SCSI: zfcp: fix lock imbalance by reworking request queue locking

commit d79ff142624e1be080ad8d09101f7004d79c36e1 upstream. This patch adds wait_event_interruptible_lock_irq_timeout(), which is a straight-forward descendant of wait_event_interruptible_timeout() and wait_event_interruptible_lock_irq(). The zfcp driver used to call wait_event_interruptible_timeout() in combination with some intricate and error-prone locking. Using wait_event_interruptible_lock_irq_timeout() as a replacement nicely cleans up that locking. This rework removes a situation that resulted in a locking imbalance in zfcp_qdio_sbal_get(): BUG: workqueue leaked lock or atomic: events/1/0xffffff00/10 last function: zfcp_fc_wka_port_offline+0x0/0xa0 [zfcp] It was introduced by commit c2af7545aaff3495d9bf9a7608c52f0af86fb194 "[SCSI] zfcp: Do not wait for SBALs on stopped queue", which had a new code path related to ZFCP_STATUS_ADAPTER_QDIOUP that took an early exit without a required lock being held. The problem occured when a special, non-SCSI I/O request was being submitted in process context, when the adapter's queues had been torn down. In this case the bug surfaced when the Fibre Channel port connection for a well-known address was closed during a concurrent adapter shut-down procedure, which is a rare constellation. This patch also fixes these warnings from the sparse tool (make C=1): drivers/s390/scsi/zfcp_qdio.c:224:12: warning: context imbalance in 'zfcp_qdio_sbal_check' - wrong count at exit drivers/s390/scsi/zfcp_qdio.c:244:5: warning: context imbalance in 'zfcp_qdio_sbal_get' - unexpected unlock Last but not least, we get rid of that crappy lock-unlock-lock sequence at the beginning of the critical section. It is okay to call zfcp_erp_adapter_reopen() with req_q_lock held. Reported-by: Mikulas Patocka <mpatocka@redhat.com> Reported-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Peschke <mpeschke@linux.vnet.ibm.com> Signed-off-by: Steffen Maier <maier@linux.vnet.ibm.com> Signed-off-by: James Bottomley <JBottomley@Parallels.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Martin Peschke <mpeschke@linux.vnet.ibm.com> 2013-08-22 11:45:36 -0400
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2013-08-29 12:47:39 -0400
commit: bda5d1efa09527e443a6990f81459779a313e24d (patch)
tree: 87ba9935d1d07394feec2b36f52d4a5a58abb8c2
parent: 67bdd3c0dc4dc00fc1e708fc9f326304d88cc8be (diff)
2 files changed, 59 insertions, 6 deletions
diff --git a/drivers/s390/scsi/zfcp_qdio.c b/drivers/s390/scsi/zfcp_qdio.c
index 665e3cfaaf85..de0598eaacd2 100644
--- a/drivers/s390/scsi/zfcp_qdio.c
+++ b/drivers/s390/scsi/zfcp_qdio.c
@@ -224,11 +224,9 @@ int zfcp_qdio_sbals_from_sg(struct zfcp_qdio *qdio, struct zfcp_qdio_req *q_req,
 static int zfcp_qdio_sbal_check(struct zfcp_qdio *qdio)
 {
-        spin_lock_irq(&qdio->req_q_lock);
        if (atomic_read(&qdio->req_q_free) ||
            !(atomic_read(&qdio->adapter->status) & ZFCP_STATUS_ADAPTER_QDIOUP))
                return 1;
-        spin_unlock_irq(&qdio->req_q_lock);
        return 0;
 }
@@ -246,9 +244,8 @@ int zfcp_qdio_sbal_get(struct zfcp_qdio *qdio)
 {
        long ret;
-        spin_unlock_irq(&qdio->req_q_lock);
+        ret = wait_event_interruptible_lock_irq_timeout(qdio->req_q_wq,
-        ret = wait_event_interruptible_timeout(qdio->req_q_wq,
+                       zfcp_qdio_sbal_check(qdio), qdio->req_q_lock, 5 * HZ);
-                               zfcp_qdio_sbal_check(qdio), 5 * HZ);
        if (!(atomic_read(&qdio->adapter->status) & ZFCP_STATUS_ADAPTER_QDIOUP))
                return -EIO;
@@ -262,7 +259,6 @@ int zfcp_qdio_sbal_get(struct zfcp_qdio *qdio)
                zfcp_erp_adapter_reopen(qdio->adapter, 0, "qdsbg_1");
        }
-        spin_lock_irq(&qdio->req_q_lock);
        return -EIO;
 }
diff --git a/include/linux/wait.h b/include/linux/wait.h
index 1133695eb067..c8e576022234 100644
--- a/include/linux/wait.h
+++ b/include/linux/wait.h
@@ -805,6 +805,63 @@ do {									\
        __ret;                                                          \
 })
+#define __wait_event_interruptible_lock_irq_timeout(wq, condition,      \
+                                                    lock, ret)          \
+do {                                                                    \
+        DEFINE_WAIT(__wait);                                            \
+                                                                        \
+        for (;;) {                                                      \
+                prepare_to_wait(&wq, &__wait, TASK_INTERRUPTIBLE);      \
+                if (condition)                                          \
+                        break;                                          \
+                if (signal_pending(current)) {                          \
+                        ret = -ERESTARTSYS;                             \
+                        break;                                          \
+                }                                                       \
+                spin_unlock_irq(&lock);                                 \
+                ret = schedule_timeout(ret);                            \
+                spin_lock_irq(&lock);                                   \
+                if (!ret)                                               \
+                        break;                                          \
+        }                                                               \
+        finish_wait(&wq, &__wait);                                      \
+} while (0)
+/**
+ * wait_event_interruptible_lock_irq_timeout - sleep until a condition gets true or a timeout elapses.
+ *              The condition is checked under the lock. This is expected
+ *              to be called with the lock taken.
+ * @wq: the waitqueue to wait on
+ * @condition: a C expression for the event to wait for
+ * @lock: a locked spinlock_t, which will be released before schedule()
+ *        and reacquired afterwards.
+ * @timeout: timeout, in jiffies
+ *
+ * The process is put to sleep (TASK_INTERRUPTIBLE) until the
+ * @condition evaluates to true or signal is received. The @condition is
+ * checked each time the waitqueue @wq is woken up.
+ *
+ * wake_up() has to be called after changing any variable that could
+ * change the result of the wait condition.
+ *
+ * This is supposed to be called while holding the lock. The lock is
+ * dropped before going to sleep and is reacquired afterwards.
+ *
+ * The function returns 0 if the @timeout elapsed, -ERESTARTSYS if it
+ * was interrupted by a signal, and the remaining jiffies otherwise
+ * if the condition evaluated to true before the timeout elapsed.
+ */
+#define wait_event_interruptible_lock_irq_timeout(wq, condition, lock,  \
+                                                  timeout)              \
+({                                                                      \
+        int __ret = timeout;                                            \
+                                                                        \
+        if (!(condition))                                               \
+                __wait_event_interruptible_lock_irq_timeout(            \
+                                        wq, condition, lock, __ret);    \
+        __ret;                                                          \
+})
 /*
 * These are the old interfaces to sleep waiting for an event.
author	Martin Peschke <mpeschke@linux.vnet.ibm.com>	2013-08-22 11:45:36 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2013-08-29 12:47:39 -0400
commit	bda5d1efa09527e443a6990f81459779a313e24d (patch)
tree	87ba9935d1d07394feec2b36f52d4a5a58abb8c2
parent	67bdd3c0dc4dc00fc1e708fc9f326304d88cc8be (diff)

diff --git a/drivers/s390/scsi/zfcp_qdio.c b/drivers/s390/scsi/zfcp_qdio.c index 665e3cfaaf85..de0598eaacd2 100644 --- a/drivers/s390/scsi/zfcp_qdio.c +++ b/drivers/s390/scsi/zfcp_qdio.c
@@ -224,11 +224,9 @@ int zfcp_qdio_sbals_from_sg(struct zfcp_qdio qdio, struct zfcp_qdio_req q_req,
224		224
225	static int zfcp_qdio_sbal_check(struct zfcp_qdio *qdio)	225	static int zfcp_qdio_sbal_check(struct zfcp_qdio *qdio)
226	{	226	{
227	spin_lock_irq(&qdio->req_q_lock);
228	if (atomic_read(&qdio->req_q_free) \|\|	227	if (atomic_read(&qdio->req_q_free) \|\|
229	!(atomic_read(&qdio->adapter->status) & ZFCP_STATUS_ADAPTER_QDIOUP))	228	!(atomic_read(&qdio->adapter->status) & ZFCP_STATUS_ADAPTER_QDIOUP))
230	return 1;	229	return 1;
231	spin_unlock_irq(&qdio->req_q_lock);
232	return 0;	230	return 0;
233	}	231	}
234		232
@@ -246,9 +244,8 @@ int zfcp_qdio_sbal_get(struct zfcp_qdio *qdio)
246	{	244	{
247	long ret;	245	long ret;
248		246
249	spin_unlock_irq(&qdio->req_q_lock);	247	ret = wait_event_interruptible_lock_irq_timeout(qdio->req_q_wq,
250	ret = wait_event_interruptible_timeout(qdio->req_q_wq,	248	zfcp_qdio_sbal_check(qdio), qdio->req_q_lock, 5 * HZ);
251	zfcp_qdio_sbal_check(qdio), 5 * HZ);
252		249
253	if (!(atomic_read(&qdio->adapter->status) & ZFCP_STATUS_ADAPTER_QDIOUP))	250	if (!(atomic_read(&qdio->adapter->status) & ZFCP_STATUS_ADAPTER_QDIOUP))
254	return -EIO;	251	return -EIO;
@@ -262,7 +259,6 @@ int zfcp_qdio_sbal_get(struct zfcp_qdio *qdio)
262	zfcp_erp_adapter_reopen(qdio->adapter, 0, "qdsbg_1");	259	zfcp_erp_adapter_reopen(qdio->adapter, 0, "qdsbg_1");
263	}	260	}
264		261
265	spin_lock_irq(&qdio->req_q_lock);
266	return -EIO;	262	return -EIO;
267	}	263	}
268		264


diff --git a/include/linux/wait.h b/include/linux/wait.h index 1133695eb067..c8e576022234 100644 --- a/include/linux/wait.h +++ b/include/linux/wait.h
@@ -805,6 +805,63 @@ do { \
805	__ret; \	805	__ret; \
806	})	806	})
807		807
		808	#define __wait_event_interruptible_lock_irq_timeout(wq, condition, \
		809	lock, ret) \
		810	do { \
		811	DEFINE_WAIT(__wait); \
		812	\
		813	for (;;) { \
		814	prepare_to_wait(&wq, &__wait, TASK_INTERRUPTIBLE); \
		815	if (condition) \
		816	break; \
		817	if (signal_pending(current)) { \
		818	ret = -ERESTARTSYS; \
		819	break; \
		820	} \
		821	spin_unlock_irq(&lock); \
		822	ret = schedule_timeout(ret); \
		823	spin_lock_irq(&lock); \
		824	if (!ret) \
		825	break; \
		826	} \
		827	finish_wait(&wq, &__wait); \
		828	} while (0)
		829
		830	/**
		831	* wait_event_interruptible_lock_irq_timeout - sleep until a condition gets true or a timeout elapses.
		832	* The condition is checked under the lock. This is expected
		833	* to be called with the lock taken.
		834	* @wq: the waitqueue to wait on
		835	* @condition: a C expression for the event to wait for
		836	* @lock: a locked spinlock_t, which will be released before schedule()
		837	* and reacquired afterwards.
		838	* @timeout: timeout, in jiffies
		839	*
		840	* The process is put to sleep (TASK_INTERRUPTIBLE) until the
		841	* @condition evaluates to true or signal is received. The @condition is
		842	* checked each time the waitqueue @wq is woken up.
		843	*
		844	* wake_up() has to be called after changing any variable that could
		845	* change the result of the wait condition.
		846	*
		847	* This is supposed to be called while holding the lock. The lock is
		848	* dropped before going to sleep and is reacquired afterwards.
		849	*
		850	* The function returns 0 if the @timeout elapsed, -ERESTARTSYS if it
		851	* was interrupted by a signal, and the remaining jiffies otherwise
		852	* if the condition evaluated to true before the timeout elapsed.
		853	*/
		854	#define wait_event_interruptible_lock_irq_timeout(wq, condition, lock, \
		855	timeout) \
		856	({ \
		857	int __ret = timeout; \
		858	\
		859	if (!(condition)) \
		860	__wait_event_interruptible_lock_irq_timeout( \
		861	wq, condition, lock, __ret); \
		862	__ret; \
		863	})
		864
808		865
809	/*	866	/*
810	* These are the old interfaces to sleep waiting for an event.	867	* These are the old interfaces to sleep waiting for an event.