From: Julia Lawall <[email protected]>
If both the test on rport and the call to get_device fail, then the lock is
already held. The re-lock is thus moved up into the two branches.
On the other hand if kref_put should not be called with the lock held then
something else should be done.
The semantic match that finds this problem is as follows:
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@@
expression lock1,lock2;
expression flags;
@@
*spin_lock_irqsave(lock1,flags)
... when != flags
*spin_lock_irqsave(lock2,flags)
// </smpl>
Signed-off-by: Julia Lawall <[email protected]>
---
drivers/scsi/ibmvscsi/ibmvfc.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/drivers/scsi/ibmvscsi/ibmvfc.c b/drivers/scsi/ibmvscsi/ibmvfc.c
index 166d964..d2b88bd 100644
--- a/drivers/scsi/ibmvscsi/ibmvfc.c
+++ b/drivers/scsi/ibmvscsi/ibmvfc.c
@@ -4278,15 +4278,16 @@ static void ibmvfc_rport_add_thread(struct work_struct *work)
if (!rport) {
spin_unlock_irqrestore(vhost->host->host_lock, flags);
ibmvfc_tgt_add_rport(tgt);
+ spin_lock_irqsave(vhost->host->host_lock, flags);
} else if (get_device(&rport->dev)) {
spin_unlock_irqrestore(vhost->host->host_lock, flags);
tgt_dbg(tgt, "Setting rport roles\n");
fc_remote_port_rolechg(rport, tgt->ids.roles);
put_device(&rport->dev);
+ spin_lock_irqsave(vhost->host->host_lock, flags);
}
kref_put(&tgt->kref, ibmvfc_release_tgt);
- spin_lock_irqsave(vhost->host->host_lock, flags);
break;
}
}
Julia Lawall wrote:
> From: Julia Lawall <[email protected]>
>
> If both the test on rport and the call to get_device fail, then the lock is
> already held. The re-lock is thus moved up into the two branches.
>
> On the other hand if kref_put should not be called with the lock held then
> something else should be done.
kref_put should not be called with the lock held. Updated patch below.
Thanks,
Brian
--
Brian King
Linux on Power Virtualization
IBM Linux Technology Center
Fixes a potential deadlock in the ibmvfc driver in the rport
add thread if it encounters an rport it wants to add which
it cannot get a reference to.
Signed-off-by: Brian King <[email protected]>
---
drivers/scsi/ibmvscsi/ibmvfc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff -puN drivers/scsi/ibmvscsi/ibmvfc.c~ibmvfc_fix_add_locking drivers/scsi/ibmvscsi/ibmvfc.c
--- linux-2.6/drivers/scsi/ibmvscsi/ibmvfc.c~ibmvfc_fix_add_locking 2009-07-20 09:49:28.000000000 -0500
+++ linux-2.6-bjking1/drivers/scsi/ibmvscsi/ibmvfc.c 2009-07-20 09:54:54.000000000 -0500
@@ -4283,7 +4283,8 @@ static void ibmvfc_rport_add_thread(stru
tgt_dbg(tgt, "Setting rport roles\n");
fc_remote_port_rolechg(rport, tgt->ids.roles);
put_device(&rport->dev);
- }
+ } else
+ spin_unlock_irqrestore(vhost->host->host_lock, flags);
kref_put(&tgt->kref, ibmvfc_release_tgt);
spin_lock_irqsave(vhost->host->host_lock, flags);
_