Commit 21b1ed74 authored by Albert Lee's avatar Albert Lee Committed by Jeff Garzik

[PATCH] libata: Prevent the interrupt handler from completing a command twice

Problem:
   During the libata CD-ROM stress test, sometimes the "BUG: timeout
without command" error is seen.

Root cause:
  Unexpected interrupt occurs after the ata_qc_complete() is called,
but before the SCSI error handler.  The interrupt handler is invoked
before the SCSI error handler, and it clears the command by calling
ata_qc_complete() again.  Later when the SCSI error handler is run,
the ata_queued_cmd is already gone, causing the "BUG: timeout without
command" error.

Changes:
  - Use the ATA_QCFLAG_ACTIVE flag to prevent the interrupt handler
from completing the command twice, before the scsi_error_handler.
Signed-off-by: default avatarAlbert Lee <albertcc@tw.ibm.com>
parent f85bdb9c
...@@ -2539,7 +2539,7 @@ static void atapi_request_sense(struct ata_port *ap, struct ata_device *dev, ...@@ -2539,7 +2539,7 @@ static void atapi_request_sense(struct ata_port *ap, struct ata_device *dev,
ata_sg_init_one(qc, cmd->sense_buffer, sizeof(cmd->sense_buffer)); ata_sg_init_one(qc, cmd->sense_buffer, sizeof(cmd->sense_buffer));
qc->dma_dir = DMA_FROM_DEVICE; qc->dma_dir = DMA_FROM_DEVICE;
memset(&qc->cdb, 0, sizeof(ap->cdb_len)); memset(&qc->cdb, 0, ap->cdb_len);
qc->cdb[0] = REQUEST_SENSE; qc->cdb[0] = REQUEST_SENSE;
qc->cdb[4] = SCSI_SENSE_BUFFERSIZE; qc->cdb[4] = SCSI_SENSE_BUFFERSIZE;
...@@ -2811,6 +2811,7 @@ void ata_qc_complete(struct ata_queued_cmd *qc, u8 drv_stat) ...@@ -2811,6 +2811,7 @@ void ata_qc_complete(struct ata_queued_cmd *qc, u8 drv_stat)
/* call completion callback */ /* call completion callback */
rc = qc->complete_fn(qc, drv_stat); rc = qc->complete_fn(qc, drv_stat);
qc->flags &= ~ATA_QCFLAG_ACTIVE;
/* if callback indicates not to complete command (non-zero), /* if callback indicates not to complete command (non-zero),
* return immediately * return immediately
...@@ -3229,7 +3230,8 @@ irqreturn_t ata_interrupt (int irq, void *dev_instance, struct pt_regs *regs) ...@@ -3229,7 +3230,8 @@ irqreturn_t ata_interrupt (int irq, void *dev_instance, struct pt_regs *regs)
struct ata_queued_cmd *qc; struct ata_queued_cmd *qc;
qc = ata_qc_from_tag(ap, ap->active_tag); qc = ata_qc_from_tag(ap, ap->active_tag);
if (qc && (!(qc->tf.ctl & ATA_NIEN))) if (qc && (!(qc->tf.ctl & ATA_NIEN)) &&
(qc->flags & ATA_QCFLAG_ACTIVE))
handled |= ata_host_intr(ap, qc); handled |= ata_host_intr(ap, qc);
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment