[PATCH] gnttab: propagate Reserved flag from old to new page in gnttab_copy_grant_page.

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Ian Campbell <ian.campbell@citrix.com>
To: xen-devel@lists.xensource.com
Cc: Jeremy Fitzhardinge <jeremy@goop.org>,
	Ian Campbell <ian.campbell@citrix.com>
Subject: [PATCH] gnttab: propagate Reserved flag from old to new page in gnttab_copy_grant_page.
Date: Tue, 23 Feb 2010 16:40:18 +0000	[thread overview]
Message-ID: <1266943218-16666-1-git-send-email-ian.campbell@citrix.com> (raw)
In-Reply-To: <1266943189.11737.6457.camel@zakaz.uk.xensource.com>

Otherwise we trip over the check for PAGE_FLAGS_CHECK_AT_FREE in
free_pages_check() when finally freeing the page, leading to
backtraces such as:
    Bad page state in process 'tcpdump'
    page:c15b8ae0 flags:0x40000800 mapping:00000000 mapcount:0 count:0
    Trying to fix it up, but a reboot is needed
    Backtrace:
    Pid: 5731, comm: tcpdump Tainted: G          2.6.27.42-0.1.1.xs5.5.900.751.1073xen #1
     [<c015daeb>] bad_page+0x6b/0xa0
     [<c015e389>] free_hot_cold_page+0x239/0x250
     [<c015e3ea>] free_hot_page+0xa/0x10
     [<c0162255>] put_page+0x35/0xc0
     [<c026e002>] gnttab_page_free+0x22/0x30
     [<c015e325>] free_hot_cold_page+0x1d5/0x250
     [<c015e3ea>] free_hot_page+0xa/0x10
     [<c0162255>] put_page+0x35/0xc0
     [<c02cbe4a>] skb_put_page+0xa/0x10
     [<c02cc0b7>] skb_release_data+0x77/0x90
     [<c02cc78b>] skb_release_all+0x6b/0xa0
     [<c02cbf3b>] __kfree_skb+0xb/0x80
     [<c02cbfce>] kfree_skb+0x1e/0x40
     [<c02ce9bd>] skb_free_datagram+0xd/0x40
     [<c03360a6>] packet_recvmsg+0x186/0x1c0
     [<c015d8fb>] ? __rmqueue+0x1b/0x1a0
     [<c02c6222>] sock_recvmsg+0x102/0x130
     [<c013de50>] ? autoremove_wake_function+0x0/0x50
     [<c01691e7>] ? __do_fault+0x2e7/0x5f0
     [<c02c5af0>] ? sockfd_lookup_light+0x30/0x60
     [<c02c707d>] sys_recvfrom+0x7d/0xe0
     [<c0180dc9>] ? __kmalloc+0x139/0x190
     [<c02074bc>] ? copy_from_user+0x3c/0x70
     [<c03489d4>] ? _spin_lock_bh+0x14/0x70
     [<c03484c3>] ? _spin_unlock_bh+0x23/0x30
     [<c02c83df>] ? release_sock+0x9f/0xc0
     [<c02c7116>] sys_recv+0x36/0x40
     [<c02c759f>] sys_socketcall+0x15f/0x290
     [<c01053ce>] syscall_call+0x7/0xb
     [<c0340000>] ? pci_scan_bus_on_node+0x10/0x80
     =======================

gnttab_copy_grant_page is (currently) only ever used on pages which
were allocated by alloc_empty_pages_and_pagevec() and hence have the
PG_reserved set. Also free_empty_pages_and_pagevec() can
BUG_ON(!PageReserved(page)).

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
---
 drivers/xen/grant-table.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/drivers/xen/grant-table.c b/drivers/xen/grant-table.c
index 17efd09..7079787 100644
--- a/drivers/xen/grant-table.c
+++ b/drivers/xen/grant-table.c
@@ -558,9 +558,12 @@ int gnttab_copy_grant_page(grant_ref_t ref, struct page **pagep)
 	new_page->mapping = page->mapping;
 	new_page->index = page->index;
 	set_bit(PG_foreign, &new_page->flags);
+	if (PageReserved(page))
+		set_bit(PG_reserved, &new_page->flags);
 	*pagep = new_page;
 
 	SetPageForeign(page, gnttab_page_free);
+	ClearPageReserved(page);
 	page->mapping = NULL;
 
 out:
-- 
1.5.6.5

next prev parent reply	other threads:[~2010-02-23 16:40 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-02-23 16:39 [GIT] Grant table fix Ian Campbell
2010-02-23 16:40 ` Ian Campbell [this message]
2010-02-23 17:04   ` [PATCH] gnttab: propagate Reserved flag from old to new page in gnttab_copy_grant_page Jan Beulich
2010-02-23 17:08     ` Ian Campbell
2010-02-23 17:24       ` [PATCH] grant-table: use page flag interfaces when copying a grant page Ian Campbell
2010-02-23 17:25         ` Ian Campbell
2010-02-23 18:02 ` [GIT] Grant table fix Jeremy Fitzhardinge
2010-02-23 18:05   ` Ian Campbell

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:17efd09 dfblob:7079787 )
 OR (
bs:"[PATCH] gnttab: propagate Reserved flag from old to new page in gnttab_copy_grant_page." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1266943218-16666-1-git-send-email-ian.campbell@citrix.com \
    --to=ian.campbell@citrix.com \
    --cc=jeremy@goop.org \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).