| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nowadays MTD supports an MTD_OOB_AUTO option which allows users
to access free bytes in NAND's OOB as a contiguous buffer, although
it may be highly discontinuous.
This patch teaches JFFS2 to use this nice feature instead of the
old MTD_OOB_PLACE option. This for example caused problems with
OneNAND. Now JFFS2 does not care how are the free bytes situated.
This may change position of the clean marker on some flashes,
but this is not a problem. JFFS2 will just re-erase the empty
eraseblocks and write the new (correct) clean marker.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
| |
Add more comment to OOB I/O interface. Read/write are not
symmetric which is confusing and should be documented.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove unused and broken mtd->ecctype and mtd->eccsize fields
from struct mtd_info. Do not remove them from userspace API
data structures (don't want to breake userspace) but mark them
as obsolete by a comment. Any userspace program which uses them
should be half-broken anyway, so this is more about saving
data structure size.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove ugly and weird MTD_PROGREGION_CTRLMODE_VALID() and
MTD_PROGREGION_CTRLMODE_INVALID() macros. There is only one
user of them and they are used locally just for printing.
Anyway, this patch is a preparation for removing mtd->ecctype
and mtd->eccsize, but these macros use them. Fix this.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
| |
The cfi_staa_write_buffers() uses mtd->eccsize but means mtd->writesize.
BTW, mtd-eccsize is broken and is not initialized, which means the code
fixed by this patch is broken/unused anyway.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
| |
OneNAND has internal bufferRAMs. The driver keeps track of
what is in the bufferRAM to save having to load from the
NAND core. After an erase operation, the driver must
mark bufferRAM invalid if it refers to the erased block.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
| |
This fixes a regression with the RedBoot parsing code introduced by
commit 0b47d654089c5ce3f2ea26a4485db9bcead1e515
Signed-off-by: Martin Michlmayr <tbm@cyrius.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
err_pos_lut[4096] of an array with 4096 elements is a bug.
Spotted by the Coverity checker.
While I was at it, I also converted it to ARRAY_SIZE().
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add checks to ensure that out-of-band reads and writes are
not attempted with an invalid offset or length. Specifically,
the offset must be less than the size of oob for a page
and the length must not go beyond the size of the device.
Additionally the checks must adjust for auto-placement
(MTD_OOB_AUTO) of oob data.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
| |
If jffs2_sum_init() fails, c->blocks is not freed neither in
jffs2_do_mount_fs() nor in jffs2_do_fill_super().
Signed-off-by: Dmitry Adamushko <dmitry.adamushko@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
| |
This patch adds support for 64 bit resources enabled via the
CONFIG_RESOURCES_64BIT option. Now a 64 bit can be passed to the
physmap driver.
Signed-off-by: Stefan Roese <sr@denx.de>
Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
| |
Replace the inclusion of linux/mtd/map.h with a forward-declaration
of struct map_info. This allows linux/mtd/physmap.h to be included by
e.g. board code even if the MTD subsystem is disabled.
Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |
|
|
|
|
|
|
|
|
| |
In commit c172471b78255a5cf6d05383d9ebbf0c6683167a Nico switched to using
common code for polling for command completion. Unfortunately he also used
a common default timeout for both write and erase commands, despite the
fact that erases can take a _whole_ lot longer. Use a more sensible
default for erase timeout.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OneNAND double-density package (DDP) has two chips, each with
their own bufferRAM. The driver will skip loading data from
the NAND core if the data can be found in a bufferRAM, however
in that case, the correct chip's bufferRAM must be selected
before reading from bufferRAM.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Provide the bad block scan with its own read function so that important error
messages that are not from the the bad block scan, can always be printed.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When a write is done, the length written is returned. When a
single subpage is written the length returned should be the
subpage size, however the page size was being returned.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
OneNAND can write oob to successive pages, but NAND
does not do that. For compatibility, disallow OneNAND
from writing past the end of the page.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| | |
In previos patch, there's typo so fix it
Remove unnecessary goto statement
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It use blockpage instead of a pair (block, page). It can also cover a small chunk access. 0x00, 0x20, 0x40 and so on.
And in JFFS2 behavior, sometimes it reads two pages alternatively.
e.g., It first reads A page, B page and A page.
So we check another bufferram to find requested page.
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
- Iterations of the patch to add oob auto-placement support to OneNAND left a line of code that was meant to have been deleted.
- read mtd->oobsize in onenand_transfer_auto_oob to optimized memcpy
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Enable the use of oob operation mode MTD_OOB_AUTO with OneNAND.
Note that MTD_OOB_RAW is still not supported.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| | |
- Remove unused fields
- Fix typo
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When write-verify is enabled (CONFIG_MTD_ONENAND_VERIFY_WRITE),
the data written is read back and compared. The comparison
was being made between dataRAM buffers, but this does not
verify that the data made it to the dataRAM correctly in
the first place. This patch amends write-verify to
compare back to the original buffer. It also now verifies
sub-page writes.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| | |
OneNAND records bad block information in the out-of-band area of either the first or second page of a block. Due to a logic error, only the first page was being checked.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
OneNAND does 2 memory allocations for bad block information.
Only one of them was being freed.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| | |
Update copyrights and code cleanup
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| | |
- DDP code clean-up
- Reduce block & bufferram operations in DDP
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If OneNAND is operating within specification, all operations should easily be
completed within the 20 millisecond timeout.
This patch faithlessly adds a check for the timeout and returns an error in
that case.
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| | |
We have to set ONENAND_REG_START_BLOCK_ADDRESS to avoid status error
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fixes kernel-doc warning in mtd/nand.h.
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
CONFIG_MTD_CK804XROM=y, CONFIG_PCI=n results in the following compile
error:
CC drivers/mtd/maps/ck804xrom.o
ck804xrom.c: In function 'ck804xrom_init_one':
ck804xrom.c:114: error: implicit declaration of function 'pci_dev_get'
ck804xrom.c:114: warning: assignment makes pointer from integer without a cast
make[4]: *** [drivers/mtd/maps/ck804xrom.o] Error 1
Considering what hardware this driver is driving, a dependency on PCI
also seems logical.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Cc: Ryan Jackson <rjackson@lnxi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| | |
| |
| |
| |
| |
| | |
Noticed by Ingo.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
| |\ \
| | |
| | |
| | | |
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When calling into the EFI firmware, the parameters need to be passed on
the stack. The recent change to use -mregparm=3 breaks x86 EFI support.
This patch is needed to allow the new Intel-based Macs to suspend to ram
(efi.get_time is called during the suspend phase).
Signed-off-by: Frederic Riss <frederic.riss@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
That code doesn't do what its author apparently thought it would do...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6:
[SCSI] sd: udev accessing an uninitialized scsi_disk field results in a crash
[SCSI] st: A MTIOCTOP/MTWEOF within the early warning will cause the file number to be incorrect
[SCSI] qla4xxx: bug fixes
[SCSI] Fix scsi_add_device() for async scanning
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
sd_probe() calls class_device_add() even before initializing the
sdkp->device variable. class_device_add() eventually results in the user mode
udev program to be called. udev program can read the the allow_restart
attribute of the newly created scsi device. This is resulting in a crash as
the show function for allow_restart (i.e sd_show_allow_restart) returns the
attribute value by reading the sdkp->device->allow_restart variable. As the
sdkp->device is not initialized before calling the user mode hotplug helper,
this results in a crash.
The patch below solves it by calling class_device_add() only after the
necessary fields in the scsi_disk structure are initialized properly.
Signed-off-by: Nagendra Singh Tomar <nagendra_tomar@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
number to be incorrect
On Wed, 24 Jan 2007, Andrew Morton wrote:
> On Mon, 22 Jan 2007 13:07:20 -0800
> bugme-daemon@bugzilla.kernel.org wrote:
>
> > http://bugzilla.kernel.org/show_bug.cgi?id=7864
> >
> > Summary: A MTIOCTOP/MTWEOF within the early warning will cause
> > the file number to be incorrect
> > Kernel Version: 2.6.19.2
> > Status: NEW
> > Severity: low
> > Owner: io_scsi@kernel-bugs.osdl.org
> > Submitter: ce_reisinger@yahoo.com
> >
> >
> > Write records to a SCSI tape until a write fails with a ENOSPC (you have reached
> > early warning.
> > Now perform a:
> > struct mtget before, after;
> > ioctl(fd, MTIOCGET, &before);
> > struct mtop mtop = { MTWEOF, 1 };
> > ioctl(fd, MTIOCTOP, &mtop);
> > ioctl(fd, MTIOCGET, &after);
> >
> > Check the value of mt_fileno in the before and after structures. Notice the
> > after is 2 greater then the before.
> >
> > The problem appears to be in the block of code starting at line 2817 in st.c.
> > This block is entered because the drive did return a CHECK CONDITION with NO
> > SENSE and the SENSE_EOM bit set. At lines 2824/5 the fileno is incremented. But
> > it has already been increased by the number of filemarks requested by the
> > MTIOCTOP. I believe that the residue count in the sense data should be
> > subtracted from fileno, not a increment as is done.
> >
>
> Thanks. Could you please send us a tested patch to fix these things, as
> per http://www.zip.com.au/~akpm/linux/patches/stuff/tpp.txt ?
>
The analysis is basically correct and explains the bug. According to the
SCSI standards, the sense code is NO SENSE or RECOVERED ERROR in case
writing filemark(s) succeeds. If it fails (partly or completely) the sense
code is VOLUME OVERFLOW. The patch below is tested to fix the case when
one filemark is successfully written after the EOM early warning. It
should also fix the case at real EOM but this has not been tested.
Carl, thanks for reporting the bug and providing the analysis for the fix.
Signed-off-by: Kai Makisara <kai.makisara@kolumbus.fi>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The included patch fixes the following issues:
1. qla3xxx/qla4xxx co-existence issue which can result in a lockup
when qla3xxx driver is unloaded, or when ifdown; ifup is performed on
one of the interfaces correponding to qla3xxx. This is because qla4xxx
HBA supports one ethernet and iscsi interfaces per port. Both iscsi
and ethernet interfaces share the same state machine. The problem has
to do with synchronizing access to the state machine in the event of a
reset
2. mutex_lock() is sometimes not followed by mutex_unlock() prior to
invoking a msleep() in qla4xxx_mailbox_command()
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I had thought that all drivers which didn't call scsi_scan_host()
called scsi_scan_target(). Some, such as sbp2, mptsas and libata-scsi,
call scsi_add_device() or __scsi_add_device(). We just need to wait
for the currently executing async scans to complete first. This is the
same code that's in scsi_scan_target(), except that we have to return
an error instead of void when we're declining to scan at all.
Signed-off-by: Matthew Wilcox <matthew@wil.cx>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
x86-64 is missing these:
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The SN Altix platform does not conform to the IOSAPIC IRQ routing model.
Add code in acpi_unregister_gsi() to check if (acpi_irq_model ==
ACPI_IRQ_MODEL_PLATFORM) and return.
Due to an oversight, this code was not added previously when
similar code was added to acpi_register_gsi().
http://marc.theaimsgroup.com/?l=linux-acpi&m=116680983430121&w=2
Signed-off-by: John Keller <jpk@sgi.com>
Acked-by: Len Brown <lenb@kernel.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Andrew Vasquez is reporting as-iosched oopses and a 65% throughput
slowdown due to the recent special-casing of direct-io against
blockdevs. We don't know why either of these things are occurring.
The patch minimally reverts us back to the 2.6.19 code for a 2.6.20
release.
Cc: Andrew Vasquez <andrew.vasquez@qlogic.com>
Cc: Ken Chen <kenchen@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We went and named them __NR_sys_foo instead of __NR_foo.
It may be too late to change this, but we can at least add the proper names
now.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
smc911x_phy_configure's error handling unconditionally unlocks the
spinlock even if it wasn't locked. Patch fixes it.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Cc: Jeff Garzik <jeff@garzik.org>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch fixes up ia64 kexec support for HP rx2620 hardware. It does
this by skipping migration of already disabled irqs. This is most likely a
problem on other ia64 platforms as well, but I've only been able to
reproduce it on one machine so far.
The full story is that handle_bad_irq() gets invoked before starting the
new kernel without this patch. This seems to happen when fixup_irqs()
calls generic_handle_irq() on already migrated (and disabled) irqs. So by
avoiding migration of disabled irqs we stay away of handle_bad_irq().
The code has been tested on three different ia64 machines, all with good
results. It is possible to trigger the same bug by offlining a processor
using echo 0 > /sys/devices/system/cpu/cpuX/online.
More detailed information is available in the following mail thread:
http://lists.osdl.org/pipermail/fastboot/2007-January/thread.html#5774
Signed-off-by: Magnus Damm <magnus@valinux.co.jp>
Acked-by: Simon Horman <horms@verge.net.au>
Acked-by: Zou, Nanhai <nanhai.zou@intel.com>
Acked-by: Jay Lan <jlan@sgi.com>
Acked-by: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
An AIO bug was reported that sleeping function is being called in softirq
context:
BUG: warning at kernel/mutex.c:132/__mutex_lock_common()
Call Trace:
[<a000000100577b00>] __mutex_lock_slowpath+0x640/0x6c0
[<a000000100577ba0>] mutex_lock+0x20/0x40
[<a0000001000a25b0>] flush_workqueue+0xb0/0x1a0
[<a00000010018c0c0>] __put_ioctx+0xc0/0x240
[<a00000010018d470>] aio_complete+0x2f0/0x420
[<a00000010019cc80>] finished_one_bio+0x200/0x2a0
[<a00000010019d1c0>] dio_bio_complete+0x1c0/0x200
[<a00000010019d260>] dio_bio_end_aio+0x60/0x80
[<a00000010014acd0>] bio_endio+0x110/0x1c0
[<a0000001002770e0>] __end_that_request_first+0x180/0xba0
[<a000000100277b90>] end_that_request_chunk+0x30/0x60
[<a0000002073c0c70>] scsi_end_request+0x50/0x300 [scsi_mod]
[<a0000002073c1240>] scsi_io_completion+0x200/0x8a0 [scsi_mod]
[<a0000002074729b0>] sd_rw_intr+0x330/0x860 [sd_mod]
[<a0000002073b3ac0>] scsi_finish_command+0x100/0x1c0 [scsi_mod]
[<a0000002073c2910>] scsi_softirq_done+0x230/0x300 [scsi_mod]
[<a000000100277d20>] blk_done_softirq+0x160/0x1c0
[<a000000100083e00>] __do_softirq+0x200/0x240
[<a000000100083eb0>] do_softirq+0x70/0xc0
See report: http://marc.theaimsgroup.com/?l=linux-kernel&m=116599593200888&w=2
flush_workqueue() is not allowed to be called in the softirq context.
However, aio_complete() called from I/O interrupt can potentially call
put_ioctx with last ref count on ioctx and triggers bug. It is simply
incorrect to perform ioctx freeing from aio_complete.
The bug is trigger-able from a race between io_destroy() and aio_complete().
A possible scenario:
cpu0 cpu1
io_destroy aio_complete
wait_for_all_aios { __aio_put_req
... ctx->reqs_active--;
if (!ctx->reqs_active)
return;
}
...
put_ioctx(ioctx)
put_ioctx(ctx);
__put_ioctx
bam! Bug trigger!
The real problem is that the condition check of ctx->reqs_active in
wait_for_all_aios() is incorrect that access to reqs_active is not
being properly protected by spin lock.
This patch adds that protective spin lock, and at the same time removes
all duplicate ref counting for each kiocb as reqs_active is already used
as a ref count for each active ioctx. This also ensures that buggy call
to flush_workqueue() in softirq context is eliminated.
Signed-off-by: "Ken Chen" <kenchen@google.com>
Cc: Zach Brown <zach.brown@oracle.com>
Cc: Suparna Bhattacharya <suparna@in.ibm.com>
Cc: Benjamin LaHaise <bcrl@kvack.org>
Cc: Badari Pulavarty <pbadari@us.ibm.com>
Cc: <stable@kernel.org>
Acked-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
CONFIG_NF_CONNTRACK_H323=y
Fix this by letting NF_CONNTRACK_H323 depend on (IPV6 || IPV6=n).
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
