linux-hardened/drivers/block
Jens Axboe e7d9dc9cfd cciss: fix bug in overriding ->data_len before completion
For BLOCK_PC requests, we need that length for completing the request.
Andrew Vasquez <andrew.vasquez@qlogic.com> reported the following
oops

Hitting a consistent BUG() with recent Linus' linux-2.6.git:

	[   12.941428] ------------[ cut here ]------------
	[   12.944874] kernel BUG at drivers/block/cciss.c:1260!
	[   12.944874] invalid opcode: 0000 [1] SMP
	[   12.944874] CPU 0
	[   12.944874] Modules linked in:
	[   12.944874] Pid: 0, comm: swapper Not tainted 2.6.24 #43
	[   12.944874] RIP: 0010:[<ffffffff8039e43d>]  [<ffffffff8039e43d>] cciss_softirq_done+0xbc/0x1bf
	[   12.944874] RSP: 0018:ffffffff8063aed0  EFLAGS: 00010202
	[   12.944874] RAX: 0000000000000001 RBX: ffff8100cf800010 RCX: ffff81042f1253b0
	[   12.944874] RDX: ffff81042de398f0 RSI: ffff81042de398f0 RDI: 0000000000000001
	[   12.944874] RBP: ffff81042daa0000 R08: ffff81042f1253b0 R09: 0000000000000001
	[   12.944874] R10: 00000000000000fe R11: 0000000000000000 R12: 0000000000000002
	[   12.944874] R13: 0000000000000001 R14: ffff8100cf800000 R15: ffff81042de398f0
	[   12.944874] FS:  0000000000000000(0000) GS:ffffffff805bb000(0000) knlGS:0000000000000000
	[   12.944874] CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
	[   12.944874] CR2: 00002afed7eea340 CR3: 000000042dbba000 CR4: 00000000000006e0
	[   12.944874] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
	[   12.944874] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
	[   12.944874] Process swapper (pid: 0, threadinfo ffffffff805f4000, task ffffffff805624a0)
	[   12.944874] Stack:  0000000000000000 ffffffff8063af10 0000000000000001 ffffffff80632d60
	[   12.944874]  0000000000000000 000000000000000a ffffffff805bb900 ffffffff8032038f
	[   12.944874]  ffffffff8063af10 ffffffff8063af10 ffffffff805bb940 ffffffff802346b4
	[   12.944874] Call Trace:
	[   12.944874]  <IRQ>  [<ffffffff8032038f>] blk_done_softirq+0x69/0x78
	[   12.944874]  [<ffffffff802346b4>] __do_softirq+0x6f/0xd8
	[   12.944874]  [<ffffffff8020c45c>] call_softirq+0x1c/0x30
	[   12.944874]  [<ffffffff8020e347>] do_softirq+0x30/0x80
	[   12.944874]  [<ffffffff8020e409>] do_IRQ+0x72/0xd9
	[   12.944874]  [<ffffffff8020a50a>] mwait_idle+0x0/0x46
	[   12.944874]  [<ffffffff8020a3da>] default_idle+0x0/0x3d
	[   12.944874]  [<ffffffff8020b7e1>] ret_from_intr+0x0/0xa
	[   12.944874]  <EOI>  [<ffffffff8020a54c>] mwait_idle+0x42/0x46
	[   12.944874]  [<ffffffff8020a481>] cpu_idle+0x6a/0xae
	[   12.944874]
	[   12.944874]
	[   12.944874] Code: 0f 0b eb fe 48 8d 85 d8 c0 00 00 48 89 04 24 48 89 c7 e8 e5
	[   12.944874] RIP  [<ffffffff8039e43d>] cciss_softirq_done+0xbc/0x1bf
	[   12.944874]  RSP <ffffffff8063aed0>
	[   12.944903] ---[ end trace e9c631603f90d22f ]---

which is caused by blk_end_request() returning 'not done' for a request,
since it gets asked to complete zero bytes.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2008-01-29 21:55:18 +01:00
..
aoe Driver core: convert block from raw kobjects to core devices 2008-01-24 20:40:36 -08:00
paride paride: Convert from class_device to device for block/paride 2008-01-24 20:40:06 -08:00
amiflop.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
ataflop.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
cciss.c cciss: fix bug in overriding ->data_len before completion 2008-01-29 21:55:18 +01:00
cciss.h [PATCH] cciss: add support for 1024 logical volumes 2006-12-07 08:39:30 -08:00
cciss_cmd.h [PATCH] cciss: add support for 1024 logical volumes 2006-12-07 08:39:30 -08:00
cciss_scsi.c cciss: update copyright notices 2007-10-29 11:33:05 +01:00
cciss_scsi.h cciss: update copyright notices 2007-10-29 11:33:05 +01:00
cpqarray.c blk_end_request: changing cpqarray (take 4) 2008-01-28 10:37:00 +01:00
cpqarray.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cryptoloop.c SG: Change sg_set_page() to take length and offset argument 2007-10-24 11:20:47 +02:00
DAC960.c blk_end_request: changing DAC960 (take 4) 2008-01-28 10:36:04 +01:00
DAC960.h Fix DAC960 driver on machines which don't support 64-bit DMA 2007-09-11 17:21:19 -07:00
floppy.c blk_end_request: changing floppy (take 4) 2008-01-28 10:36:21 +01:00
ida_cmd.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ida_ioctl.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
Kconfig cdrom: Add support for Sega Dreamcast GD-ROM. 2008-01-28 13:19:04 +09:00
loop.c loop: fix bad bio_alloc() nr_iovec request 2008-01-11 10:14:40 +01:00
Makefile Remove old lguest bus and drivers. 2007-10-23 15:49:55 +10:00
nbd.c blk_end_request: changing nbd (take 4) 2008-01-28 10:36:37 +01:00
pktcdvd.c Kobject: convert drivers/* from kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
ps2esdi.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
ps3disk.c blk_end_request: changing ps3disk (take 4) 2008-01-28 10:36:38 +01:00
rd.c rd: fix data corruption on memory pressure 2007-11-14 18:45:42 -08:00
smart1,2.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
sunvdc.c blk_end_request: changing sunvdc (take 4) 2008-01-28 10:36:40 +01:00
swim3.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
sx8.c blk_end_request: changing sx8 (take 4) 2008-01-28 10:36:42 +01:00
ub.c blk_end_request: changing ub (take 4) 2008-01-28 10:37:17 +01:00
umem.c Cleanup umem driver: fix most checkpatch warnings, conform to kernel 2007-12-18 08:29:28 +01:00
umem.h drivers/block/umem: trim trailing whitespace 2007-10-10 09:25:59 +02:00
viodasd.c blk_end_request: changing viodasd (take 4) 2008-01-28 10:36:44 +01:00
virtio_blk.c virtio: fix module/device unloading 2007-11-19 11:20:42 +11:00
xd.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
xd.h [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
xen-blkfront.c blk_end_request: changing xen-blkfront (take 4) 2008-01-28 10:36:46 +01:00
xsysace.c xsysace: end request handling fix 2008-01-29 21:54:53 +01:00
z2ram.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00