The locking in mpi_sata_completion() is broken. I'm not sure what was
intended at all. Here is what it does:
1876 mpi_sata_completion(struct pm8001_hba_info *pm8001_ha, void *piomb)
1877 {
1878 struct sas_task *t;
1879 struct pm8001_ccb_info *ccb;
1880 unsigned long flags = 0;
^^^^^^^^^^^^^^^^^^^^^^^
This is bogus. The flags should be set with irqsave. This implies a
knowledge of the internals which should be abstracted away.
[snip]
2006 case IO_OPEN_CNX_ERROR_IT_NEXUS_LOSS:
2007 PM8001_IO_DBG(pm8001_ha,
2008 pm8001_printk("IO_OPEN_CNX_ERROR_IT_NEXUS_LOSS\n"));
2009 ts->resp = SAS_TASK_COMPLETE;
2010 ts->stat = SAS_DEV_NO_RESPONSE;
2011 if (!t->uldd_task) {
2012 pm8001_handle_event(pm8001_ha,
2013 pm8001_dev,
2014 IO_OPEN_CNX_ERROR_IT_NEXUS_LOSS);
2015 ts->resp = SAS_TASK_UNDELIVERED;
2016 ts->stat = SAS_QUEUE_FULL;
2017 pm8001_ccb_task_free(pm8001_ha, t, ccb, tag);
2018 mb();/*in order to force CPU ordering*/
2019 spin_unlock_irqrestore(&pm8001_ha->lock, flags);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Calling irqrestore before we've done an irqsave. What are we trying to
restore?
2020 t->task_done(t);
2021 spin_lock_irqsave(&pm8001_ha->lock, flags);
2022 return;
2023 }
[snip]
2197 spin_unlock_irqrestore(&t->task_state_lock, flags);
2198 pm8001_ccb_task_free(pm8001_ha, t, ccb, tag);
2199 mb();/*ditto*/
2200 spin_unlock_irqrestore(&pm8001_ha->lock, flags);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We just called irqrestore so there is no need to restore it twice.
2201 t->task_done(t);
2202 spin_lock_irqsave(&pm8001_ha->lock, flags);
^^^^^
We're saving the irq status but we're at the end of the function so we
never use it again.
2203 }
2204 }
I've just picked out a couple examples, but basically the whole function
is like that.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
