------- Comment From <email address hidden> 2018-02-20 07:56 EDT-------
Description: qeth: check not more than 16 SBALEs on the completion queue
Symptom: Kernel crash
Problem: af_iucv socket programs with HiperSockets as transport
make use of the qdio completion queue. Running such an
af_iucv socket program may result in a crash:
[90341.677709] Oops: 0038 ilc:2 [#1] SMP
[90341.677743] CPU: 1 PID: 0 Comm: swapper/1
Not tainted 4.6.0-20160720.0.0e
[90341.677744] Hardware name: IBM 2964 N96 703
[90341.677746] task: 00000000edb79f00 ti: 00000000edb84000
task.ti: 00000000
[90341.677748] Krnl PSW : 0704d00180000000 000000000075bc50
(qeth_qdio_input
[90341.677756] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0
Krnl GPRS: 000003d10391e900 0000000000000001 00000000e61e6000
00000000000000
[90341.677759] 0000000000a9e6ec 5420040001a77400 0000000000000001
[90341.677761] 00000000e0d83f00 0000000000000003 0000000000000010
[90341.677784] 000000007ba8b000 0000000000943fd0 000000000075bc4e
[90341.677793] Krnl Code:
000000000075bc42: e320cc180004 lg %r2,
000000000075bc48: c0e5ffffc5cc brasl %r14,7547e0
#000000000075bc4e: 1816 lr %r1,%r6
>000000000075bc50: ba19b008 cs %r1,%r9,8(%r11)
000000000075bc54: ec180041017e cij %r1,1,8,75bcd6
000000000075bc5a: 5810b008 l %r1,8(%r11)
000000000075bc5e: ec16005c027e cij %r1,2,6,75bd16
000000000075bc64: 5090b008 st %r9,8(%r11)
[90341.677807] Call Trace:
[90341.677810] ([<000000000075bbc0>] qeth_qdio_input_handler
+0x1c8/0x4e0)
[90341.677812] ([<000000000070efbc>] qdio_kick_handler+0x124/0x2a8)
[90341.677814] ([<0000000000713570>] __tiqdio_inbound_processing
+0xf0/0xcd0)
[90341.677818] ([<0000000000143312>] tasklet_action+0x92/0x120)
[90341.677823] ([<00000000008b6e72>] __do_softirq+0x112/0x308)
[90341.677824] ([<0000000000142bce>] irq_exit+0xd6/0xf8)
[90341.677829] ([<000000000010b1d2>] do_IRQ+0x6a/0x88)
[90341.677830] ([<00000000008b6322>] io_int_handler+0x112/0x220)
[90341.677832] ([<0000000000102b2e>] enabled_wait+0x56/0xa8)
[90341.677833] ([<0000000000000000>] (null))
[90341.677835] ([<0000000000102e32>] arch_cpu_idle+0x32/0x48)
[90341.677838] ([<000000000018a126>] cpu_startup_entry+0x266/0x2b0)
[90341.677841] ([<0000000000113b38>] smp_start_secondary+0x100/0x110)
[90341.677843] ([<00000000008b68a6>] restart_int_handler+0x62/0x78)
[90341.677845] ([<00000000008b6588>] psw_idle+0x3c/0x40)
[90341.677846] Last Breaking-Event-Address:
[90341.677848] [<00000000007547ec>] qeth_dbf_longtext+0xc/0xc0
Solution: qeth_qdio_cq_handler() analyzes SBALs on this completion
queue, but does not observe the limit of 16 SBAL elements
per SBAL. This patch adds the additional check to process
not more than 16 SBAL elements.
Reproduction: Run af_iucv stress test
Upstream-ID: 903e48531e8b5d414c8f1960eacac24c31f60344
Problem-ID: 148203
------- Comment From <email address hidden> 2018-02-20 07:56 EDT------- bbc0>] qeth_qdio_ input_handler efbc>] qdio_kick_ handler+ 0x124/0x2a8) 3570>] __tiqdio_ inbound_ processing 3312>] tasklet_ action+ 0x92/0x120) 6e72>] __do_softirq+ 0x112/0x308) 2bce>] irq_exit+0xd6/0xf8) b1d2>] do_IRQ+0x6a/0x88) 6322>] io_int_ handler+ 0x112/0x220) 2b2e>] enabled_ wait+0x56/ 0xa8) 0000>] (null)) 2e32>] arch_cpu_ idle+0x32/ 0x48) a126>] cpu_startup_ entry+0x266/ 0x2b0) 3b38>] smp_start_ secondary+ 0x100/0x110) 68a6>] restart_ int_handler+ 0x62/0x78) 6588>] psw_idle+0x3c/0x40) Event-Address: 7ec>] qeth_dbf_ longtext+ 0xc/0xc0
Description: qeth: check not more than 16 SBALEs on the completion queue
Symptom: Kernel crash
Problem: af_iucv socket programs with HiperSockets as transport
make use of the qdio completion queue. Running such an
af_iucv socket program may result in a crash:
[90341.677709] Oops: 0038 ilc:2 [#1] SMP
[90341.677743] CPU: 1 PID: 0 Comm: swapper/1
Not tainted 4.6.0-20160720.0.0e
[90341.677744] Hardware name: IBM 2964 N96 703
[90341.677746] task: 00000000edb79f00 ti: 00000000edb84000
task.ti: 00000000
[90341.677748] Krnl PSW : 0704d00180000000 000000000075bc50
(qeth_qdio_input
[90341.677756] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0
Krnl GPRS: 000003d10391e900 0000000000000001 00000000e61e6000
00000000000000
[90341.677759] 0000000000a9e6ec 5420040001a77400 0000000000000001
[90341.677761] 00000000e0d83f00 0000000000000003 0000000000000010
[90341.677784] 000000007ba8b000 0000000000943fd0 000000000075bc4e
[90341.677793] Krnl Code:
000000000075bc42: e320cc180004 lg %r2,
000000000075bc48: c0e5ffffc5cc brasl %r14,7547e0
#000000000075bc4e: 1816 lr %r1,%r6
>000000000075bc50: ba19b008 cs %r1,%r9,8(%r11)
000000000075bc54: ec180041017e cij %r1,1,8,75bcd6
000000000075bc5a: 5810b008 l %r1,8(%r11)
000000000075bc5e: ec16005c027e cij %r1,2,6,75bd16
000000000075bc64: 5090b008 st %r9,8(%r11)
[90341.677807] Call Trace:
[90341.677810] ([<000000000075
+0x1c8/0x4e0)
[90341.677812] ([<000000000070
[90341.677814] ([<000000000071
+0xf0/0xcd0)
[90341.677818] ([<000000000014
[90341.677823] ([<00000000008b
[90341.677824] ([<000000000014
[90341.677829] ([<000000000010
[90341.677830] ([<00000000008b
[90341.677832] ([<000000000010
[90341.677833] ([<000000000000
[90341.677835] ([<000000000010
[90341.677838] ([<000000000018
[90341.677841] ([<000000000011
[90341.677843] ([<00000000008b
[90341.677845] ([<00000000008b
[90341.677846] Last Breaking-
[90341.677848] [<0000000000754
Solution: qeth_qdio_ cq_handler( ) analyzes SBALs on this completion 14c8f1960eacac2 4c31f60344
queue, but does not observe the limit of 16 SBAL elements
per SBAL. This patch adds the additional check to process
not more than 16 SBAL elements.
Reproduction: Run af_iucv stress test
Upstream-ID: 903e48531e8b5d4
Problem-ID: 148203