-11.7.29+ #30.353196] Buffer  Intel Corporation Stoakley/Pearlcity Workstation
[  229.214401] RIP: 0010:[<ffffffffa00a58be>] I/O error on dev [<ffffffffa00a58be>] sci_request_completed_state_enter+0x50/0xafb [isci]
[  229.214401] RSP: 0018:ffff88014fc03d20  EFLAGS: 00010046
[  229.214401] RAX: 0000000000000000 RBX: ffff88014741f000 RCX: 0000000000000000
[  229.214401] RDX: ffffffffa00b2c90 RSI: 0000000000000017 RDI: ffff88014741f0a0
[  229.214401] RBP: ffff88014fc03d90 R08: 0000000000000018 R09: 0000000000000000
[  229.214401] R10: 0000000000000000 R11: ffffffff81a17d98 R12: 000000000000001d
[  229.214401] R13: ffff8801470f46c0 R14: 0000000000000000 R15: 0000000000008000
[  229.214401] FS:  0000000000000000(0000) GS:ffff88014fc00000(0000) knlGS:0000000000000000
[  229.214401] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  229.214401] CR2: 0000000000000228 CR3: 000000013ceaa000 CR4: 00000000000406f0
[  229.214401] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  229.214401] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  229.214401] Process kworker/u:0 (pid: 5, threadinfo ffff880149714000, task ffff880149718000)
[  229.214401] Call Trace:
[  229.214401]  <IRQ>
[  229.214401]  [<ffffffffa00aa6ce>] sci_change_state+0x4a/0x4f [isci]
[  229.214401]  [<ffffffffa00a4ca6>] sci_io_request_tc_completion+0x79c/0x7a0 [isci]
[  229.214401]  [<ffffffffa00acf35>] sci_controller_process_completions+0x14f/0x396 [isci]
[  229.214401]  [<ffffffffa00abbda>] ? spin_lock_irq+0xe/0x10 [isci]
[  229.214401]  [<ffffffffa00ad2cf>] isci_host_completion_routine+0x71/0x2be [isci]
[  229.214401]  [<ffffffff8107c6b3>] ? mark_held_locks+0x52/0x70
[  229.214401]  [<ffffffff810538e8>] tasklet_action+0x90/0xf1
[  229.214401]  [<ffffffff81054050>] __do_softirq+0xe5/0x1bf
[  229.214401]  [<ffffffff8106d9d1>] ? hrtimer_interrupt+0x129/0x1bb
[  229.214401]  [<ffffffff814ff69c>] call_softirq+0x1c/0x30
[  229.214401]  [<ffffffff8100bb67>] do_softirq+0x4b/0xa3
[  229.214401]  [<ffffffff81053d84>] irq_exit+0x53/0xb4
[  229.214401]  [<ffffffff814fffe7>] smp_apic_timer_interrupt+0x83/0x91
[  229.214401]  [<ffffffff814fee53>] apic_timer_interrupt+0x13/0x20
[  229.214401]  <EOI>
[  229.214401]  [<ffffffff814f7ad4>] ? retint_restore_args+0x13/0x13
[  229.214401]  [<ffffffff8107af29>] ? trace_hardirqs_off+0xd/0xf
[  229.214401]  [<ffffffff8104ea71>] ? vprintk+0x40b/0x452
[  229.214401]  [<ffffffff814f4b5a>] printk+0x41/0x47
[  229.214401]  [<ffffffff81314484>] __dev_printk+0x78/0x7a
[  229.214401]  [<ffffffff8131471e>] dev_printk+0x45/0x47
[  229.214401]  [<ffffffffa00ae2a3>] isci_terminate_request_core+0x15d/0x317 [isci]
[  229.214401]  [<ffffffffa00af1ad>] isci_terminate_pending_requests+0x1a4/0x204 [isci]
[  229.214401]  [<ffffffffa00229f6>] ? sas_phye_oob_error+0xc3/0xc3 [libsas]
[  229.214401]  [<ffffffffa00a7d9e>] isci_remote_device_nuke_requests+0xa6/0xff [isci]
[  229.214401]  [<ffffffffa00a811a>] isci_remote_device_stop+0x7c/0x166 [isci]
[  229.214401]  [<ffffffffa00229f6>] ? sas_phye_oob_error+0xc3/0xc3 [libsas]
[  229.214401]  [<ffffffffa00a827a>] isci_remote_device_gone+0x76/0x7e [isci]
[  229.214401]  [<ffffffffa002363e>] sas_notify_lldd_dev_gone+0x34/0x36 [libsas]
[  229.214401]  [<ffffffffa0023945>] sas_unregister_dev+0x57/0x9c [libsas]
[  229.214401]  [<ffffffffa00239c0>] sas_unregister_domain_devices+0x36/0x65 [libsas]
[  229.214401]  [<ffffffffa0022cb8>] sas_deform_port+0x72/0x1ac [libsas]
[  229.214401]  [<ffffffffa00229f6>] ? sas_phye_oob_error+0xc3/0xc3 [libsas]
[  229.214401]  [<ffffffffa0022a34>] sas_phye_loss_of_signal+0x3e/0x42 [libsas]

Signed-off-by: Jeff Skirvin <jeffrey.d.skirvin@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2011-10-31 13:14:44 +04:00
..
firmware isci: Added support for C0 to SCU Driver 2011-07-03 04:04:50 -07:00
host.c [SCSI] isci: initial sgpio write support 2011-09-22 15:01:56 +04:00
host.h [SCSI] isci: initial sgpio write support 2011-09-22 15:01:56 +04:00
init.c [SCSI] isci: initial sgpio write support 2011-09-22 15:01:56 +04:00
isci.h [SCSI] isci: fix support for large smp requests 2011-10-02 13:07:17 -05:00
Makefile isci: merge sata.[ch] into request.c 2011-07-03 04:04:52 -07:00
phy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6 2011-10-28 16:44:18 -07:00
phy.h isci: kill 'get/set' macros 2011-07-03 04:04:52 -07:00
port_config.c [SCSI] isci: fix missed unlock in apc_agent_timeout() 2011-10-02 13:08:00 -05:00
port.c [SCSI] isci: The port state should be set to stopping on the last phy. 2011-10-02 13:22:28 -05:00
port.h isci: kill 'get/set' macros 2011-07-03 04:04:52 -07:00
probe_roms.c [SCSI] isci: fix checkpatch errors 2011-07-03 14:26:24 -05:00
probe_roms.h isci: retire scic_sds_ and scic_ prefixes 2011-07-03 04:04:52 -07:00
registers.h [SCSI] isci: fix sgpio register definitions 2011-09-22 15:00:56 +04:00
remote_device.c [SCSI] isci: atapi support 2011-10-02 13:20:03 -05:00
remote_device.h [SCSI] isci: atapi support 2011-10-02 13:20:03 -05:00
remote_node_context.c isci: kill 'get/set' macros 2011-07-03 04:04:52 -07:00
remote_node_context.h isci: kill 'get/set' macros 2011-07-03 04:04:52 -07:00
remote_node_table.c isci: retire scic_sds_ and scic_ prefixes 2011-07-03 04:04:52 -07:00
remote_node_table.h isci: retire scic_sds_ and scic_ prefixes 2011-07-03 04:04:52 -07:00
request.c [SCSI] isci: Lookup device references through requests in completions. 2011-10-31 13:14:44 +04:00
request.h [SCSI] isci: atapi support 2011-10-02 13:20:03 -05:00
sas.h [SCSI] isci: fix support for large smp requests 2011-10-02 13:07:17 -05:00
scu_completion_codes.h isci: uplevel register hardware data structures and unsolicited frame handling 2011-07-03 04:04:47 -07:00
scu_event_codes.h isci: uplevel register hardware data structures and unsolicited frame handling 2011-07-03 04:04:47 -07:00
scu_remote_node_context.h isci: move remote_device handling out of the core 2011-07-03 04:00:38 -07:00
scu_task_context.h isci: uplevel register hardware data structures and unsolicited frame handling 2011-07-03 04:04:47 -07:00
task.c [SCSI] libsas: export sas_alloc_task() 2011-08-27 08:35:13 -06:00
task.h [SCSI] isci: SATA/STP I/O is only returned in the normal path to libsas 2011-10-02 13:21:24 -05:00
unsolicited_frame_control.c [SCSI] isci: fix 32-bit operation when CONFIG_HIGHMEM64G=n 2011-08-23 19:50:27 -07:00
unsolicited_frame_control.h [SCSI] isci: fix 32-bit operation when CONFIG_HIGHMEM64G=n 2011-08-23 19:50:27 -07:00