From: Michael Hernandez <michael.hernan...@cavium.com>
This patch fixes system hang/crash while firmware dump is attempted with
Block MQ enabled in qla2xxx driver. Fix is to remove check in fw dump
template entries for existing request and response queues so that full
buffer size is calculated during template size calculation.
Following stack trace is seen during firmware dump capture process
[ 694.390588] qla2xxx [0000:81:00.0]-5003:11: ISP System Error - mbx1=4b1fh
mbx2=10h mbx3=2ah mbx7=0h.
[ 694.402336] BUG: unable to handle kernel paging request at ffffc90008c7b000
[ 694.402372] IP: memcpy_erms+0x6/0x10
[ 694.402386] PGD 105f01a067
[ 694.402386] PUD 85f89c067
[ 694.402398] PMD 10490cb067
[ 694.402409] PTE 0
[ 694.402421]
[ 694.402437] Oops: 0002 [#1] PREEMPT SMP
[ 694.402452] Modules linked in: netconsole configfs qla2xxx scsi_transport_fc
nvme_fc nvme_fabrics bnep bluetooth rfkill xt_tcpudp unix_diag xt_multiport
ip6table_filter ip6_tables iptable_filter ip_tables x_tables af_packet
iscsi_ibft iscsi_boot_sysfs xfs libcrc32c ipmi_ssif sb_edac edac_core
x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass igb
crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc aesni_intel iTCO_wdt
aes_x86_64 crypto_simd ptp iTCO_vendor_support glue_helper cryptd lpc_ich joydev
i2c_i801 pcspkr ioatdma mei_me pps_core tpm_tis mei mfd_core acpi_power_meter
tpm_tis_core ipmi_si ipmi_devintf tpm ipmi_msghandler shpchp wmi dca button
acpi_pad btrfs xor uas usb_storage hid_generic usbhid raid6_pq crc32c_intel ast
i2c_algo_bit drm_kms_helper syscopyarea sysfillrect
[ 694.402692] sysimgblt fb_sys_fops xhci_pci ttm ehci_pci sr_mod xhci_hcd
cdrom ehci_hcd drm usbcore sg
[ 694.402730] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.10.0-1-default+ #19
[ 694.402753] Hardware name: Supermicro X10DRi/X10DRi, BIOS 1.1a 10/16/2015
[ 694.402776] task: ffffffff81c0e4c0 task.stack: ffffffff81c00000
[ 694.402798] RIP: 0010:memcpy_erms+0x6/0x10
[ 694.402813] RSP: 0018:ffff88085fc03cd0 EFLAGS: 00210006
[ 694.402832] RAX: ffffc90008c7ae0c RBX: 0000000000000004 RCX: 000000000001fe0c
[ 694.402856] RDX: 0000000000020000 RSI: ffff8810332c01f4 RDI: ffffc90008c7b000
[ 694.402879] RBP: ffff88085fc03d18 R08: 0000000000020000 R09: 0000000000279e0a
[ 694.402903] R10: 0000000000000000 R11: f000000000000000 R12: ffff88085fc03d80
[ 694.402927] R13: ffffc90008a01000 R14: ffffc90008a056d4 R15: ffff881052ef17e0
[ 694.402951] FS: 0000000000000000(0000) GS:ffff88085fc00000(0000)
knlGS:0000000000000000
[ 694.402977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 694.403012] CR2: ffffc90008c7b000 CR3: 0000000001c09000 CR4: 00000000001406f0
[ 694.403036] Call Trace:
[ 694.403047] <IRQ>
[ 694.403072] ? qla27xx_fwdt_entry_t263+0x18e/0x380 [qla2xxx]
[ 694.403099] qla27xx_walk_template+0x9d/0x1a0 [qla2xxx]
[ 694.403124] qla27xx_fwdump+0x1f3/0x272 [qla2xxx]
[ 694.403149] qla2x00_async_event+0xb08/0x1a50 [qla2xxx]
[ 694.403169] ? enqueue_task_fair+0xa2/0x9d0
Signed-off-by: Mike Hernandez <michael.hernan...@cavium.com>
Signed-off-by: Joe Carnuccio <joe.carnuc...@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madh...@cavium.com>
---
Hi Martin,
Please apply this patch to 4.13.0-rc4. Without this patch our capabilty
to collect and analyze firmware dump in a customer enviorment will be
greatly affected.
Thanks,
Himanshu
---
drivers/scsi/qla2xxx/qla_tmpl.c | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_tmpl.c b/drivers/scsi/qla2xxx/qla_tmpl.c
index 33142610882f..b18646d6057f 100644
--- a/drivers/scsi/qla2xxx/qla_tmpl.c
+++ b/drivers/scsi/qla2xxx/qla_tmpl.c
@@ -401,9 +401,6 @@ qla27xx_fwdt_entry_t263(struct scsi_qla_host *vha,
for (i = 0; i < vha->hw->max_req_queues; i++) {
struct req_que *req = vha->hw->req_q_map[i];
- if (!test_bit(i, vha->hw->req_qid_map))
- continue;
-
if (req || !buf) {
length = req ?
req->length : REQUEST_ENTRY_CNT_24XX;
@@ -418,9 +415,6 @@ qla27xx_fwdt_entry_t263(struct scsi_qla_host *vha,
for (i = 0; i < vha->hw->max_rsp_queues; i++) {
struct rsp_que *rsp = vha->hw->rsp_q_map[i];
- if (!test_bit(i, vha->hw->rsp_qid_map))
- continue;
-
if (rsp || !buf) {
length = rsp ?
rsp->length : RESPONSE_ENTRY_CNT_MQ;
@@ -660,9 +654,6 @@ qla27xx_fwdt_entry_t274(struct scsi_qla_host *vha,
for (i = 0; i < vha->hw->max_req_queues; i++) {
struct req_que *req = vha->hw->req_q_map[i];
- if (!test_bit(i, vha->hw->req_qid_map))
- continue;
-
if (req || !buf) {
qla27xx_insert16(i, buf, len);
qla27xx_insert16(1, buf, len);
@@ -675,9 +666,6 @@ qla27xx_fwdt_entry_t274(struct scsi_qla_host *vha,
for (i = 0; i < vha->hw->max_rsp_queues; i++) {
struct rsp_que *rsp = vha->hw->rsp_q_map[i];
- if (!test_bit(i, vha->hw->rsp_qid_map))
- continue;
-
if (rsp || !buf) {
qla27xx_insert16(i, buf, len);
qla27xx_insert16(1, buf, len);
--
2.12.0
