Re: 2.6.5 - panic when intensive disk access on 120GB firewire disk

From: Dmitry Torokhov
Date: Sun Apr 04 2004 - 23:57:48 EST


On Sunday 04 April 2004 03:22 pm, Robert Gadsdon wrote:
> Kernel panic from 2.6.5 'final' when running slocate (updatedb)
> accessing 120GB firewire disk:
>
> Oops: 00002 [#1]
> PREEMPT SMP
> CPU: 0
> EIP: 0060:[<f8a10a27>] Not tainted
> EFLAGS: 00010047 (2.6.5)
> EIP is at hpsb_packet_sent+0x27/0x90 [ieee1394]

Could you please try the patch below.

Thank you.
--
Dmitry


===================================================================


ChangeSet@xxxxxx, 2004-04-04 23:52:29-05:00, dtor_core@xxxxxxxxxxxxx
IEEE1394: Make sure that a packet submitted into completion
queue just once; race between hpsb_packet_sent and
hpsb_packet_received


ieee1394_core.c | 26 ++++++++++++++++++++++----
ieee1394_core.h | 1 +
2 files changed, 23 insertions(+), 4 deletions(-)


===================================================================



diff -Nru a/drivers/ieee1394/ieee1394_core.c b/drivers/ieee1394/ieee1394_core.c
--- a/drivers/ieee1394/ieee1394_core.c Sun Apr 4 23:53:45 2004
+++ b/drivers/ieee1394/ieee1394_core.c Sun Apr 4 23:53:45 2004
@@ -96,7 +96,7 @@
WARN_ON(packet->complete_routine != NULL);
packet->complete_routine = routine;
packet->complete_data = data;
- return;
+ atomic_set(&packet->completion_armed, 1);
}

/**
@@ -412,8 +412,26 @@
}

if (ackcode != ACK_PENDING || !packet->expect_response) {
+ struct hpsb_packet *p;
+ struct list_head *lh;
+ unsigned long flags;
+
atomic_dec(&packet->refcnt);
- list_del(&packet->list);
+
+ /*
+ * Remove packet from host's pending queue
+ * (and not from any other queue)
+ */
+ spin_lock_irqsave(&host->pending_pkt_lock, flags);
+ list_for_each(lh, &host->pending_packets) {
+ p = list_entry(lh, struct hpsb_packet, list);
+ if (p == packet) {
+ list_del(&packet->list);
+ break;
+ }
+ }
+ spin_unlock_irqrestore(&host->pending_pkt_lock, flags);
+
packet->state = hpsb_complete;
queue_packet_complete(packet);
return;
@@ -1003,7 +1021,8 @@

static void queue_packet_complete(struct hpsb_packet *packet)
{
- if (packet->complete_routine != NULL) {
+ if (packet->complete_routine != NULL &&
+ atomic_dec_and_test(&packet->completion_armed)) {
unsigned long flags;

spin_lock_irqsave(&khpsbpkt_lock, flags);
@@ -1013,7 +1032,6 @@
/* Signal the kernel thread to handle this */
up(&khpsbpkt_sig);
}
- return;
}

static int hpsbpkt_thread(void *__hi)
diff -Nru a/drivers/ieee1394/ieee1394_core.h b/drivers/ieee1394/ieee1394_core.h
--- a/drivers/ieee1394/ieee1394_core.h Sun Apr 4 23:53:45 2004
+++ b/drivers/ieee1394/ieee1394_core.h Sun Apr 4 23:53:45 2004
@@ -66,6 +66,7 @@
* packet is completed. */
void (*complete_routine)(void *);
void *complete_data;
+ atomic_t completion_armed;

/* Store jiffies for implementing bus timeouts. */
unsigned long sendtime;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/