Re: [PATCH] ata: do not schedule hot plug if it is a sas host

Tejun Heo <tj@xxxxxxxxxx> · Tue, 27 Feb 2018 10:22:59 -0800

On Tue, Feb 27, 2018 at 03:08:01PM +0800, Jason Yan wrote:
> We've got a kernel panic when using sata disk with sas controller:
> 
> [115946.152283] Unable to handle kernel NULL pointer dereference at virtual address 000007d8
> [115946.223963] CPU: 0 PID: 22175 Comm: kworker/0:1 Tainted: G        W  OEL  4.14.0 #1
> [115946.232925] Workqueue: events ata_scsi_hotplug
> [115946.237938] task: ffff8021ee50b180 task.stack: ffff00000d5d0000
> [115946.244717] PC is at sas_find_dev_by_rphy+0x44/0x114
> [115946.250224] LR is at sas_find_dev_by_rphy+0x3c/0x114
> ......
> [115946.355701] Process kworker/0:1 (pid: 22175, stack limit = 0xffff00000d5d0000)
> [115946.363369] Call trace:
> [115946.456356] [<ffff000008878a9c>] sas_find_dev_by_rphy+0x44/0x114
> [115946.462908] [<ffff000008878b8c>] sas_target_alloc+0x20/0x5c
> [115946.469408] [<ffff00000885a31c>] scsi_alloc_target+0x250/0x308
> [115946.475781] [<ffff00000885ba30>] __scsi_add_device+0xb0/0x154
> [115946.481991] [<ffff0000088b520c>] ata_scsi_scan_host+0x180/0x218
> [115946.488367] [<ffff0000088b53d8>] ata_scsi_hotplug+0xb0/0xcc
> [115946.494801] [<ffff0000080ebd70>] process_one_work+0x144/0x390
> [115946.501115] [<ffff0000080ec100>] worker_thread+0x144/0x418
> [115946.507093] [<ffff0000080f2c98>] kthread+0x10c/0x138
> [115946.512792] [<ffff0000080855dc>] ret_from_fork+0x10/0x18
> 
> We found that Ding Xiang has reported a similar bug before:
> https://patchwork.kernel.org/patch/9179817/
> 
> And this bug still exists in mainline. Since libsas handles hotplug and
> device adding/removing itself, do not need to schedule ata hot plug task
> here if it is a sas host.
> 
> Signed-off-by: Jason Yan <yanaijie@xxxxxxxxxx>
> CC: Ding Xiang <dingxiang@xxxxxxxxxx>
> ---
>  drivers/ata/libata-eh.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/ata/libata-eh.c b/drivers/ata/libata-eh.c
> index 11c3137d7b0a..97aeac45b22c 100644
> --- a/drivers/ata/libata-eh.c
> +++ b/drivers/ata/libata-eh.c
> @@ -1384,7 +1384,9 @@ void ata_eh_detach_dev(struct ata_device *dev)
>  
>  	if (ata_scsi_offline_dev(dev)) {
>  		dev->flags |= ATA_DFLAG_DETACHED;
> -		ap->pflags |= ATA_PFLAG_SCSI_HOTPLUG;
> +		/* libsas handles the hotplug itself */
> +		if (!(ap->flags & ATA_FLAG_SAS_HOST))
> +			ap->pflags |= ATA_PFLAG_SCSI_HOTPLUG;

Can you please move the conditional to where we're consuming the flag
instead?

Thanks.

-- 
tejun