Re: [PATCH 4/5] blk-mq-debugfs: Show busy requests

public inbox for linux-block@vger.kernel.org
 help / color / mirror / Atom feed

From: Ming Lei <ming.lei@redhat.com>
To: Bart Van Assche <bart.vanassche@sandisk.com>
Cc: Jens Axboe <axboe@kernel.dk>,
	linux-block@vger.kernel.org, Christoph Hellwig <hch@lst.de>,
	Hannes Reinecke <hare@suse.com>, Omar Sandoval <osandov@fb.com>
Subject: Re: [PATCH 4/5] blk-mq-debugfs: Show busy requests
Date: Sat, 27 May 2017 08:54:57 +0800	[thread overview]
Message-ID: <20170527005456.GB20421@ming.t460p> (raw)
In-Reply-To: <20170525233810.23211-5-bart.vanassche@sandisk.com>

On Thu, May 25, 2017 at 04:38:09PM -0700, Bart Van Assche wrote:
> Requests that got stuck in a block driver are neither on
> blk_mq_ctx.rq_list nor on any hw dispatch queue. Make these
> visible in debugfs through the "busy" attribute.

The name of 'busy' isn't very explicit about this case, and I
guess you mean the requests are dispatched to hardware, so
'dispatched' or sort of name may be more accurate.

> 
> Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
> Cc: Christoph Hellwig <hch@lst.de>
> Cc: Hannes Reinecke <hare@suse.com>
> Cc: Omar Sandoval <osandov@fb.com>
> Cc: Ming Lei <ming.lei@redhat.com>
> ---
>  block/blk-mq-debugfs.c | 25 +++++++++++++++++++++++++
>  1 file changed, 25 insertions(+)
> 
> diff --git a/block/blk-mq-debugfs.c b/block/blk-mq-debugfs.c
> index 8b06a12c1461..70a2b955afee 100644
> --- a/block/blk-mq-debugfs.c
> +++ b/block/blk-mq-debugfs.c
> @@ -370,6 +370,30 @@ static const struct seq_operations hctx_dispatch_seq_ops = {
>  	.show	= blk_mq_debugfs_rq_show,
>  };
>  
> +struct show_busy_ctx {
> +	struct seq_file		*m;
> +	struct blk_mq_hw_ctx	*hctx;
> +};
> +
> +static void hctx_show_busy(struct request *rq, void *data, bool reserved)
> +{
> +	const struct show_busy_ctx *ctx = data;
> +
> +	if (blk_mq_map_queue(rq->q, rq->mq_ctx->cpu) == ctx->hctx &&
> +	    test_bit(REQ_ATOM_STARTED, &rq->atomic_flags))

During this small window, the request can be freed and reallocated
in another I/O path, then use-after-free is caused.

> +		blk_mq_debugfs_rq_show(ctx->m, &rq->queuelist);
> +}
> +
> +static int hctx_busy_show(void *data, struct seq_file *m)
> +{
> +	struct blk_mq_hw_ctx *hctx = data;
> +	struct show_busy_ctx ctx = { .m = m, .hctx = hctx };
> +
> +	blk_mq_tagset_busy_iter(hctx->queue->tag_set, hctx_show_busy, &ctx);

This way is easy to cause use-after-free, so as a debug function,
you can't affect the normal function.

But the new fixed blk_mq_quiesce_queue() can be used before calling
blk_mq_tagset_busy_iter() to avoid the race.

http://marc.info/?l=linux-block&m=149578610419654&w=2


Thanks,
Ming

next prev parent reply	other threads:[~2017-05-27  0:54 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-25 23:38 [PATCH 0/5] Five blk-mq-debugfs patches Bart Van Assche
2017-05-25 23:38 ` [PATCH 1/5] blk-mq: Only register debugfs attributes for blk-mq queues Bart Van Assche
2017-05-26  0:23   ` Omar Sandoval
2017-05-26  5:56   ` Hannes Reinecke
2017-05-26 13:27   ` Jens Axboe
2017-05-25 23:38 ` [PATCH 2/5] blk-mq-debugfs: Show atomic request flags Bart Van Assche
2017-05-26  5:56   ` Hannes Reinecke
2017-05-25 23:38 ` [PATCH 3/5] blk-mq-debugfs: Show requeue list Bart Van Assche
2017-05-26  5:57   ` Hannes Reinecke
2017-05-25 23:38 ` [PATCH 4/5] blk-mq-debugfs: Show busy requests Bart Van Assche
2017-05-26 13:26   ` Jens Axboe
2017-05-26 21:17     ` Bart Van Assche
2017-05-26 21:20       ` Jens Axboe
2017-05-26 21:21         ` Jens Axboe
2017-05-26 21:22         ` Bart Van Assche
2017-05-26 14:38   ` Hannes Reinecke
2017-05-26 21:27     ` Bart Van Assche
2017-05-26 21:32     ` Jens Axboe
2017-05-27  0:54   ` Ming Lei [this message]
2017-05-27  3:16     ` Ming Lei
2017-05-30 17:29       ` Bart Van Assche
2017-05-30 17:24     ` Bart Van Assche
2017-05-30 17:32       ` Jens Axboe
2017-05-25 23:38 ` [PATCH 5/5] blk-mq-debugfs: Add 'kick' operation Bart Van Assche

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170527005456.GB20421@ming.t460p \
    --to=ming.lei@redhat.com \
    --cc=axboe@kernel.dk \
    --cc=bart.vanassche@sandisk.com \
    --cc=hare@suse.com \
    --cc=hch@lst.de \
    --cc=linux-block@vger.kernel.org \
    --cc=osandov@fb.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox