| blob | 30b1d77bfd70ce900776f251e613717e7aad57e0 |
1 /*
2 * scsi_error.c Copyright (C) 1997 Eric Youngdale
3 *
4 * SCSI error/timeout handling
5 * Initial versions: Eric Youngdale. Based upon conversations with
6 * Leonard Zubkoff and David Miller at Linux Expo,
7 * ideas originating from all over the place.
8 *
9 */
11 #define __NO_VERSION__
12 #include <linux/module.h>
14 #include <linux/sched.h>
15 #include <linux/timer.h>
16 #include <linux/string.h>
17 #include <linux/malloc.h>
18 #include <linux/ioport.h>
19 #include <linux/kernel.h>
20 #include <linux/stat.h>
21 #include <linux/blk.h>
22 #include <linux/interrupt.h>
23 #include <linux/delay.h>
24 #include <linux/smp_lock.h>
26 #define __KERNEL_SYSCALLS__
28 #include <linux/unistd.h>
30 #include <asm/system.h>
31 #include <asm/irq.h>
32 #include <asm/dma.h>
38 #ifdef MODULE
39 #define SHUTDOWN_SIGS (sigmask(SIGKILL)|sigmask(SIGINT)|sigmask(SIGTERM))
40 #else
41 #define SHUTDOWN_SIGS (0UL)
42 #endif
44 #ifdef DEBUG
45 #define SENSE_TIMEOUT SCSI_TIMEOUT
46 #define ABORT_TIMEOUT SCSI_TIMEOUT
47 #define RESET_TIMEOUT SCSI_TIMEOUT
48 #else
49 #define SENSE_TIMEOUT (10*HZ)
50 #define RESET_TIMEOUT (2*HZ)
51 #define ABORT_TIMEOUT (15*HZ)
52 #endif
54 #define STATIC
56 /*
57 * These should *probably* be handled by the host itself.
58 * Since it is allowed to sleep, it probably should.
59 */
60 #define BUS_RESET_SETTLE_TIME 5*HZ
61 #define HOST_RESET_SETTLE_TIME 10*HZ
64 static const char RCSid[] = "$Header: /mnt/ide/home/eric/CVSROOT/linux/drivers/scsi/scsi_error.c,v 1.10 1997/12/08 04:50:35 eric Exp $";
82 /*
83 * Function: scsi_add_timer()
84 *
85 * Purpose: Start timeout timer for a single scsi command.
86 *
87 * Arguments: SCset - command that is about to start running.
88 * timeout - amount of time to allow this command to run.
89 * complete - timeout function to call if timer isn't
90 * canceled.
91 *
92 * Returns: Nothing
93 *
94 * Notes: This should be turned into an inline function.
95 *
96 * More Notes: Each scsi command has it's own timer, and as it is added to
97 * the queue, we set up the timer. When the command completes,
98 * we cancel the timer. Pretty simple, really, especially
99 * compared to the old way of handling this crap.
100 */
104 {
106 /*
107 * If the clock was already running for this command, then
108 * first delete the timer. The timer handling code gets rather
109 * confused if we don't do this.
110 */
113 }
118 SCSI_LOG_ERROR_RECOVERY(5, printk("Adding timer for command %p at %d (%p)\n", SCset, timeout, complete));
122 }
124 /*
125 * Function: scsi_delete_timer()
126 *
127 * Purpose: Delete/cancel timer for a given function.
128 *
129 * Arguments: SCset - command that we are canceling timer for.
130 *
131 * Returns: Amount of time remaining before command would have timed out.
132 *
133 * Notes: This should be turned into an inline function.
134 */
136 {
148 }
150 /*
151 * Function: scsi_times_out()
152 *
153 * Purpose: Timeout function for normal scsi commands..
154 *
155 * Arguments: SCpnt - command that is timing out.
156 *
157 * Returns: Nothing.
158 *
159 * Notes:
160 */
162 {
164 /*
165 * Notify the low-level code that this operation failed and we are
166 * reposessing the command.
167 */
168 #ifdef ERIC_neverdef
169 /*
170 * FIXME(eric)
171 * Allow the host adapter to push a queue ordering tag
172 * out to the bus to force the command in question to complete.
173 * If the host wants to do this, then we just restart the timer
174 * for the command. Before we really do this, some real thought
175 * as to the optimum way to handle this should be done. We *do*
176 * need to force ordering every so often to ensure that all requests
177 * do eventually complete, but I am not sure if this is the best way
178 * to actually go about it.
179 *
180 * Better yet, force a sync here, but don't block since we are in an
181 * interrupt.
182 */
186 scsi_times_out);
188 }
189 }
190 /*
191 * FIXME(eric) - add a second special interface to handle this
192 * case. Ideally that interface can also be used to request
193 * a queu
194 */
197 }
198 #endif
200 /* Set the serial_number_at_timeout to the current serial_number */
215 /*
216 * If the host is having troubles, then look to see if this was the last
217 * command that might have failed. If so, wake up the error handler.
218 */
221 }
222 }
225 {
231 }
233 /*
234 * Function scsi_block_when_processing_errors
235 *
236 * Purpose: Prevent more commands from being queued while error recovery
237 * is taking place.
238 *
239 * Arguments: SDpnt - device on which we are performing recovery.
240 *
241 * Returns: FALSE The device was taken offline by error recovery.
242 * TRUE OK to proceed.
243 *
244 * Notes: We block until the host is out of error recovery, and then
245 * check to see whether the host or the device is offline.
246 */
248 {
255 }
257 /*
258 * Function: scsi_eh_times_out()
259 *
260 * Purpose: Timeout function for error handling.
261 *
262 * Arguments: SCpnt - command that is timing out.
263 *
264 * Returns: Nothing.
265 *
266 * Notes: During error handling, the kernel thread will be sleeping
267 * waiting for some action to complete on the device. Our only
268 * job is to record that it timed out, and to wake up the
269 * thread.
270 */
271 STATIC
273 {
282 /*
283 * As far as the low level driver is concerned, this command is still
284 * active, so we must give the low level driver a chance to abort it. (DB)
285 */
296 else
299 }
302 /*
303 * Function: scsi_eh_done()
304 *
305 * Purpose: Completion function for error handling.
306 *
307 * Arguments: SCpnt - command that is timing out.
308 *
309 * Returns: Nothing.
310 *
311 * Notes: During error handling, the kernel thread will be sleeping
312 * waiting for some action to complete on the device. Our only
313 * job is to record that the action completed, and to wake up the
314 * thread.
315 */
316 STATIC
318 {
329 }
331 /*
332 * Function: scsi_eh_action_done()
333 *
334 * Purpose: Completion function for error handling.
335 *
336 * Arguments: SCpnt - command that is timing out.
337 * answer - boolean that indicates whether operation succeeded.
338 *
339 * Returns: Nothing.
340 *
341 * Notes: This callback is only used for abort and reset operations.
342 */
343 STATIC
345 {
353 }
355 /*
356 * Function: scsi_sense_valid()
357 *
358 * Purpose: Determine whether a host has automatically obtained sense
359 * information or not. If we have it, then give a recommendation
360 * as to what we should do next.
361 */
363 {
366 }
368 }
370 /*
371 * Function: scsi_eh_retry_command()
372 *
373 * Purpose: Retry the original command
374 *
375 * Returns: SUCCESS - we were able to get the sense data.
376 * FAILED - we were not able to get the sense data.
377 *
378 * Notes: This function will *NOT* return until the command either
379 * times out, or it completes.
380 */
382 {
392 /*
393 * Hey, we are done. Let's look to see what happened.
394 */
396 }
398 /*
399 * Function: scsi_request_sense()
400 *
401 * Purpose: Request sense data from a particular target.
402 *
403 * Returns: SUCCESS - we were able to get the sense data.
404 * FAILED - we were not able to get the sense data.
405 *
406 * Notes: Some hosts automatically obtain this information, others
407 * require that we obtain it on our own.
408 *
409 * This function will *NOT* return until the command either
410 * times out, or it completes.
411 */
413 {
430 }
431 /*
432 * Zero the sense buffer. Some host adapters automatically always request
433 * sense, so it is not a good idea that SCpnt->request_buffer and
434 * SCpnt->sense_buffer point to the same address (DB).
435 * 0 is not a valid sense code.
436 */
447 /* Last chance to have valid sense data */
456 /*
457 * When we eventually call scsi_finish, we really wish to complete
458 * the original request, so let's restore the original data. (DB)
459 */
467 /*
468 * Hey, we are done. Let's look to see what happened.
469 */
471 }
473 /*
474 * Function: scsi_test_unit_ready()
475 *
476 * Purpose: Run test unit ready command to see if the device is talking to us or not.
477 *
478 */
480 {
496 }
497 /*
498 * Zero the sense buffer. Some host adapters automatically always request
499 * sense, so it is not a good idea that SCpnt->request_buffer and
500 * SCpnt->sense_buffer point to the same address (DB).
501 * 0 is not a valid sense code.
502 */
512 /* Last chance to have valid sense data */
521 /*
522 * When we eventually call scsi_finish, we really wish to complete
523 * the original request, so let's restore the original data. (DB)
524 */
532 /*
533 * Hey, we are done. Let's look to see what happened.
534 */
536 }
538 /*
539 * This would normally need to get the IO request lock,
540 * but as it doesn't actually touch anything that needs
541 * to be locked we can avoid the lock here..
542 */
543 STATIC
545 {
548 }
549 }
553 {
571 }
573 /*
574 * Function: scsi_send_eh_cmnd
575 *
576 * Purpose: Send a command out to a device as part of error recovery.
577 *
578 * Notes: The initialization of the structures is quite a bit different
579 * in this case, and furthermore, there is a different completion
580 * handler.
581 */
583 {
588 retry:
589 /*
590 * We will use a queued command if possible, otherwise we will emulate the
591 * queuing and calling of completion function ourselves.
592 */
602 /*
603 * Set up the semaphore so we wait for the command to complete.
604 */
617 /*
618 * See if timeout. If so, tell the host to forget about it.
619 * In other words, we don't want a callback any more.
620 */
623 }
629 /*
630 * We damn well had better never use this code. There is no timeout
631 * protection here, since we would end up waiting in the actual low
632 * level driver, we don't know how to wake it up.
633 */
640 }
641 }
643 /*
644 * Now examine the actual status codes to see whether the command actually
645 * did complete normally.
646 */
658 }
661 }
662 }
664 /*
665 * Function: scsi_unit_is_ready()
666 *
667 * Purpose: Called after TEST_UNIT_READY is run, to test to see if
668 * the unit responded in a way that indicates it is ready.
669 */
671 {
680 }
681 }
682 }
684 }
686 /*
687 * Function: scsi_eh_finish_command
688 *
689 * Purpose: Handle a command that we are finished with WRT error handling.
690 *
691 * Arguments: SClist - pointer to list into which we are putting completed commands.
692 * SCpnt - command that is completing
693 *
694 * Notes: We don't want to use the normal command completion while we are
695 * are still handling errors - it may cause other commands to be queued,
696 * and that would disturb what we are doing. Thus we really want to keep
697 * a list of pending commands for final completion, and once we
698 * are ready to leave error handling we handle completion for real.
699 */
701 {
704 /*
705 * Set this back so that the upper level can correctly free up
706 * things.
707 */
710 }
712 /*
713 * Function: scsi_try_to_abort_command
714 *
715 * Purpose: Ask host adapter to abort a running command.
716 *
717 * Returns: FAILED Operation failed or not supported.
718 * SUCCESS Succeeded.
719 *
720 * Notes: This function will not return until the user's completion
721 * function has been called. There is no timeout on this
722 * operation. If the author of the low-level driver wishes
723 * this operation to be timed, they can provide this facility
724 * themselves. Helper functions in scsi_error.c can be supplied
725 * to make this easier to do.
726 *
727 * Notes: It may be possible to combine this with all of the reset
728 * handling to eliminate a lot of code duplication. I don't
729 * know what makes more sense at the moment - this is just a
730 * prototype.
731 */
733 {
738 }
739 /*
740 * scsi_done was called just after the command timed out and before
741 * we had a chance to process it. (DB)
742 */
749 }
751 /*
752 * Function: scsi_try_bus_device_reset
753 *
754 * Purpose: Ask host adapter to perform a bus device reset for a given
755 * device.
756 *
757 * Returns: FAILED Operation failed or not supported.
758 * SUCCESS Succeeded.
759 *
760 * Notes: There is no timeout for this operation. If this operation is
761 * unreliable for a given host, then the host itself needs to put a
762 * timer on it, and set the host back to a consistent state prior
763 * to returning.
764 */
766 {
773 }
782 }
784 /*
785 * Function: scsi_try_bus_reset
786 *
787 * Purpose: Ask host adapter to perform a bus reset for a host.
788 *
789 * Returns: FAILED Operation failed or not supported.
790 * SUCCESS Succeeded.
791 *
792 * Notes:
793 */
795 {
804 }
810 /*
811 * If we had a successful bus reset, mark the command blocks to expect
812 * a condition code of unit attention.
813 */
821 }
822 }
823 }
825 }
827 /*
828 * Function: scsi_try_host_reset
829 *
830 * Purpose: Ask host adapter to reset itself, and the bus.
831 *
832 * Returns: FAILED Operation failed or not supported.
833 * SUCCESS Succeeded.
834 *
835 * Notes:
836 */
838 {
847 }
853 /*
854 * If we had a successful host reset, mark the command blocks to expect
855 * a condition code of unit attention.
856 */
863 }
864 }
866 }
868 /*
869 * Function: scsi_decide_disposition
870 *
871 * Purpose: Examine a command block that has come back from the low-level
872 * and figure out what to do next.
873 *
874 * Returns: SUCCESS - pass on to upper level.
875 * FAILED - pass on to error handler thread.
876 * RETRY - command should be retried.
877 * SOFTERR - command succeeded, but we need to log
878 * a soft error.
879 *
880 * Notes: This is *ONLY* called when we are examining the status
881 * after sending out the actual data command. Any commands
882 * that are queued for error recovery (i.e. TEST_UNIT_READY)
883 * do *NOT* come through here.
884 *
885 * NOTE - When this routine returns FAILED, it means the error
886 * handler thread is woken. In cases where the error code
887 * indicates an error that doesn't require the error handler
888 * thread (i.e. we don't need to abort/reset), then this function
889 * should return SUCCESS.
890 */
892 {
895 /*
896 * If the device is offline, then we clearly just pass the result back
897 * up to the top level.
898 */
902 }
903 /*
904 * First check the host byte, to see if there is anything in there
905 * that would indicate what we need to do.
906 */
910 /*
911 * No matter what, pass this through to the upper layer.
912 * Nuke this special code so that it looks like we are saying
913 * DID_OK.
914 */
918 /*
919 * Looks good. Drop through, and check the next byte.
920 */
925 /*
926 * Note - this means that we just report the status back to the
927 * top level driver, not that we actually think that it indicates
928 * success.
929 */
931 /*
932 * When the low level driver returns DID_SOFT_ERROR,
933 * it is responsible for keeping an internal retry counter
934 * in order to avoid endless loops (DB)
935 */
944 /*
945 * When we scan the bus, we get timeout messages for
946 * these commands if there is no device available.
947 * Other hosts report DID_NO_CONNECT for the same thing.
948 */
954 }
956 /*
957 * In the normal case where we haven't initiated a reset, this is
958 * a failure.
959 */
963 }
964 /*
965 * Examine the sense data to figure out how to proceed from here.
966 * If there is no sense data, we will be forced into the error
967 * handler thread, where we get to examine the thing in a lot more
968 * detail.
969 */
973 }
975 /*
976 * Next, check the message byte.
977 */
980 }
981 /*
982 * Now, check the status byte to see if this indicates anything special.
983 */
986 /*
987 * The case of trying to send too many commands to a tagged queueing
988 * device.
989 */
998 }
1003 /*
1004 * Who knows? FIXME(eric)
1005 */
1012 }
1015 maybe_retry:
1021 }
1022 }
1024 /*
1025 * Function: scsi_eh_completed_normally
1026 *
1027 * Purpose: Examine a command block that has come back from the low-level
1028 * and figure out what to do next.
1029 *
1030 * Returns: SUCCESS - pass on to upper level.
1031 * FAILED - pass on to error handler thread.
1032 * RETRY - command should be retried.
1033 * SOFTERR - command succeeded, but we need to log
1034 * a soft error.
1035 *
1036 * Notes: This is *ONLY* called when we are examining the status
1037 * of commands queued during error recovery. The main
1038 * difference here is that we don't allow for the possibility
1039 * of retries here, and we are a lot more restrictive about what
1040 * we consider acceptable.
1041 */
1043 {
1045 /*
1046 * First check the host byte, to see if there is anything in there
1047 * that would indicate what we need to do.
1048 */
1051 /*
1052 * OK, this is normal. We don't know whether in fact the
1053 * command in question really needs to be rerun or not -
1054 * if this was the original data command then the answer is yes,
1055 * otherwise we just flag it as success.
1056 */
1059 }
1060 /*
1061 * Rats. We are already in the error handler, so we now get to try
1062 * and figure out what to do next. If the sense is valid, we have
1063 * a pretty good idea of what to do. If not, we mark it as failed.
1064 */
1066 }
1069 }
1070 /*
1071 * Next, check the message byte.
1072 */
1075 }
1076 /*
1077 * Now, check the status byte to see if this indicates anything special.
1078 */
1087 }
1092 /*
1093 * Who knows? FIXME(eric)
1094 */
1101 }
1103 }
1105 /*
1106 * Function: scsi_check_sense
1107 *
1108 * Purpose: Examine sense information - give suggestion as to what
1109 * we should do with it.
1110 */
1112 {
1115 }
1129 /*
1130 * If we are expecting a CC/UA because of a bus reset that we
1131 * performed, treat this just as a retry. Otherwise this is
1132 * information that we should pass up to the upper-level driver
1133 * so that we can deal with it there.
1134 */
1138 }
1141 /* these three are not supported */
1156 }
1157 }
1160 /*
1161 * Function: scsi_restart_operations
1162 *
1163 * Purpose: Restart IO operations to the specified host.
1164 *
1165 * Arguments: host - host that we are restarting
1166 *
1167 * Returns: Nothing
1168 *
1169 * Notes: When we entered the error handler, we blocked all further
1170 * I/O to this device. We need to 'reverse' this process.
1171 */
1173 {
1176 /*
1177 * Next free up anything directly waiting upon the host. This will be
1178 * requests for character device operations, and also for ioctls to queued
1179 * block devices.
1180 */
1185 /*
1186 * Finally, block devices need an extra kick in the pants. This is because
1187 * the request queueing mechanism may have queued lots of pending requests
1188 * and there won't be a process waiting in a place where we can simply wake
1189 * it up. Thus we simply go through and call the request function to goose
1190 * the various top level drivers and get things moving again.
1191 */
1197 }
1198 }
1200 /*
1201 * Function: scsi_unjam_host
1202 *
1203 * Purpose: Attempt to fix a host which has a command that failed for
1204 * some reason.
1205 *
1206 * Arguments: host - host that needs unjamming.
1207 *
1208 * Returns: Nothing
1209 *
1210 * Notes: When we come in here, we *know* that all commands on the
1211 * bus have either completed, failed or timed out. We also
1212 * know that no further commands are being sent to the host,
1213 * so things are relatively quiet and we have freedom to
1214 * fiddle with things as we wish.
1215 *
1216 * Additional note: This is only the *default* implementation. It is possible
1217 * for individual drivers to supply their own version of this
1218 * function, and if the maintainer wishes to do this, it is
1219 * strongly suggested that this function be taken as a template
1220 * and modified. This function was designed to correctly handle
1221 * problems for about 95% of the different cases out there, and
1222 * it should always provide at least a reasonable amount of error
1223 * recovery.
1224 *
1225 * Note3: Any command marked 'FAILED' or 'TIMEOUT' must eventually
1226 * have scsi_finish_command() called for it. We do all of
1227 * the retry stuff here, so when we restart the host after we
1228 * return it should have an empty queue.
1229 */
1231 {
1246 /*
1247 * First, protect against any sort of race condition. If any of the outstanding
1248 * commands are in states that indicate that we are not yet blocked (i.e. we are
1249 * not in a quiet state) then we got woken up in error. If we ever end up here,
1250 * we need to re-examine some of the assumptions.
1251 */
1259 }
1260 /*
1261 * Rats. Something is still floating around out there. This could
1262 * be the result of the fact that the upper level drivers are still frobbing
1263 * commands that might have succeeded. There are two outcomes. One is that
1264 * the command block will eventually be freed, and the other one is that
1265 * the command will be queued and will be finished along the way.
1266 */
1267 SCSI_LOG_ERROR_RECOVERY(1, printk("Error handler prematurely woken - commands still active (%p %x %d)\n", SCpnt, SCpnt->state, SCpnt->target));
1269 /*
1270 * panic("SCSI Error handler woken too early\n");
1271 *
1272 * This is no longer a problem, since now the code cares only about
1273 * SCSI_STATE_TIMEOUT and SCSI_STATE_FAILED.
1274 * Other states are useful only to release active commands when devices are
1275 * set offline. If (host->host_active == host->host_busy) we can safely assume
1276 * that there are no commands in state other then TIMEOUT od FAILED. (DB)
1277 *
1278 * FIXME:
1279 * It is not easy to release correctly commands according to their state when
1280 * devices are set offline, when the state is neither TIMEOUT nor FAILED.
1281 * When a device is set offline, we can have some command with
1282 * rq_status=RQ_SCSY_BUSY, owner=SCSI_STATE_HIGHLEVEL,
1283 * state=SCSI_STATE_INITIALIZING and the driver module cannot be released.
1284 * (DB, 17 May 1998)
1285 */
1286 }
1287 }
1289 /*
1290 * Next, see if we need to request sense information. if so,
1291 * then get it now, so we have a better idea of what to do.
1292 * FIXME(eric) this has the unfortunate side effect that if a host
1293 * adapter does not automatically request sense information, that we end
1294 * up shutting it down before we request it. All hosts should be doing this
1295 * anyways, so for now all I have to say is tough noogies if you end up in here.
1296 * On second thought, this is probably a good idea. We *really* want to give
1297 * authors an incentive to automatically request this.
1298 */
1299 SCSI_LOG_ERROR_RECOVERY(3, printk("scsi_unjam_host: Checking to see if we need to request sense\n"));
1305 }
1311 }
1318 /*
1319 * If the result was normal, then just pass it along to the
1320 * upper level.
1321 */
1325 }
1328 }
1329 /*
1330 * We only come in here if we want to retry a
1331 * command. The test to see whether the command
1332 * should be retried should be keeping track of the
1333 * number of tries, so we don't end up looping, of
1334 * course.
1335 */
1340 }
1341 /*
1342 * We eventually hand this one back to the top level.
1343 */
1346 }
1347 }
1349 /*
1350 * Go through the list of commands and figure out where we stand and how bad things
1351 * really are.
1352 */
1363 numfailed++;
1364 device_error++;
1365 }
1369 timed_out++;
1370 device_error++;
1371 }
1372 }
1374 devices_failed++;
1375 }
1376 }
1384 }
1385 /*
1386 * Next, try and see whether or not it makes sense to try and abort
1387 * the running command. This only works out to be the case if we have
1388 * one command that has timed out. If the command simply failed, it
1389 * makes no sense to try and abort the command, since as far as the
1390 * host adapter is concerned, it isn't running.
1391 */
1393 SCSI_LOG_ERROR_RECOVERY(3, printk("scsi_unjam_host: Checking to see if we want to try abort\n"));
1399 }
1410 }
1411 }
1412 }
1413 }
1414 }
1416 /*
1417 * If we have corrected all of the problems, then we are done.
1418 */
1422 }
1423 /*
1424 * Either the abort wasn't appropriate, or it didn't succeed.
1425 * Now try a bus device reset. Still, look to see whether we have
1426 * multiple devices that are jammed or not - if we have multiple devices,
1427 * it makes no sense to try BUS_DEVICE_RESET - we really would need
1428 * to try a BUS_RESET instead.
1429 *
1430 * Does this make sense - should we try BDR on each device individually?
1431 * Yes, definitely.
1432 */
1433 SCSI_LOG_ERROR_RECOVERY(3, printk("scsi_unjam_host: Checking to see if we want to try BDR\n"));
1440 }
1441 }
1445 }
1446 /*
1447 * OK, we have a device that is having problems. Try and send
1448 * a bus device reset to it.
1449 *
1450 * FIXME(eric) - make sure we handle the case where multiple
1451 * commands to the same device have failed. They all must
1452 * get properly restarted.
1453 */
1465 }
1466 }
1467 }
1468 }
1473 }
1474 /*
1475 * If we ended up here, we have serious problems. The only thing left
1476 * to try is a full bus reset. If someone has grabbed the bus and isn't
1477 * letting go, then perhaps this will help.
1478 */
1481 /*
1482 * We really want to loop over the various channels, and do this on
1483 * a channel by channel basis. We should also check to see if any
1484 * of the failed commands are on soft_reset devices, and if so, skip
1485 * the reset.
1486 */
1488 next_device:
1493 }
1494 /*
1495 * We have a failed command. Make sure there are no other failed
1496 * commands on the same channel that are timed out and implement a
1497 * soft reset.
1498 */
1503 }
1507 }
1509 /*
1510 * If this device uses the soft reset option, and this
1511 * is one of the devices acting up, then our only
1512 * option is to wait a bit, since the command is
1513 * supposedly still running.
1514 *
1515 * FIXME(eric) - right now we will just end up falling
1516 * through to the 'take device offline' case.
1517 *
1518 * FIXME(eric) - It is possible that the command completed
1519 * *after* the error recovery procedure started, and if this
1520 * is the case, we are worrying about nothing here.
1521 */
1523 /*
1524 * Due to the spinlock, we will never get out of this
1525 * loop without a proper wait (DB)
1526 */
1530 }
1531 }
1532 }
1534 /*
1535 * We now know that we are able to perform a reset for the
1536 * bus that SCpnt points to. There are no soft-reset devices
1537 * with outstanding timed out commands.
1538 */
1545 }
1549 }
1558 }
1559 }
1560 /*
1561 * If the bus reset worked, but we are still unable to
1562 * talk to the device, take it offline.
1563 * FIXME(eric) - is this really the correct thing to do?
1564 */
1569 }
1570 }
1571 }
1572 }
1573 }
1574 }
1579 }
1580 /*
1581 * If we ended up here, we have serious problems. The only thing left
1582 * to try is a full host reset - perhaps the firmware on the device
1583 * crashed, or something like that.
1584 *
1585 * It is assumed that a succesful host reset will cause *all* information
1586 * about the command to be flushed from both the host adapter *and* the
1587 * device.
1588 *
1589 * FIXME(eric) - it isn't clear that devices that implement the soft reset
1590 * option can ever be cleared except via cycling the power. The problem is
1591 * that sending the host reset command will cause the host to forget
1592 * about the pending command, but the device won't forget. For now, we
1593 * skip the host reset option if any of the failed devices are configured
1594 * to use the soft reset option.
1595 */
1597 next_device2:
1602 }
1604 /*
1605 * If this device uses the soft reset option, and this
1606 * is one of the devices acting up, then our only
1607 * option is to wait a bit, since the command is
1608 * supposedly still running.
1609 *
1610 * FIXME(eric) - right now we will just end up falling
1611 * through to the 'take device offline' case.
1612 */
1616 /*
1617 * Due to the spinlock, we will never get out of this
1618 * loop without a proper wait. (DB)
1619 */
1623 }
1626 /*
1627 * FIXME(eric) - we need to obtain a valid SCpnt to perform this call.
1628 */
1631 /*
1632 * FIXME(eric) we assume that all commands are flushed from the
1633 * controller. We should get a DID_RESET for all of the commands
1634 * that were pending. We should ignore these so that we can
1635 * guarantee that we are in a consistent state.
1636 *
1637 * I believe this to be the case right now, but this needs to be
1638 * tested.
1639 */
1645 }
1654 }
1655 }
1660 }
1661 }
1662 }
1663 }
1664 }
1665 }
1667 /*
1668 * If we solved all of the problems, then let's rev up the engines again.
1669 */
1673 }
1674 /*
1675 * If the HOST RESET failed, then for now we assume that the entire host
1676 * adapter is too hosed to be of any use. For our purposes, however, it is
1677 * easier to simply take the devices offline that correspond to commands
1678 * that failed.
1679 */
1687 /*
1688 * This should pass the failure up to the top level driver, and
1689 * it will have to try and do something intelligent with it.
1690 */
1695 }
1700 }
1701 }
1702 }
1706 }
1711 leave:
1713 /*
1714 * We should have a list of commands that we 'finished' during the course of
1715 * error recovery. This should be the same as the list of commands that timed out
1716 * or failed. We are currently holding these things in a linked list - we didn't
1717 * put them in the bottom half queue because we wanted to keep things quiet while
1718 * we were working on recovery, and passing them up to the top level could easily
1719 * cause the top level to try and queue something else again.
1720 *
1721 * Start by marking that the host is no longer in error recovery.
1722 */
1725 /*
1726 * Take the list of commands, and stick them in the bottom half queue.
1727 * The current implementation of scsi_done will do this for us - if need
1728 * be we can create a special version of this function to do the
1729 * same job for us.
1730 */
1735 }
1738 }
1741 /*
1742 * Function: scsi_error_handler
1743 *
1744 * Purpose: Handle errors/timeouts of scsi commands, try and clean up
1745 * and unjam the bus, and restart things.
1746 *
1747 * Arguments: host - host for which we are running.
1748 *
1749 * Returns: Never returns.
1750 *
1751 * Notes: This is always run in the context of a kernel thread. The
1752 * idea is that we start this thing up when the kernel starts
1753 * up (one per host that we detect), and it immediately goes to
1754 * sleep and waits for some event (i.e. failure). When this
1755 * takes place, we have the job of trying to unjam the bus
1756 * and restarting things.
1757 *
1758 */
1760 {
1769 /*
1770 * If we were started as result of loading a module, close all of the
1771 * user space pages. We don't need them, and if we didn't close them
1772 * they would be locked into memory.
1773 */
1779 /* Become as one with the init task */
1789 /*
1790 * Set the name of this process.
1791 */
1799 /*
1800 * Wake up the thread that created us.
1801 */
1807 /*
1808 * If we get a signal, it means we are supposed to go
1809 * away and die. This typically happens if the user is
1810 * trying to unload a module.
1811 */
1823 /*
1824 * We have a host that is failing for some reason. Figure out
1825 * what we need to do to get it up and online again (if we can).
1826 * If we fail, we end up taking the thing offline.
1827 */
1832 }
1836 /*
1837 * Note - if the above fails completely, the action is to take
1838 * individual devices offline and flush the queue of any
1839 * outstanding requests that may have been pending. When we
1840 * restart, we restart any I/O to any other devices on the bus
1841 * which are still online.
1842 */
1845 /* The spinlock is really needed up to this point. (DB) */
1847 }
1851 /*
1852 * Make sure that nobody tries to wake us up again.
1853 */
1856 /*
1857 * Knock this down too. From this point on, the host is flying
1858 * without a pilot. If this is because the module is being unloaded,
1859 * that's fine. If the user sent a signal to this thing, we are
1860 * potentially in real danger.
1861 */
1866 /*
1867 * If anyone is waiting for us to exit (i.e. someone trying to unload
1868 * a driver), then wake up that process to let them know we are on
1869 * the way out the door. This may be overkill - I *think* that we
1870 * could probably just unload the driver and send the signal, and when
1871 * the error handling thread wakes up that it would just exit without
1872 * needing to touch any memory associated with the driver itself.
1873 */
1876 }
1878 /*
1879 * Overrides for Emacs so that we follow Linus's tabbing style.
1880 * Emacs will notice this stuff at the end of the file and automatically
1881 * adjust the settings for this buffer only. This must remain at the end
1882 * of the file.
1883 * ---------------------------------------------------------------------------
1884 * Local variables:
1885 * c-indent-level: 4
1886 * c-brace-imaginary-offset: 0
1887 * c-brace-offset: -4
1888 * c-argdecl-indent: 4
1889 * c-label-offset: -4
1890 * c-continued-statement-offset: 4
1891 * c-continued-brace-offset: 0
1892 * indent-tabs-mode: nil
1893 * tab-width: 8
1894 * End:
1895 */