Commit Graph

37 Commits

Author SHA1 Message Date
Alan Stern 7c72ce8187 [SCSI] Fix leak of Scsi_Cmnds
When a request is deferred in scsi_init_io because the sg table could not
be allocated, the associated scsi_cmnd is not released and the request is
not marked with REQ_DONTPREP.  When the command is retried, if
scsi_prep_fn decides to kill it then the scsi_cmnd will never be released.

This patch (as573) changes scsi_init_io so that it calls scsi_put_command
before deferring a request.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-10-16 15:35:11 -05:00
James Bottomley 939647ee30 [SCSI] fix oops on usb storage device disconnect
We fix the oops by enforcing the host state model.  There have also
been two extra states added: SHOST_CANCEL_RECOVERY and
SHOST_DEL_RECOVERY so we can take the model through host removal while
the recovery thread is active.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-19 09:24:52 -05:00
Alan Stern b95be99d52 [SCSI] fix oops in scsi_release_buffers()
I found one other thing that needs to be fixed.  The call to
scsi_release_buffers in scsi_unprep_request causes an oops, because the
sgtable has already been freed in scsi_io_completion.  The following patch
is needed.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-17 15:24:53 -05:00
James Bottomley 59897dad98 [SCSI] fix sym scsi boot hang
On Wed, 2005-09-14 at 18:06 +1000, Anton Blanchard wrote:
> And in particular it looks like the scsi_unprep_request in
> scsi_queue_insert is causing it. The following patch fixes the boot
> problems on the vscsi machine:

OK, my fault.  Your fix is almost correct .. I was going to do this
eventually, honest, because there's no need to unprep and reprep a
command that comes in through scsi_queue_insert().

However, I decided to leave it in to exercise the scsi_unprep_request()
path just to make sure it was working.  What's happening, I think, is
that we also use this path for retries.  Since we kill and reget the
command each time, the retries decrement is never seen, so we're
retrying forever.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-14 16:59:03 -04:00
Timothy Thelin 186d330e68 [SCSI] scsi: sd, sr, st, and scsi_lib all fail to copy cmd_len to new cmd
This fixes an issue in scsi command initialization from a request
where sd, sr, st, and scsi_lib all fail to copy the request's
cmd_len to the scsi command's cmd_len field.

Signed-off-by: Timothy Thelin <timothy.thelin@wdc.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-14 16:54:12 -04:00
Mike Christie 6f16b5359c [SCSI] set error value when failing commands in prep_fn
set DID_NO_CONNECT for the BLKPREP_KILL case and correct a few
BLKPREP_DEFER cases that weren't checking for the need to plug the
queue.

Signed-Off-By: Mike Christie <michaelc@cs.wisc.edu>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-10 21:02:25 -05:00
James Bottomley 788ce43aa1 [SCSI] SCSI core: fix leakage of scsi_cmnd's
Actually, just one problem and one cosmetic fix:

1) We need to dequeue for the loop and kill case (it seems easiest
simply to dequeue in the scsi_kill_request() routine)
2) There's no real need to drop the queue lock.  __scsi_done() is lock
agnostic, so since there's no requirement, let's just leave it in to
avoid any locking issues.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-09 16:30:59 -05:00
James Bottomley e91442b635 [SCSI] SCSI core: fix leakage of scsi_cmnd's
From: 	Alan Stern <stern@rowland.harvard.edu>

This patch (as559b) adds a new routine, scsi_unprep_request, which
gets called every place a request is requeued.  (That includes
scsi_queue_insert as well as scsi_requeue_command.)  It also changes
scsi_kill_requests to make it call __scsi_done with result equal to
DID_NO_CONNECT << 16.  (I'm not sure if it's necessary to call
scsi_init_cmd_errh here; maybe you can check on that.)  Finally, the
patch changes the return value from scsi_end_request, to avoid
returning a stale pointer in the case where the request was requeued.
Fortunately the return value is used in only place, and the change
actually simplified it.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>

Rejections fixed up and
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-09 10:44:16 -05:00
Neil Brown 286f3e13a1 [SCSI] fix possible deadlock in scsi_lib.c
If a filesystem, while writing out data, decides that it is good
to issue a cache flush on a SCSI drive (or other 'sd' device), it will
call blkdev_issue_flush which calls ->issue_flush_fn which is
scsi_issue_flush_fn.
This calls sd_issue_flush which calls sd_sync_cache, which calls
scsi_execute_request.
This will (as sshdr != NULL) call
    kmalloc(SCSI_SENSE_BUFFERSIZE, GFP_KERNEL)

If memory is tight, the presence of GFP_KERNEL may cause write
requests to be sent to some filesystem to free up memory, however if
that filesystem is waiting for the issue_flush_fn to complete, you
could get a deadlock.

I wonder if it might be more appropriate to use GFP_NOIO as in the
following patch.

I wonder if it might be even more appropriate to cope better with a
kmalloc failure, especially as in this use, sd_sync_cache only will
use the sense information to print out a more informative error
message.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-09 10:29:22 -05:00
James Bottomley 3173d8c342 [SCSI] quieten messages on scsi_execute commands
scsi_io_completion() can be a bit noisy about certain conditions.
Previously this wasn't a problem for internally generated commands,
since they never hit it.  However, since we do all SCSI commands via
bios, now they do.  user CD testers like magicdev are now getting not
ready messages every time they touch the CD to see if there's anything
in it.

Fix this by making all scsi_execute commands REQ_QUIET and making
scsi_finish_io() not say anything for REQ_QUIET.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-06 17:37:57 -05:00
James Bottomley e514385be2 [SCSI] fix sense buffer length handling problem
The new bio code was incorrectly converted from stack allocated to
kmalloc'd buffer handling.  There are two places where it incorrectly
uses sizeof(*sense) to get the size of the sense buffer.  This
actually produces one, so no sense data was ever getting back, causing
failure in things like disk spin up.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:34:12 -05:00
akpm@osdl.org 1ccb48bb16 [SCSI] fix C syntax problem in scsi_lib.c
Older gcc's require variable definitions at the beginning of a block.

Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:34:09 -05:00
James Bottomley ea73a9f239 [SCSI] convert sd to scsi_execute_req (and update the scsi_execute_req API)
This one removes struct scsi_request entirely from sd.  In the process,
I noticed we have no callers of scsi_wait_req who don't immediately
normalise the sense, so I updated the API to make it take a struct
scsi_sense_hdr instead of simply a big sense buffer.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:33:52 -05:00
James Bottomley 33aa687db9 [SCSI] convert SPI transport class to scsi_execute
This one's slightly more difficult.  The transport class uses
REQ_FAILFAST, so another interface (scsi_execute) had to be invented to
take the extra flag.  Also, the sense functions are shifted around to
allow spi_execute to place data directly into a struct scsi_sense_hdr.
With this change, there's probably a lot of unnecessary sense buffer
allocation going on which we can fix later.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:31:14 -05:00
James Bottomley 1cf72699c1 [SCSI] convert the remaining mid-layer pieces to scsi_execute_req
After this, we just have some drivers, all the ULDs and the SPI
transport class using scsi_wait_req().

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:27:01 -05:00
James Bottomley 7a93aef7fb Merge HEAD from ../scsi-misc-2.6-tmp 2005-08-28 11:18:35 -05:00
James Bottomley 392160335c [SCSI] use scatter lists for all block pc requests and simplify hw handlers
Original From: Mike Christie <michaelc@cs.wisc.edu>

Add scsi_execute_req() as a replacement for scsi_wait_req()

Fixed up various pieces (added REQ_SPECIAL and caught req use after
free)

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 10:46:40 -05:00
James Bottomley 8e6401187e update scsi_wait_req to new format for blk_rq_map_kern()
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 10:46:39 -05:00
James Bottomley e537a36d52 [SCSI] use scatter lists for all block pc requests and simplify hw handlers
Here's the proof of concept for this one.  It converts scsi_wait_req to
do correct REQ_BLOCK_PC submission (and works nicely in my setup).

The final goal should be to eliminate struct scsi_request, but that
can't be done until the character submission paths of sg and st are also
modified.

There's some loss of functionality to this: retries are no longer
controllable (except by setting REQ_FASTFAIL) and the wait_req API needs
to be altered, but it looks very nice.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 10:45:34 -05:00
Mike Anderson d330187408 [SCSI] host state model update: replace old host bitmap state
Migrate the current SCSI host state model to a model like SCSI
device is using.

Signed-off-by: Mike Anderson <andmike@us.ibm.com>

Rejections fixed up and

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-07-30 11:10:24 -05:00
Linus Torvalds 2d986010ad Merge master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-for-linus-2.6 2005-07-26 13:28:47 -07:00
Chen, Kenneth W 0f34e3f533 [SCSI] Redundant memset in scsi_alloc_sgtable
scsi_init_io calls scsi_alloc_sgtable and then calls blk_rq_map_sg
to initialize the scatterlist structure.  blk_rq_map_sg() already
memset the structure for every new segment.  That makes the memset
in scsi_alloc_sgtable unnecessary.

Patch to delete the extra memset in scsi_alloc_sgtable.  Tested on
a x86_64 machine.  Looks stable to me.

Signed-off-by: Ken Chen <kenneth.w.chen@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-07-14 11:24:12 -04:00
KAMBAROV, ZAUR a77e3362a2 [PATCH] coverity: i386: scsi_lib buffer overrun fix
The check in

627  		BUG_ON(index > SG_MEMPOOL_NR);

with SG_MEMPOOL_NR defined in

32   	#define SG_MEMPOOL_NR		(sizeof(scsi_sg_pools)/sizeof(struct scsi_host_sg_pool))

was not sufficient.

sgp, set in

629  		sgp = scsi_sg_pools + index;

is dereferenced in

630  		mempool_free(sgl, sgp->pool);

Signed-off-by: Zaur Kambarov <zkambarov@coverity.com>
Cc: <linux-scsi@vger.kernel.org>
Cc: James Bottomley <James.Bottomley@steeleye.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-28 21:20:33 -07:00
Christoph Hellwig 8d115f845a [SCSI] remove scsi_cmnd->state
We never look at it except for the old megaraid driver that abuses it
for sending internal commands.  That usage can be fixed easily because
those internal commands are single-threaded by a mutex and we can easily
use a completion there.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-26 12:16:24 -05:00
Christoph Hellwig b4edcbcafd [SCSI] remove scsi_cmnd->owner
never checked anywhere

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-26 12:15:28 -05:00
Christoph Hellwig f5ad56145d [SCSI] remove scsi_cmnd->abort_reason
Never used for anything but printing it out in debug routines.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-26 12:14:46 -05:00
Adrian Bunk 52c1da3953 [PATCH] make various thing static
Another rollup of patches which give various symbols static scope

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24 00:06:43 -07:00
Tejun Heo d8c37e7b9a [SCSI] remove a timer race in scsi_queue_insert()
scsi_queue_insert() has four callers.  Three callers call with
timer disabled and one (the second invocation in
scsi_dispatch_cmd()) calls with timer activated.
scsi_queue_insert() used to always call scsi_delete_timer()
and ignore the return value.  This results in race with timer
expiration.  Remove scsi_delete_timer() call from
scsi_queue_insert() and make the caller delete timer and check
the return value.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:54 -05:00
Tejun Heo a1bf9d1d92 [SCSI] make scsi_queue_insert() use blk_requeue_request()
scsi_queue_insert() used to use blk_insert_request() for requeueing
requests.  This depends on the unobvious behavior of
blk_insert_request() setting REQ_SPECIAL and REQ_SOFTBARRIER when
requeueing.  This patch makes scsi_queue_insert() use
blk_requeue_request().  As REQ_SPECIAL means special requests and
REQ_SOFTBARRIER is automatically handled by blk layer now, no flag
needs to be set.

Note that scsi_queue_insert() now calls scsi_run_queue() itself, and
the prototype of the function is added right above
scsi_queue_insert().  This is temporary, as later requeue path
consolidation patchset removes scsi_queue_insert().  By adding
temporary prototype, we can do away with unnecessarily moving
functions.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:30 -05:00
Tejun Heo 283369ccc2 [SCSI] make scsi_requeue_request() use blk_requeue_request()
scsi_requeue_request() used to use blk_insert_request() for requeueing
requests.  This depends on the unobvious behavior of
blk_insert_request() setting REQ_SPECIAL and REQ_SOFTBARRIER when
requeueing.  This patch makes scsi_queue_insert() use
blk_requeue_request().  As REQ_SPECIAL means special requests and
REQ_SOFTBARRIER is automatically handled by blk layer now, no flag
needs to be set.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:29 -05:00
Tejun Heo 867d1191fc [SCSI] remove requeue feature from blk_insert_request()
blk_insert_request() has a unobivous feature of requeuing a
request setting REQ_SPECIAL|REQ_SOFTBARRIER.  SCSI midlayer
was the only user and as previous patches removed the usage,
remove the feature from blk_insert_request().  Only special
requests should be queued with blk_insert_request().  All
requeueing should go through blk_requeue_request().

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:28 -05:00
Tejun Heo beb6617d99 [SCSI] remove REQ_SPECIAL in scsi_init_io()
scsi_init_io() used to set REQ_SPECIAL when it fails sg
allocation before requeueing the request by returning
BLKPREP_DEFER.  REQ_SPECIAL is being updated to mean special
requests.  So, remove REQ_SPECIAL setting.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:27 -05:00
James Bottomley c46f2ffb9e merge by hand (scsi_device.h) 2005-04-18 13:45:00 -05:00
c6295cdf65 [PATCH] scsi: remove meaningless scsi_cmnd->serial_number_at_timeout field
scsi_cmnd->serial_number_at_timeout doesn't serve any purpose
anymore.  All serial_number == serial_number_at_timeout tests
are always true in abort callbacks.  Kill the field.  Also, as
->pid always equals ->serial_number and ->serial_number
doesn't have any special meaning anymore, update comments
above ->serial_number accordingly.  Once we remove all uses of
this field from all lldd's, this field should go.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-04-18 12:33:15 -05:00
d3a933dc98 [PATCH] scsi: remove unused scsi_cmnd->internal_timeout field
scsi_cmnd->internal_timeout field doesn't have any meaning
anymore.  Kill the field.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-04-18 12:32:47 -05:00
152587deb8 [PATCH] fix NMI lockup with CFQ scheduler
The current problem seen is that the queue lock is actually in the
SCSI device structure, so when that structure is freed on device
release, we go boom if the queue tries to access the lock again.

The fix here is to move the lock from the scsi_device to the queue.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-04-16 20:10:09 -05:00
Linus Torvalds 1da177e4c3 Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
2005-04-16 15:20:36 -07:00