mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-13 16:50:05 +00:00
[SCSI] target: Fix task->task_execute_queue=1 clear bug + LUN_RESET OOPs
This patch fixes a bug where task->task_execute_queue=1 was not being cleared once se_task had been removed from se_device->execute_task_list, resulting in an OOPs in core_tmr_lun_reset() for the task->task_active=0 case where transport_remove_task_from_execute_queue() was incorrectly being called. This patch fixes two cases in transport_get_task_from_execute_queue() and transport_remove_task_from_execute_queue() to properly clear task->task_execute_queue=0 once list_del(&task->t_execute_list) has been called. It also adds an explict check in transport_remove_task_from_execute_queue() to dump_stack + return if called with task->task_execute_queue=0. Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org> Cc: stable@kernel.org Signed-off-by: James Bottomley <jbottomley@parallels.com>
This commit is contained in:
parent
42c6951e2f
commit
ccf4d680f8
@ -1194,6 +1194,7 @@ transport_get_task_from_execute_queue(struct se_device *dev)
|
||||
break;
|
||||
|
||||
list_del(&task->t_execute_list);
|
||||
atomic_set(&task->task_execute_queue, 0);
|
||||
atomic_dec(&dev->execute_tasks);
|
||||
|
||||
return task;
|
||||
@ -1209,8 +1210,14 @@ void transport_remove_task_from_execute_queue(
|
||||
{
|
||||
unsigned long flags;
|
||||
|
||||
if (atomic_read(&task->task_execute_queue) == 0) {
|
||||
dump_stack();
|
||||
return;
|
||||
}
|
||||
|
||||
spin_lock_irqsave(&dev->execute_task_lock, flags);
|
||||
list_del(&task->t_execute_list);
|
||||
atomic_set(&task->task_execute_queue, 0);
|
||||
atomic_dec(&dev->execute_tasks);
|
||||
spin_unlock_irqrestore(&dev->execute_task_lock, flags);
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user