* [PATCH 0/4] sg: fixes for 5.13/scsi-staging
@ 2021-03-11 18:14 Douglas Gilbert
2021-03-11 18:14 ` [PATCH 1/4] sg: sg_rq_map_kern: fix uninitialized Douglas Gilbert
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Douglas Gilbert @ 2021-03-11 18:14 UTC (permalink / raw)
To: linux-scsi; +Cc: martin.petersen, jejb, hare, colin.king
This patchset addresses reports sent by Colin King to the linux-scsi
list in 20210311 based on coverity reports. This was due to a 45
part patchset "sg: add v4 interface" applied to 5.13/scsi-staging
recently. Patches 1 and 2 address those concerns. Additionally
Colin King sent a patch titled "[PATCH][next] scsi: sg: Fix use of
pointer sfp after it has been kfree'd" [linux-scsi 20210311] which
should be applied.
Patches 3 and 4 are due to the author's ongoing testing.
This patchset is against MKP's repository, 5.13/scsi-staging
branch.
Douglas Gilbert (4):
sg: sg_rq_map_kern: fix uninitialized
sg: sg_remove_sfp_usercontext: remove NULL check
sg: sg_rq_end_io: set SG_FRQ_ISSUED
sg: sg_common_write: remove debug remnant
drivers/scsi/sg.c | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
--
2.25.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 1/4] sg: sg_rq_map_kern: fix uninitialized
2021-03-11 18:14 [PATCH 0/4] sg: fixes for 5.13/scsi-staging Douglas Gilbert
@ 2021-03-11 18:14 ` Douglas Gilbert
2021-03-11 18:14 ` [PATCH 2/4] sg: sg_remove_sfp_usercontext: remove NULL check Douglas Gilbert
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Douglas Gilbert @ 2021-03-11 18:14 UTC (permalink / raw)
To: linux-scsi; +Cc: martin.petersen, jejb, hare, colin.king
Variable k should not be used in call to sg_mk_kern_bio().
Reported-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
---
drivers/scsi/sg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
index 2d4bbc1a1727..7d4a0fd9ee32 100644
--- a/drivers/scsi/sg.c
+++ b/drivers/scsi/sg.c
@@ -2987,7 +2987,7 @@ sg_rq_map_kern(struct sg_request *srp, struct request_queue *q, struct request *
return 0;
if (rw_ind == WRITE)
op_flags = REQ_SYNC | REQ_IDLE;
- bio = sg_mk_kern_bio(num_sgat - k);
+ bio = sg_mk_kern_bio(num_sgat);
if (!bio)
return -ENOMEM;
bio->bi_opf = req_op(rqq) | op_flags;
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/4] sg: sg_remove_sfp_usercontext: remove NULL check
2021-03-11 18:14 [PATCH 0/4] sg: fixes for 5.13/scsi-staging Douglas Gilbert
2021-03-11 18:14 ` [PATCH 1/4] sg: sg_rq_map_kern: fix uninitialized Douglas Gilbert
@ 2021-03-11 18:14 ` Douglas Gilbert
2021-03-11 18:14 ` [PATCH 3/4] sg: sg_rq_end_io: set SG_FRQ_ISSUED Douglas Gilbert
2021-03-11 18:14 ` [PATCH 4/4] sg: sg_common_write: remove debug remnant Douglas Gilbert
3 siblings, 0 replies; 5+ messages in thread
From: Douglas Gilbert @ 2021-03-11 18:14 UTC (permalink / raw)
To: linux-scsi; +Cc: martin.petersen, jejb, hare, colin.king
The NULL check on sdp is useless as it has already been
de-referenced. sg_fd object without valid parent pointer
(sdp) should never occur.
Reported-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
---
drivers/scsi/sg.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
index 7d4a0fd9ee32..77fec70b7c2f 100644
--- a/drivers/scsi/sg.c
+++ b/drivers/scsi/sg.c
@@ -3918,10 +3918,8 @@ sg_remove_sfp_usercontext(struct work_struct *work)
o_count, sfp);
kfree(sfp);
- if (sdp) {
- scsi_device_put(sdp->device);
- kref_put(&sdp->d_ref, sg_device_destroy);
- }
+ scsi_device_put(sdp->device);
+ kref_put(&sdp->d_ref, sg_device_destroy);
module_put(THIS_MODULE);
}
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/4] sg: sg_rq_end_io: set SG_FRQ_ISSUED
2021-03-11 18:14 [PATCH 0/4] sg: fixes for 5.13/scsi-staging Douglas Gilbert
2021-03-11 18:14 ` [PATCH 1/4] sg: sg_rq_map_kern: fix uninitialized Douglas Gilbert
2021-03-11 18:14 ` [PATCH 2/4] sg: sg_remove_sfp_usercontext: remove NULL check Douglas Gilbert
@ 2021-03-11 18:14 ` Douglas Gilbert
2021-03-11 18:14 ` [PATCH 4/4] sg: sg_common_write: remove debug remnant Douglas Gilbert
3 siblings, 0 replies; 5+ messages in thread
From: Douglas Gilbert @ 2021-03-11 18:14 UTC (permalink / raw)
To: linux-scsi; +Cc: martin.petersen, jejb, hare, colin.king
The SG_FRQ_ISSUED flag should be set when the driver knows the
block layer has issued a request with blk_execute_rq_nowait().
This flag was set on the line following that nowait() call.
However with blk_poll() the request may have already invoked
the completion call-back (sg_rq_end_io()) so set this flag
there as well.
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
---
drivers/scsi/sg.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
index 77fec70b7c2f..b6e06e039d5b 100644
--- a/drivers/scsi/sg.c
+++ b/drivers/scsi/sg.c
@@ -2624,6 +2624,7 @@ sg_rq_end_io(struct request *rq, blk_status_t status)
set_bit(SG_FRQ_DEACT_ORPHAN, srp->frq_bm);
}
}
+ set_bit(SG_FRQ_ISSUED, srp->frq_bm);
if (test_bit(SG_FRQ_COUNT_ACTIVE, srp->frq_bm)) {
int num = atomic_inc_return(&sfp->waiting);
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 4/4] sg: sg_common_write: remove debug remnant
2021-03-11 18:14 [PATCH 0/4] sg: fixes for 5.13/scsi-staging Douglas Gilbert
` (2 preceding siblings ...)
2021-03-11 18:14 ` [PATCH 3/4] sg: sg_rq_end_io: set SG_FRQ_ISSUED Douglas Gilbert
@ 2021-03-11 18:14 ` Douglas Gilbert
3 siblings, 0 replies; 5+ messages in thread
From: Douglas Gilbert @ 2021-03-11 18:14 UTC (permalink / raw)
To: linux-scsi; +Cc: martin.petersen, jejb, hare, colin.king
The removed check was added as part of scattergun debugging to
find a problem that was fixed elsewhere. The associated SG_LOG
message has never been seen in testing.
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
---
drivers/scsi/sg.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
index b6e06e039d5b..9593f8eaf56c 100644
--- a/drivers/scsi/sg.c
+++ b/drivers/scsi/sg.c
@@ -1120,11 +1120,6 @@ sg_common_write(struct sg_comm_wr_t *cwrp)
res = -EIDRM; /* this failure unexpected but observed */
goto err_out;
}
- if (xa_get_mark(&fp->srp_arr, srp->rq_idx, SG_XA_RQ_FREE)) {
- SG_LOG(1, fp, "%s: ahhh, request erased!!!\n", __func__);
- res = -ENODEV;
- goto err_out;
- }
srp->rq->timeout = cwrp->timeout;
sg_execute_cmd(fp, srp);
return srp;
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-03-11 18:15 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-11 18:14 [PATCH 0/4] sg: fixes for 5.13/scsi-staging Douglas Gilbert
2021-03-11 18:14 ` [PATCH 1/4] sg: sg_rq_map_kern: fix uninitialized Douglas Gilbert
2021-03-11 18:14 ` [PATCH 2/4] sg: sg_remove_sfp_usercontext: remove NULL check Douglas Gilbert
2021-03-11 18:14 ` [PATCH 3/4] sg: sg_rq_end_io: set SG_FRQ_ISSUED Douglas Gilbert
2021-03-11 18:14 ` [PATCH 4/4] sg: sg_common_write: remove debug remnant Douglas Gilbert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox