From: Ursula Braun <ubraun@linux.vnet.ibm.com>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, linux-s390@vger.kernel.org,
schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com,
ubraun@linux.vnet.ibm.com
Subject: [PATCH net 4/7] qeth: check not more than 16 SBALEs on the completion queue
Date: Thu, 15 Sep 2016 14:39:24 +0200 [thread overview]
Message-ID: <20160915123927.86579-5-ubraun@linux.vnet.ibm.com> (raw)
In-Reply-To: <20160915123927.86579-1-ubraun@linux.vnet.ibm.com>
af_iucv socket programs with HiperSockets as transport make use of the qdio
completion queue. Running such an af_iucv socket program may result in a
crash:
[90341.677709] Oops: 0038 ilc:2 [#1] SMP
[90341.677743] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.6.0-20160720.0.0e86ec7.5e62689.fc23.s390xperformance #1
[90341.677744] Hardware name: IBM 2964 N96 703 (LPAR)
[90341.677746] task: 00000000edb79f00 ti: 00000000edb84000 task.ti: 00000000edb84000
[90341.677748] Krnl PSW : 0704d00180000000 000000000075bc50 (qeth_qdio_input_handler+0x258/0x4e0)
[90341.677756] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0 RI:0 EA:3
Krnl GPRS: 000003d10391e900 0000000000000001 00000000e61e6000 0000000000000005
[90341.677759] 0000000000a9e6ec 5420040001a77400 0000000000000001 000000000000006f
[90341.677761] 00000000e0d83f00 0000000000000003 0000000000000010 5420040001a77400
[90341.677784] 000000007ba8b000 0000000000943fd0 000000000075bc4e 00000000ed3b3c10
[90341.677793] Krnl Code: 000000000075bc42: e320cc180004 lg %r2,3096(%r12)
000000000075bc48: c0e5ffffc5cc brasl %r14,7547e0
#000000000075bc4e: 1816 lr %r1,%r6
>000000000075bc50: ba19b008 cs %r1,%r9,8(%r11)
000000000075bc54: ec180041017e cij %r1,1,8,75bcd6
000000000075bc5a: 5810b008 l %r1,8(%r11)
000000000075bc5e: ec16005c027e cij %r1,2,6,75bd16
000000000075bc64: 5090b008 st %r9,8(%r11)
[90341.677807] Call Trace:
[90341.677810] ([<000000000075bbc0>] qeth_qdio_input_handler+0x1c8/0x4e0)
[90341.677812] ([<000000000070efbc>] qdio_kick_handler+0x124/0x2a8)
[90341.677814] ([<0000000000713570>] __tiqdio_inbound_processing+0xf0/0xcd0)
[90341.677818] ([<0000000000143312>] tasklet_action+0x92/0x120)
[90341.677823] ([<00000000008b6e72>] __do_softirq+0x112/0x308)
[90341.677824] ([<0000000000142bce>] irq_exit+0xd6/0xf8)
[90341.677829] ([<000000000010b1d2>] do_IRQ+0x6a/0x88)
[90341.677830] ([<00000000008b6322>] io_int_handler+0x112/0x220)
[90341.677832] ([<0000000000102b2e>] enabled_wait+0x56/0xa8)
[90341.677833] ([<0000000000000000>] (null))
[90341.677835] ([<0000000000102e32>] arch_cpu_idle+0x32/0x48)
[90341.677838] ([<000000000018a126>] cpu_startup_entry+0x266/0x2b0)
[90341.677841] ([<0000000000113b38>] smp_start_secondary+0x100/0x110)
[90341.677843] ([<00000000008b68a6>] restart_int_handler+0x62/0x78)
[90341.677845] ([<00000000008b6588>] psw_idle+0x3c/0x40)
[90341.677846] Last Breaking-Event-Address:
[90341.677848] [<00000000007547ec>] qeth_dbf_longtext+0xc/0xc0
[90341.677849]
[90341.677850] Kernel panic - not syncing: Fatal exception in interrupt
qeth_qdio_cq_handler() analyzes SBALs on this completion queue, but does
not observe the limit of 16 SBAL elements per SBAL. This patch adds the
additional check to process not more than 16 SBAL elements.
Signed-off-by: Ursula Braun <ubraun@linux.vnet.ibm.com>
---
drivers/s390/net/qeth_core_main.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/s390/net/qeth_core_main.c b/drivers/s390/net/qeth_core_main.c
index 6ad5a14..20cf296 100644
--- a/drivers/s390/net/qeth_core_main.c
+++ b/drivers/s390/net/qeth_core_main.c
@@ -3619,7 +3619,8 @@ static void qeth_qdio_cq_handler(struct qeth_card *card,
int e;
e = 0;
- while (buffer->element[e].addr) {
+ while ((e < QDIO_MAX_ELEMENTS_PER_BUFFER) &&
+ buffer->element[e].addr) {
unsigned long phys_aob_addr;
phys_aob_addr = (unsigned long) buffer->element[e].addr;
--
2.8.4
next prev parent reply other threads:[~2016-09-15 12:39 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-15 12:39 [PATCH net 0/7] 390: qeth patches Ursula Braun
2016-09-15 12:39 ` [PATCH net 1/7] qeth: restore device features after recovery Ursula Braun
2016-09-15 12:39 ` [PATCH net 2/7] s390/qeth: use ip_lock for hsuid configuration Ursula Braun
2016-09-15 12:39 ` [PATCH net 3/7] s390/qeth: allow hsuid configuration in DOWN state Ursula Braun
2016-09-15 12:39 ` Ursula Braun [this message]
2016-09-15 12:39 ` [PATCH net 5/7] qeth: do not limit number of gso segments Ursula Braun
2016-09-15 12:39 ` [PATCH net 6/7] qeth: do not turn on SG per default Ursula Braun
2016-09-15 12:39 ` [PATCH net 7/7] s390/qeth: fix setting VIPA address Ursula Braun
2016-09-16 8:31 ` [PATCH net 0/7] 390: qeth patches David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160915123927.86579-5-ubraun@linux.vnet.ibm.com \
--to=ubraun@linux.vnet.ibm.com \
--cc=davem@davemloft.net \
--cc=heiko.carstens@de.ibm.com \
--cc=linux-s390@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=schwidefsky@de.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).