From: sashiko-bot@kernel.org
To: "Farhan Ali" <alifm@linux.ibm.com>
Cc: linux-pci@vger.kernel.org
Subject: Re: [PATCH v18 3/3] PCI: Fail FLR when config space is inaccessible
Date: Wed, 03 Jun 2026 18:57:36 +0000 [thread overview]
Message-ID: <20260603185736.8345C1F00893@smtp.kernel.org> (raw)
In-Reply-To: <20260603181647.2215-4-alifm@linux.ibm.com>
Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider:
Pre-existing issues:
- [High] The config space accessibility check is placed in pcie_reset_flr() instead of pcie_flr(), leaving direct callers of pcie_flr() exposed to 60-second hangs.
- [High] The PCI reset quirk delay_250ms_after_flr ignores the return value of pcie_reset_flr(), which masks reset failures and completely breaks the PCI reset fallback mechanism.
--
commit 4e372ed957b10d82d85382f347de3e515a680bbf
Author: Farhan Ali <alifm@linux.ibm.com>
PCI: Fail FLR when config space is inaccessible
This commit adds an accessibility check for the PCI configuration space before
attempting an FLR (Function Level Reset). This is intended to avoid potential
hangs on devices that are in an error state.
> diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
> index e71b814153921..c50418f5e3181 100644
> --- a/drivers/pci/pci.c
> +++ b/drivers/pci/pci.c
> @@ -4396,6 +4396,9 @@ int pcie_reset_flr(struct pci_dev *dev, bool probe)
> if (!(dev->devcap & PCI_EXP_DEVCAP_FLR))
> return -ENOTTY;
>
> + if (!pci_dev_config_accessible(dev, "FLR"))
> + return -ENOTTY;
> +
[Severity: High]
This isn't a bug introduced by this patch, but does placing this check in
pcie_reset_flr() leave direct callers of pcie_flr() exposed to 60-second
hangs?
Direct callers of pcie_flr() (like network and storage drivers during error
recovery) bypass this wrapper. They will still experience a stall in
pci_dev_wait() when attempting to reset a device with an inaccessible config
space. Should this accessibility check be moved into pcie_flr() instead to
protect all callers?
[Severity: High]
This is a pre-existing issue, but does adding this new dynamic failure path
break the fallback reset mechanism in delay_250ms_after_flr()?
Looking at delay_250ms_after_flr() in drivers/pci/quirks.c, it executes
pcie_reset_flr() but discards its return value:
drivers/pci/quirks.c:delay_250ms_after_flr() {
...
pcie_reset_flr(dev, PCI_RESET_DO_RESET);
msleep(250);
return 0;
}
With this patch returning -ENOTTY when the config space is inaccessible,
the quirk will falsely report success. This causes
__pci_reset_function_locked() to abort early and completely prevents it from
attempting fallback reset methods, leaving the device in an unrecoverable
state.
> if (probe)
> return 0;
>
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260603181647.2215-1-alifm@linux.ibm.com?part=3
next prev parent reply other threads:[~2026-06-03 18:57 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-03 18:16 [PATCH v18 0/3] [PCI] Error recovery for vfio-pci devices on s390x Farhan Ali
2026-06-03 18:16 ` [PATCH v18 1/3] PCI: Allow per function PCI slots to fix slot reset on s390 Farhan Ali
2026-06-03 18:33 ` sashiko-bot
2026-06-03 18:16 ` [PATCH v18 2/3] PCI: Avoid saving config space state if inaccessible Farhan Ali
2026-06-03 18:16 ` [PATCH v18 3/3] PCI: Fail FLR when config space is inaccessible Farhan Ali
2026-06-03 18:57 ` sashiko-bot [this message]
2026-06-09 22:33 ` Bjorn Helgaas
2026-06-10 16:51 ` Farhan Ali
2026-06-10 20:02 ` Bjorn Helgaas
2026-06-10 21:56 ` Farhan Ali
2026-06-11 19:22 ` Bjorn Helgaas
2026-06-11 23:29 ` Farhan Ali
2026-06-12 15:44 ` Bjorn Helgaas
2026-06-10 23:44 ` Bjorn Helgaas
2026-06-11 18:22 ` Farhan Ali
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260603185736.8345C1F00893@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=alifm@linux.ibm.com \
--cc=linux-pci@vger.kernel.org \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox