linux_dsm_epyc7002/drivers/scsi
James Bottomley 6302ce4d80 libsas: Fix Kernel Crash in smp_execute_task
This crash was reported:

[  366.947370] sd 3:0:1:0: [sdb] Spinning up disk....
[  368.804046] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  368.804072] IP: [<ffffffff81358457>] __mutex_lock_common.isra.7+0x9c/0x15b
[  368.804098] PGD 0
[  368.804114] Oops: 0002 [#1] SMP
[  368.804143] CPU 1
[  368.804151] Modules linked in: sg netconsole s3g(PO) uinput joydev hid_multitouch usbhid hid snd_hda_codec_via cpufreq_userspace cpufreq_powersave cpufreq_stats uhci_hcd cpufreq_conservative snd_hda_intel snd_hda_codec snd_hwdep snd_pcm sdhci_pci snd_page_alloc sdhci snd_timer snd psmouse evdev serio_raw pcspkr soundcore xhci_hcd shpchp s3g_drm(O) mvsas mmc_core ahci libahci drm i2c_core acpi_cpufreq mperf video processor button thermal_sys dm_dmirror exfat_fs exfat_core dm_zcache dm_mod padlock_aes aes_generic padlock_sha iscsi_target_mod target_core_mod configfs sswipe libsas libata scsi_transport_sas picdev via_cputemp hwmon_vid fuse parport_pc ppdev lp parport autofs4 ext4 crc16 mbcache jbd2 sd_mod crc_t10dif usb_storage scsi_mod ehci_hcd usbcore usb_common
[  368.804749]
[  368.804764] Pid: 392, comm: kworker/u:3 Tainted: P        W  O 3.4.87-logicube-ng.22 #1 To be filled by O.E.M. To be filled by O.E.M./EPIA-M920
[  368.804802] RIP: 0010:[<ffffffff81358457>]  [<ffffffff81358457>] __mutex_lock_common.isra.7+0x9c/0x15b
[  368.804827] RSP: 0018:ffff880117001cc0  EFLAGS: 00010246
[  368.804842] RAX: 0000000000000000 RBX: ffff8801185030d0 RCX: ffff88008edcb420
[  368.804857] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff8801185030d4
[  368.804873] RBP: ffff8801181531c0 R08: 0000000000000020 R09: 00000000fffffffe
[  368.804885] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801185030d4
[  368.804899] R13: 0000000000000002 R14: ffff880117001fd8 R15: ffff8801185030d8
[  368.804916] FS:  0000000000000000(0000) GS:ffff88011fc80000(0000) knlGS:0000000000000000
[  368.804931] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  368.804946] CR2: 0000000000000000 CR3: 000000000160b000 CR4: 00000000000006e0
[  368.804962] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  368.804978] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  368.804995] Process kworker/u:3 (pid: 392, threadinfo ffff880117000000, task ffff8801181531c0)
[  368.805009] Stack:
[  368.805017]  ffff8801185030d8 0000000000000000 ffffffff8161ddf0 ffffffff81056f7c
[  368.805062]  000000000000b503 ffff8801185030d0 ffff880118503000 0000000000000000
[  368.805100]  ffff8801185030d0 ffff8801188b8000 ffff88008edcb420 ffffffff813583ac
[  368.805135] Call Trace:
[  368.805153]  [<ffffffff81056f7c>] ? up+0xb/0x33
[  368.805168]  [<ffffffff813583ac>] ? mutex_lock+0x16/0x25
[  368.805194]  [<ffffffffa018c414>] ? smp_execute_task+0x4e/0x222 [libsas]
[  368.805217]  [<ffffffffa018ce1c>] ? sas_find_bcast_dev+0x3c/0x15d [libsas]
[  368.805240]  [<ffffffffa018ce4f>] ? sas_find_bcast_dev+0x6f/0x15d [libsas]
[  368.805264]  [<ffffffffa018e989>] ? sas_ex_revalidate_domain+0x37/0x2ec [libsas]
[  368.805280]  [<ffffffff81355a2a>] ? printk+0x43/0x48
[  368.805296]  [<ffffffff81359a65>] ? _raw_spin_unlock_irqrestore+0xc/0xd
[  368.805318]  [<ffffffffa018b767>] ? sas_revalidate_domain+0x85/0xb6 [libsas]
[  368.805336]  [<ffffffff8104e5d9>] ? process_one_work+0x151/0x27c
[  368.805351]  [<ffffffff8104f6cd>] ? worker_thread+0xbb/0x152
[  368.805366]  [<ffffffff8104f612>] ? manage_workers.isra.29+0x163/0x163
[  368.805382]  [<ffffffff81052c4e>] ? kthread+0x79/0x81
[  368.805399]  [<ffffffff8135fea4>] ? kernel_thread_helper+0x4/0x10
[  368.805416]  [<ffffffff81052bd5>] ? kthread_flush_work_fn+0x9/0x9
[  368.805431]  [<ffffffff8135fea0>] ? gs_change+0x13/0x13
[  368.805442] Code: 83 7d 30 63 7e 04 f3 90 eb ab 4c 8d 63 04 4c 8d 7b 08 4c 89 e7 e8 fa 15 00 00 48 8b 43 10 4c 89 3c 24 48 89 63 10 48 89 44 24 08 <48> 89 20 83 c8 ff 48 89 6c 24 10 87 03 ff c8 74 35 4d 89 ee 41
[  368.805851] RIP  [<ffffffff81358457>] __mutex_lock_common.isra.7+0x9c/0x15b
[  368.805877]  RSP <ffff880117001cc0>
[  368.805886] CR2: 0000000000000000
[  368.805899] ---[ end trace b720682065d8f4cc ]---

It's directly caused by 89d3cf6 [SCSI] libsas: add mutex for SMP task
execution, but shows a deeper cause: expander functions expect to be able to
cast to and treat domain devices as expanders.  The correct fix is to only do
expander discover when we know we've got an expander device to avoid wrongly
casting a non-expander device.

Reported-by: Praveen Murali <pmurali@logicube.com>
Tested-by: Praveen Murali <pmurali@logicube.com>
Cc: stable@vger.kernel.org
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2015-03-06 20:51:29 -08:00
..
aacraid Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-08 07:42:25 -08:00
aic7xxx SCSI misc on 20150209 2015-02-11 10:28:45 -08:00
aic94xx Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-18 05:56:29 -08:00
arcmsr scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
arm scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
be2iscsi SCSI misc on 20150221 2015-02-21 19:16:42 -08:00
bfa scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
bnx2fc Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-18 05:56:29 -08:00
bnx2i scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
csiostor Merge branch 'debugfs_automount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-02-17 15:18:19 -08:00
cxgbi cxgb4i : Call into recently added cxgb4 ipv6 api 2015-01-15 18:59:46 -05:00
device_handler scsi: fix device handler detach oops 2015-02-02 13:45:28 +01:00
dpt
esas2r SCSI misc on 20150209 2015-02-11 10:28:45 -08:00
fcoe Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-18 05:56:29 -08:00
fnic fnic: IOMMU Fault occurs when IO and abort IO is out of order 2014-12-30 13:31:45 +01:00
ibmvscsi ibmvfc: remove unused tag variable 2014-12-04 09:58:33 +01:00
isci Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-18 05:56:29 -08:00
libfc scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
libsas libsas: Fix Kernel Crash in smp_execute_task 2015-03-06 20:51:29 -08:00
lpfc lpfc: correct device removal deadlock after link bounce 2015-01-09 15:44:24 +01:00
megaraid megaraid_sas: driver version update 2015-01-09 15:44:38 +01:00
mpt2sas mpt2sas: Bump driver version to 20.100.00.00 2015-01-13 16:27:29 +01:00
mpt3sas mpt2sas, mpt3sas: set cpu affinity for each MSIX vectors 2015-01-13 16:27:28 +01:00
mvsas Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-18 05:56:29 -08:00
osd scsi: remove scsi_driver owner field 2014-11-24 20:01:28 +01:00
pcmcia scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
pm8001 Merge remote-tracking branch 'scsi-queue/drivers-for-3.19' into for-linus 2014-12-18 05:56:29 -08:00
qla2xxx Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2015-02-21 13:21:19 -08:00
qla4xxx scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
sym53c8xx_2 scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
ufs ufs-qcom: add support for Qualcomm Technologies Inc platforms 2015-01-20 19:43:26 +01:00
.gitignore
3w-9xxx.c 3w-9xxx.c: Cleaning up missing null-terminate in conjunction with strncpy 2015-01-09 15:44:21 +01:00
3w-9xxx.h
3w-sas.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
3w-sas.h
3w-xxxx.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
3w-xxxx.h
53c700_d.h_shipped
53c700.c scsi: remove scsi_set_tag_type 2014-12-04 09:57:13 +01:00
53c700.h
53c700.scr
a100u2w.c
a100u2w.h
a2091.c
a2091.h
a3000.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
a3000.h
a4000t.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
advansys.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
aha152x.c aha152x: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
aha152x.h
aha1542.c
aha1542.h
aha1740.c scsi: correct return values for .eh_abort_handler implementations 2014-11-12 11:16:08 +01:00
aha1740.h
am53c974.c am53c974: remove left-over debugging code 2015-02-05 10:52:02 -08:00
atari_NCR5380.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
atari_scsi.c atari_NCR5380: Move static co-routine variables to host data 2014-11-20 09:11:20 +01:00
atp870u.c scsi: merge consecutive seq_puts calls 2015-02-02 09:57:45 -08:00
atp870u.h
BusLogic.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
BusLogic.h
bvme6000_scsi.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
ch.c ch: remove debug noise in ch_do_scsi 2015-01-20 19:43:23 +01:00
constants.c scsi: Conditionally compile in constants.c 2015-01-09 15:44:31 +01:00
dc395x.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
dc395x.h
dmx3191d.c dmx3191d: Use NO_IRQ 2014-11-20 09:11:11 +01:00
dpt_i2o.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
dpti.h
dtc.c ncr5380: Drop legacy scsi.h include 2014-11-20 09:11:10 +01:00
dtc.h ncr5380: Remove *_RELEASE macros 2014-11-20 09:11:10 +01:00
eata_generic.h
eata_pio.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
eata_pio.h
eata.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
esp_scsi.c esp_scsi: remove check for ESP_MAX_TAGS 2015-01-09 15:44:23 +01:00
esp_scsi.h esp_scsi: correctly detect am53c974 2014-11-24 16:13:16 +01:00
fdomain.c
fdomain.h
FlashPoint.c
g_NCR5380_mmio.c
g_NCR5380.c ncr5380: Drop legacy scsi.h include 2014-11-20 09:11:10 +01:00
g_NCR5380.h ncr5380: Remove *_RELEASE macros 2014-11-20 09:11:10 +01:00
gdth_ioctl.h
gdth_proc.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
gdth_proc.h
gdth.c scsi: rename SERVICE_ACTION_IN to SERVICE_ACTION_IN_16 2014-11-24 20:01:40 +01:00
gdth.h
gvp11.c
gvp11.h
hosts.c scsi: remove ordered_tag host template field 2014-11-12 11:19:41 +01:00
hpsa_cmd.h hpsa: do not use a void pointer for scsi_cmd field of struct CommandList 2015-02-02 09:57:43 -08:00
hpsa.c hpsa: correct compiler warnings introduced by hpsa-add-local-workqueue patch 2015-02-15 10:33:32 -08:00
hpsa.h hpsa: Use local workqueues instead of system workqueues 2015-02-02 09:57:44 -08:00
hptiop.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
hptiop.h
imm.c
imm.h
in2000.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
in2000.h
initio.c
initio.h
ipr.c ipr: wait for aborted command responses 2015-01-19 10:46:20 +01:00
ipr.h ipr: wait for aborted command responses 2015-01-19 10:46:20 +01:00
ips.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
ips.h
iscsi_boot_sysfs.c
iscsi_tcp.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
iscsi_tcp.h
jazz_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
Kconfig scsi: Conditionally compile in constants.c 2015-01-09 15:44:31 +01:00
lasi700.c
libiscsi_tcp.c
libiscsi.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
mac53c94.c
mac53c94.h
mac_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
mac_scsi.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-12-12 10:08:06 -08:00
Makefile scsi: Conditionally compile in constants.c 2015-01-09 15:44:31 +01:00
megaraid.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
megaraid.h
mesh.c
mesh.h
mvme16x_scsi.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
mvme147.c
mvme147.h
mvumi.c
mvumi.h
ncr53c8xx.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
ncr53c8xx.h
NCR53c406a.c
NCR5380.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
NCR5380.h atari_NCR5380: Move static co-routine variables to host data 2014-11-20 09:11:20 +01:00
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
nsp32_debug.c
nsp32_io.h
nsp32.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
nsp32.h
osst_detect.h
osst_options.h
osst.c scsi: remove scsi_driver owner field 2014-11-24 20:01:28 +01:00
osst.h
pas16.c ncr5380: Drop legacy scsi.h include 2014-11-20 09:11:10 +01:00
pas16.h ncr5380: Remove *_RELEASE macros 2014-11-20 09:11:10 +01:00
pmcraid.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2015-02-10 20:01:30 -08:00
pmcraid.h
ppa.c
ppa.h
ps3rom.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-12-12 10:08:06 -08:00
qla1280.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
qla1280.h
qlogicfas408.c
qlogicfas408.h
qlogicfas.c
qlogicpti.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
qlogicpti.h
raid_class.c
script_asm.pl
scsi_debug.c scsi: use %*pb[l] to print bitmaps including cpumasks and nodemasks 2015-02-13 21:21:38 -08:00
scsi_devinfo.c scsi: blacklist RSOC for Microsoft iSCSI target devices 2014-12-15 10:41:23 +01:00
scsi_error.c scsi: do not display kernel pointer in message logs 2015-01-09 15:44:33 +01:00
scsi_ioctl.c scsi: return EAGAIN when resetting a device under EH 2014-11-12 11:16:12 +01:00
scsi_lib_dma.c
scsi_lib.c Merge branch 'for-3.20/core' of git://git.kernel.dk/linux-block 2015-02-12 14:13:23 -08:00
scsi_logging.c scsi_logging: return void for dev_printk() functions 2015-02-04 08:00:24 -08:00
scsi_logging.h scsi: simplify scsi_log_(send|completion) 2014-11-12 11:16:05 +01:00
scsi_module.c
scsi_netlink.c
scsi_pm.c SCSI / PM: Replace CONFIG_PM_RUNTIME with CONFIG_PM 2014-12-15 15:11:06 +01:00
scsi_priv.h SCSI / PM: Replace CONFIG_PM_RUNTIME with CONFIG_PM 2014-12-15 15:11:06 +01:00
scsi_proc.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
scsi_sas_internal.h
scsi_scan.c Merge branch 'for-3.20/core' of git://git.kernel.dk/linux-block 2015-02-12 14:13:23 -08:00
scsi_sysctl.c
scsi_sysfs.c scsi: remove ->change_queue_type method 2014-12-04 09:55:45 +01:00
scsi_trace.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
scsi_transport_api.h
scsi_transport_fc.c
scsi_transport_iscsi.c
scsi_transport_sas.c
scsi_transport_spi.c scsi: remove MSG_*_TAG defines 2014-12-04 09:58:33 +01:00
scsi_transport_srp.c
scsi_typedefs.h
scsi.c SCSI misc on 20150209 2015-02-11 10:28:45 -08:00
scsi.h
scsicam.c scsi: PC partition tables are little endian 2014-11-12 11:15:54 +01:00
sd_dif.c sd: Honor block layer integrity handling flags 2014-09-30 15:17:35 -06:00
sd.c SCSI misc on 20150209 2015-02-11 10:28:45 -08:00
sd.h scsi: introduce sdev_prefix_printk() 2014-11-12 11:15:57 +01:00
ses.c ses: Add power_status to SES device slot 2015-01-09 15:44:19 +01:00
sg.c SCSI misc on 20150221 2015-02-21 19:16:42 -08:00
sgiwd93.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sim710.c
sni_53c710.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sr_ioctl.c sr: reduce debug noise in sr_do_ioctl 2015-01-20 19:43:24 +01:00
sr_vendor.c
sr.c scsi: remove scsi_driver owner field 2014-11-24 20:01:28 +01:00
sr.h scsi: introduce sdev_prefix_printk() 2014-11-12 11:15:57 +01:00
st_options.h
st.c mm: gup: use get_user_pages_unlocked 2015-02-11 17:06:05 -08:00
st.h
stex.c scsi: don't force tagged_supported in drivers 2014-11-12 11:19:44 +01:00
storvsc_drv.c storvsc: force SPC-3 compliance on win8 and win8 r2 hosts 2015-01-09 15:44:27 +01:00
sun3_scsi_vme.c
sun3_scsi.c atari_NCR5380: Remove RESET_RUN_DONE macro 2014-11-20 09:11:20 +01:00
sun3_scsi.h sun3_scsi: Move macro definitions 2014-11-20 09:11:15 +01:00
sun3x_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sun_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sym53c416.c
sym53c416.h
t128.c ncr5380: Drop legacy scsi.h include 2014-11-20 09:11:10 +01:00
t128.h ncr5380: Remove *_RELEASE macros 2014-11-20 09:11:10 +01:00
u14-34f.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
ultrastor.c
ultrastor.h
virtio_scsi.c virtio/scsi: verify device has config space 2015-01-21 16:28:47 +10:30
vmw_pvscsi.c vmw_pscsi: simplify ->change_queue_depth 2014-11-24 14:45:28 +01:00
vmw_pvscsi.h PCI: Move PCI_VENDOR_ID_VMWARE to pci_ids.h 2014-09-24 11:52:09 -06:00
wd33c93.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
wd33c93.h
wd719x.c wd719x: add missing .module to wd719x_template 2015-02-15 10:34:39 -08:00
wd719x.h wd719x: Introduce Western Digital WD7193/7197/7296 PCI SCSI card driver 2014-11-25 15:42:54 +01:00
wd7000.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
xen-scsifront.c xen: remove DEFINE_XENBUS_DRIVER() macro 2014-10-06 10:27:57 +01:00
zalon.c
zorro7xx.c