From: Bob Liu <bob.liu@oracle.com>
To: "Roger Pau Monné" <roger.pau@citrix.com>
Cc: xen-devel@lists.xenproject.org, david.vrabel@citrix.com,
linux-kernel@vger.kernel.org, konrad.wilk@oracle.com
Subject: Re: [PATCH 2/3] xen-blkfront: rm BUG_ON(info->feature_persistent) in blkif_free
Date: Wed, 22 Jul 2015 13:34:07 +0800 [thread overview]
Message-ID: <55AF2B4F.7050609@oracle.com> (raw)
In-Reply-To: <55AF1F76.40400@oracle.com>
On 07/22/2015 12:43 PM, Bob Liu wrote:
>
> On 07/21/2015 05:25 PM, Roger Pau Monné wrote:
>> El 21/07/15 a les 5.30, Bob Liu ha escrit:
>>> This BUG_ON() in blkif_free() is incorrect, because indirect page can be added
>>> to list info->indirect_pages in blkif_completion() no matter feature_persistent
>>> is true or false.
>>>
>>> Signed-off-by: Bob Liu <bob.liu@oracle.com>
>>
>> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
>>
>> This was probably an oversight from when blkif_completion was changed to
>> check for gnttab_query_foreign_access. It should be backported to stable
>> trees.
>>
>
> Sorry, this patch is buggy and I haven't figure out why.
>
> general protection fault: 0000 [#1] SMP
> Modules linked in:
> CPU: 0 PID: 39 Comm: xenwatch Tainted: G W 4.1.0-rc3-00003-g718cf80-dirty #67
> Hardware name: Xen HVM domU, BIOS 4.5.0-rc 11/23/2014
> task: ffff880283f4eca0 ti: ffff880283fb4000 task.ti: ffff880283fb4000
> RIP: 0010:[<ffffffff813d577b>] [<ffffffff813d577b>] blkif_free+0x162/0x5a9
> RSP: 0018:ffff880283fb7c48 EFLAGS: 00010087
> RAX: dead000000200200 RBX: ffff880141400000 RCX: 0000000000000000
> RDX: dead000000100100 RSI: dead000000100100 RDI: ffff88028f418bb8
> RBP: ffff880283fb7ca8 R08: dead000000200200 R09: 0000000000000001
> R10: 0000000000000001 R11: 0000000000000000 R12: ffff8801414481c8
> R13: dead0000001000e0 R14: ffff8801414481b8 R15: ffffea0000000000
> FS: 0000000000000000(0000) GS:ffff88028f400000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000000001582e08 CR3: 000000013345b000 CR4: 00000000001406f0
> Stack:
> ffff880023aa8420 0000000000000286 ffff880283fb7cb7 ffff880023aa8420
> ffff8800363fe240 ffffffff81862c50 ffff880283fb7ce8 ffff880023aa8440
> ffffffff81870000 ffff880023aa8400 ffff880141400000 ffff880141400008
> Call Trace:
> [<ffffffff813d8e76>] blkfront_remove+0x4c/0xff
> [<ffffffff813772fa>] xenbus_dev_remove+0x76/0xb0
> [<ffffffff813bd611>] __device_release_driver+0x84/0xf8
> [<ffffffff813bd6a3>] device_release_driver+0x1e/0x2b
> [<ffffffff813bd1ef>] bus_remove_device+0x12c/0x141
> [<ffffffff813ba51d>] device_del+0x161/0x1e5
> [<ffffffff81375ef3>] ? xenbus_thread+0x239/0x239
> [<ffffffff813ba5e4>] device_unregister+0x43/0x4f
> [<ffffffff81377853>] xenbus_dev_changed+0x82/0x17f
> [<ffffffff81377566>] ? xenbus_otherend_changed+0xf0/0xff
> [<ffffffff81378d8d>] frontend_changed+0x43/0x48
> [<ffffffff81375fec>] xenwatch_thread+0xf9/0x127
> [<ffffffff81078fc4>] ? add_wait_queue+0x44/0x44
> [<ffffffff8106195b>] kthread+0xcd/0xd5
> [<ffffffff81060000>] ? alloc_pid+0xe8/0x492
> [<ffffffff8106188e>] ? kthread_freezable_should_stop+0x48/0x48
> [<ffffffff81533ee2>] ret_from_fork+0x42/0x70
> [<ffffffff8106188e>] ? kthread_freezable_should_stop+0x48/0x48
> Code: 04 00 4c 8b 28 48 8d 78 e0 49 83 ed 20 eb 3d 48 8b 47 28 48 8b 57 20 48 be 00 01 10 00 00 00 ad de 49 b8 00 02 20 00 00 00 ad de <48> 89 42 08 48 89 10 48 89 77 20 4c 89 47 28 31 f6 e8 26 7d cf
> RIP [<ffffffff813d577b>] blkif_free+0x162/0x5a9
> RSP <ffff880283fb7c48>
> ---[ end trace 5321d7f1ef8414d0 ]---
>
The right fix should be:
--- a/drivers/block/xen-blkfront.c
+++ b/drivers/block/xen-blkfront.c
@@ -1124,8 +1124,10 @@ static void blkif_completion(struct blk_shadow *s, struct blkfront_info *info,
* Add the used indirect page back to the list of
* available pages for indirect grefs.
*/
- indirect_page = pfn_to_page(s->indirect_grants[i]->pfn);
- list_add(&indirect_page->lru, &info->indirect_pages);
+ if (!info->feature_persistent) {
+ indirect_page = pfn_to_page(s->indirect_grants[i]->pfn);
+ list_add(&indirect_page->lru, &info->indirect_pages);
+ }
s->indirect_grants[i]->gref = GRANT_INVALID_REF;
list_add_tail(&s->indirect_grants[i]->node, &info->grants);
}
next prev parent reply other threads:[~2015-07-22 5:34 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-21 3:30 [PATCH 1/3] xen-blkfront: introduce blkfront_gather_backend_features() Bob Liu
2015-07-21 3:30 ` [PATCH 2/3] xen-blkfront: rm BUG_ON(info->feature_persistent) in blkif_free Bob Liu
2015-07-21 9:25 ` Roger Pau Monné
2015-07-22 4:43 ` Bob Liu
2015-07-22 5:34 ` Bob Liu [this message]
2015-07-21 3:30 ` [PATCH 3/3] xen-blkback: rm BUG_ON() in purge_persistent_gnt() Bob Liu
2015-07-21 9:13 ` Roger Pau Monné
2015-07-21 10:50 ` Bob Liu
2015-07-21 9:32 ` [PATCH 1/3] xen-blkfront: introduce blkfront_gather_backend_features() Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55AF2B4F.7050609@oracle.com \
--to=bob.liu@oracle.com \
--cc=david.vrabel@citrix.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).