aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/scsi/sg.c
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2009-04-03 06:28:06 -0400
committerJames Bottomley <James.Bottomley@HansenPartnership.com>2009-04-03 11:23:16 -0400
commit015640edb1f346e0b2eda703587c4cd1c310ec1d (patch)
treefd7016b45278d26eac055f1f613632b40832f46e /drivers/scsi/sg.c
parent1beb6fa85ca9afaee109811a3f4a984232a32a4f (diff)
[SCSI] sg: fix q->queue_lock on scsi_error_handler path
sg_rq_end_io() is called via rq->end_io. In some rare cases, sg_rq_end_io calls blk_put_request/blk_rq_unmap_user (when a program issuing a command has gone before the command completion; e.g. by interrupting a program issuing a command before the command completes). We can't call blk_put_request/blk_rq_unmap_user in interrupt so the commit c96952ed7031e7c576ecf90cf95b8ec099d5295a uses execute_in_process_context(). The problem is that scsi_error_handler() calls rq->end_io too. We can't call blk_put_request/blk_rq_unmap_user too in this path (we hold q->queue_lock). To avoid the above problem, in these rare cases, this patch always uses schedule_work() instead of execute_in_process_context(). Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Acked-by: Douglas Gilbert <dgilbert@interlog.com> Cc: Stable Tree <stable@kernel.org> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Diffstat (limited to 'drivers/scsi/sg.c')
-rw-r--r--drivers/scsi/sg.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
index 1e405184ed7..82312df9b0b 100644
--- a/drivers/scsi/sg.c
+++ b/drivers/scsi/sg.c
@@ -1312,8 +1312,10 @@ static void sg_rq_end_io(struct request *rq, int uptodate)
1312 wake_up_interruptible(&sfp->read_wait); 1312 wake_up_interruptible(&sfp->read_wait);
1313 kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN); 1313 kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
1314 kref_put(&sfp->f_ref, sg_remove_sfp); 1314 kref_put(&sfp->f_ref, sg_remove_sfp);
1315 } else 1315 } else {
1316 execute_in_process_context(sg_rq_end_io_usercontext, &srp->ew); 1316 INIT_WORK(&srp->ew.work, sg_rq_end_io_usercontext);
1317 schedule_work(&srp->ew.work);
1318 }
1317} 1319}
1318 1320
1319static struct file_operations sg_fops = { 1321static struct file_operations sg_fops = {
@@ -2099,7 +2101,8 @@ static void sg_remove_sfp(struct kref *kref)
2099 write_unlock_irqrestore(&sg_index_lock, iflags); 2101 write_unlock_irqrestore(&sg_index_lock, iflags);
2100 wake_up_interruptible(&sdp->o_excl_wait); 2102 wake_up_interruptible(&sdp->o_excl_wait);
2101 2103
2102 execute_in_process_context(sg_remove_sfp_usercontext, &sfp->ew); 2104 INIT_WORK(&sfp->ew.work, sg_remove_sfp_usercontext);
2105 schedule_work(&sfp->ew.work);
2103} 2106}
2104 2107
2105static int 2108static int