* [PATCH] scsi_debug: fix in_use bitmap corruption
@ 2020-07-02 14:53 Douglas Gilbert
2020-07-03 4:03 ` Martin K. Petersen
0 siblings, 1 reply; 2+ messages in thread
From: Douglas Gilbert @ 2020-07-02 14:53 UTC (permalink / raw)
To: linux-scsi; +Cc: martin.petersen, jejb, hare, Damien.LeMoal
Heavy testing indicates the irqsave() spinlock around the
__set_bit() is insufficient to stop following clear_bit() calls
being rarely applied out-of-order. Also the nearby failed
kzalloc() path leading to SCSI_MLQUEUE_HOST_BUSY does not
properly undo the in_use bitmap and num_in_q, fix.
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
---
drivers/scsi/scsi_debug.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c
index 843cccb38cb7..4692f5b6ad13 100644
--- a/drivers/scsi/scsi_debug.c
+++ b/drivers/scsi/scsi_debug.c
@@ -5430,7 +5430,7 @@ static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
else
return SCSI_MLQUEUE_HOST_BUSY;
}
- __set_bit(k, sqp->in_use_bm);
+ set_bit(k, sqp->in_use_bm);
atomic_inc(&devip->num_in_q);
sqcp = &sqp->qc_arr[k];
sqcp->a_cmnd = cmnd;
@@ -5439,10 +5439,13 @@ static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
spin_unlock_irqrestore(&sqp->qc_lock, iflags);
if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
setup_inject(sqp, sqcp);
- if (sd_dp == NULL) {
+ if (!sd_dp) {
sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
- if (sd_dp == NULL)
+ if (!sd_dp) {
+ atomic_dec(&devip->num_in_q);
+ clear_bit(k, sqp->in_use_bm);
return SCSI_MLQUEUE_HOST_BUSY;
+ }
new_sd_dp = true;
} else {
new_sd_dp = false;
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] scsi_debug: fix in_use bitmap corruption
2020-07-02 14:53 [PATCH] scsi_debug: fix in_use bitmap corruption Douglas Gilbert
@ 2020-07-03 4:03 ` Martin K. Petersen
0 siblings, 0 replies; 2+ messages in thread
From: Martin K. Petersen @ 2020-07-03 4:03 UTC (permalink / raw)
To: linux-scsi, Douglas Gilbert
Cc: Martin K . Petersen, Damien.LeMoal, hare, jejb
On Thu, 2 Jul 2020 10:53:55 -0400, Douglas Gilbert wrote:
> Heavy testing indicates the irqsave() spinlock around the
> __set_bit() is insufficient to stop following clear_bit() calls
> being rarely applied out-of-order. Also the nearby failed
> kzalloc() path leading to SCSI_MLQUEUE_HOST_BUSY does not
> properly undo the in_use bitmap and num_in_q, fix.
Applied to 5.9/scsi-queue, thanks!
[1/1] scsi: scsi_debug: Fix in_use bitmap corruption
https://git.kernel.org/mkp/scsi/c/74595c044cb5
--
Martin K. Petersen Oracle Linux Engineering
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-07-03 4:04 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-07-02 14:53 [PATCH] scsi_debug: fix in_use bitmap corruption Douglas Gilbert
2020-07-03 4:03 ` Martin K. Petersen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox