When aborting a SCSI command through fnic, there is a race with the fnic
interrupt handler which can result in the SCSI command and its request
being completed twice. If the interrupt handler claims the command by
setting CMD_SP to NULL first, the abort handler assumes the interrupt
handler has completed the command and returns SUCCESS, causing the request
for the scsi_cmnd to be re-queued.
But the interrupt handler may not have finished the command yet. After it
drops the spinlock protecting CMD_SP, it does memory cleanup before finally
calling scsi_done() to complete the scsi_cmnd. If the call to scsi_done
occurs after the abort handler finishes and re-queues the request, the
completion of the scsi_cmnd will advance and try to double complete a
request already queued for retry.
This patch fixes the issue by moving scsi_done() and any other use of
scsi_cmnd to before the spinlock is released by the interrupt handler.
Link: https://lore.kernel.org/r/20220311184359.2345319-1-djeffery@redhat.com
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: David Jeffery <djeffery@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The DEF_SCSI_QCMD() macro passes the addresses of the SCSI host lock and
also that of the scsi_done function to the queuecommand_lck() function
implementations. Remove the 'scsi_done' argument since its address is
now a constant and instead call 'scsi_done' directly from inside the
queuecommand_lck() functions.
Link: https://lore.kernel.org/r/20211007204618.2196847-14-bvanassche@acm.org
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Commit b43abcbbd5 ("scsi: fnic: Ratelimit printks to avoid flooding when
vlan is not set by the switch.i") added printk_ratelimit() in front of a
couple of debug-mode messages to reduce logging overrun when debugging the
driver. The code:
> if (printk_ratelimit())
> FNIC_FCS_DBG(KERN_DEBUG, fnic->lport->host,
> "Start VLAN Discovery\n");
ends up calling printk_ratelimit() quite often, triggering many kernel
messages about callbacks being supressed.
The fix is to decompose FNIC_FCS_DBG(), then change the order of checks so
that printk_ratelimit() is only called if driver debugging is enabled.
Link: https://lore.kernel.org/r/20210323172756.5743-1-lduncan@suse.com
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Signed-off-by: Lee Duncan <lduncan@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Fixes the following W=1 kernel build warning(s):
drivers/scsi/fnic/fnic_scsi.c:183: warning: Function parameter or member 'fnic' not described in '__fnic_set_state_flags'
drivers/scsi/fnic/fnic_scsi.c:183: warning: Function parameter or member 'st_flags' not described in '__fnic_set_state_flags'
drivers/scsi/fnic/fnic_scsi.c:183: warning: Function parameter or member 'clearbits' not described in '__fnic_set_state_flags'
drivers/scsi/fnic/fnic_scsi.c:2296: warning: Function parameter or member 'fnic' not described in 'fnic_scsi_host_start_tag'
drivers/scsi/fnic/fnic_scsi.c:2296: warning: Function parameter or member 'sc' not described in 'fnic_scsi_host_start_tag'
drivers/scsi/fnic/fnic_scsi.c:2316: warning: Function parameter or member 'fnic' not described in 'fnic_scsi_host_end_tag'
drivers/scsi/fnic/fnic_scsi.c:2316: warning: Function parameter or member 'sc' not described in 'fnic_scsi_host_end_tag'
Link: https://lore.kernel.org/r/20210317091230.2912389-18-lee.jones@linaro.org
Cc: Satish Kharat <satishkh@cisco.com>
Cc: Sesidhar Baddela <sebaddel@cisco.com>
Cc: Karan Tilak Kumar <kartilak@cisco.com>
Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Fix the following warnings:
[drivers/scsi/fnic/fnic_debugfs.c:123]: (warning) %u in format string (no. 1)
requires 'unsigned int' but the argument type is 'int'.
[drivers/scsi/fnic/fnic_debugfs.c:125]: (warning) %u in format string (no. 1)
requires 'unsigned int' but the argument type is 'int'.
[drivers/scsi/fnic/fnic_debugfs.c:127]: (warning) %u in format string (no. 1)
requires 'unsigned int' but the argument type is 'int'.
Link: https://lore.kernel.org/r/20200930021919.2832860-2-yebin10@huawei.com
Reported-by: Hulk Robot <hulkci@huawei.com>
Acked-by: Karan Tilak Kumar <kartilak@cisco.com>
Signed-off-by: Ye Bin <yebin10@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The fnic drivers assigns an ioreq structure to each command and severs this
assignment once scsi_done() has been called and the command has been
completed.
When traversing commands to terminate outstanding I/O we should not call
scsi_done() on commands which do not have a corresponding ioreq structure;
these commands have either never entered the driver or have already been
completed.
[mkp: fixed unused label warning]
Link: https://lore.kernel.org/r/20200515112647.49260-1-hare@suse.de
Reported-by: kbuild test robot <lkp@intel.com>
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Acked-by: Satish Kharat <satishkh@cisco.com>
Acked-by: Karan Tilak Kumar <kartilak@cisco.com>
Signed-off-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This addresses the following gcc warning with "make W=1":
drivers/scsi/fnic/fnic_fcs.c: In function ‘fnic_rq_cmpl_frame_recv’:
drivers/scsi/fnic/fnic_fcs.c:840:15: warning: variable
‘eth_hdrs_stripped’ set but not used [-Wunused-but-set-variable]
840 | unsigned int eth_hdrs_stripped;
| ^~~~~~~~~~~~~~~~~
Link: https://lore.kernel.org/r/20200831081126.3251288-5-yanaijie@huawei.com
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Jason Yan <yanaijie@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This addresses the following gcc warning with "make W=1":
drivers/scsi/fnic/fnic_fcs.c: In function ‘is_fnic_fip_flogi_reject’:
drivers/scsi/fnic/fnic_fcs.c:317:9: warning: variable ‘els_len’ set but
not used [-Wunused-but-set-variable]
317 | size_t els_len = 0;
| ^~~~~~~
drivers/scsi/fnic/fnic_fcs.c:312:21: warning: variable ‘els_dtype’ set
but not used [-Wunused-but-set-variable]
312 | enum fip_desc_type els_dtype = 0;
| ^~~~~~~~~
Link: https://lore.kernel.org/r/20200831081126.3251288-3-yanaijie@huawei.com
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Jason Yan <yanaijie@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Fix the following sparse warning:
drivers/scsi/fnic/vnic_dev.c:257:5: warning: symbol 'vnic_dev_cmd1' was
not declared. Should it be static?
drivers/scsi/fnic/vnic_dev.c:319:5: warning: symbol 'vnic_dev_cmd2' was
not declared. Should it be static?
drivers/scsi/fnic/vnic_dev.c:414:5: warning: symbol
'vnic_dev_init_devcmd1' was not declared. Should it be static?
drivers/scsi/fnic/vnic_dev.c:425:5: warning: symbol
'vnic_dev_init_devcmd2' was not declared. Should it be static?
drivers/scsi/fnic/vnic_dev.c:495:6: warning: symbol
'vnic_dev_deinit_devcmd2' was not declared. Should it be static?
drivers/scsi/fnic/vnic_dev.c:506:5: warning: symbol
'vnic_dev_cmd_no_proxy' was not declared. Should it be static?
Link: https://lore.kernel.org/r/20200415093809.9365-1-yanaijie@huawei.com
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Jason Yan <yanaijie@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare variable-length
types such as these ones is a flexible array member[1][2], introduced in
C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by this
change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 7649773293 ("cxgb3/l2t: Fix undefined behaviour")
Link: https://lore.kernel.org/r/20200224161406.GA21454@embeddedor
Reviewed-by: Lee Duncan <lduncan@suse.com>
Reviewed-by: Satish Kharat <satishkh@cisco.com>
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
When a link is going down the driver will be calling fnic_cleanup_io(),
which will traverse all commands and calling 'done' for each found command.
While the traversal is handled under the host_lock, calling 'done' happens
after the host_lock is being dropped.
As fnic_queuecommand_lck() is being called with the host_lock held, it
might well be that it will pick the command being selected for abortion
from the above routine and enqueue it for sending, but then 'done' is being
called on that very command from the above routine.
Which of course confuses the hell out of the scsi midlayer.
So fix this by not queueing commands when fnic_cleanup_io is active.
Link: https://lore.kernel.org/r/20200116102053.62755-1-hare@suse.de
Signed-off-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
gcc -O3 warns that some local variables are not properly initialized:
drivers/scsi/fnic/vnic_dev.c: In function 'fnic_dev_hang_notify':
drivers/scsi/fnic/vnic_dev.c:511:16: error: 'a0' is used uninitialized in this function [-Werror=uninitialized]
vdev->args[0] = *a0;
~~~~~~~~~~~~~~^~~~~
drivers/scsi/fnic/vnic_dev.c:691:6: note: 'a0' was declared here
u64 a0, a1;
^~
drivers/scsi/fnic/vnic_dev.c:512:16: error: 'a1' is used uninitialized in this function [-Werror=uninitialized]
vdev->args[1] = *a1;
~~~~~~~~~~~~~~^~~~~
drivers/scsi/fnic/vnic_dev.c:691:10: note: 'a1' was declared here
u64 a0, a1;
^~
drivers/scsi/fnic/vnic_dev.c: In function 'fnic_dev_mac_addr':
drivers/scsi/fnic/vnic_dev.c:512:16: error: 'a1' is used uninitialized in this function [-Werror=uninitialized]
vdev->args[1] = *a1;
~~~~~~~~~~~~~~^~~~~
drivers/scsi/fnic/vnic_dev.c:698:10: note: 'a1' was declared here
u64 a0, a1;
^~
Apparently the code relies on the local variables occupying adjacent memory
locations in the same order, but this is of course not guaranteed.
Use an array of two u64 variables where needed to make it work correctly.
I suspect there is also an endianness bug here, but have not digged in deep
enough to be sure.
Fixes: 5df6d737dd ("[SCSI] fnic: Add new Cisco PCI-Express FCoE HBA")
Fixes: mmtom ("init/Kconfig: enable -O3 for all arches")
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20200107201602.4096790-1-arnd@arndb.de
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Don't populate the array dev_cmd_err on the stack but instead make it
static const. Makes the object code smaller by 80 bytes.
Before:
text data bss dec hex filename
21461 1564 0 23025 59f1 drivers/scsi/fnic/vnic_dev.o
After:
text data bss dec hex filename
21318 1628 0 22946 59a2 drivers/scsi/fnic/vnic_dev.o
(gcc version 9.2.1, amd64)
Link: https://lore.kernel.org/r/20190906163945.3889-1-colin.king@canonical.com
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Port speed printing was added by commit d948e6383e ("scsi: fnic: Add port
speed stat to fnic debug stats"). As currently configured, this will cause
the port speed to be printed to syslog every 2 seconds. To prevent log
spamming, only print the vnic port speed at driver initialization and if
the speed changes. Also clean up a small typo in fnic_trace.c.
Fixes: d948e6383e ("scsi: fnic: Add port speed stat to fnic debug stats")
Signed-off-by: John Pittman <jpittman@redhat.com>
Reviewed-by: Satish Kharat <satishkh@cisco.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Variable ret is initialized to a value that is never read and it is
re-assigned later and immediately returns. Clean up the code by removing
rc and just returning 0.
[mkp: typo]
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Karan Tilak Kumar <kartilak@cisco.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Fixes gcc '-Wunused-but-set-variable' warning:
drivers/scsi/fnic/vnic_wq.c: In function 'vnic_wq_alloc_bufs':
drivers/scsi/fnic/vnic_wq.c:50:19: warning:
variable 'vdev' set but not used [-Wunused-but-set-variable]
drivers/scsi/fnic/vnic_rq.c: In function 'vnic_rq_alloc_bufs':
drivers/scsi/fnic/vnic_rq.c:30:19: warning:
variable 'vdev' set but not used [-Wunused-but-set-variable]
Never used since introduction.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Acked-by: Satish Kharat <satishkh@cisco.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
