Re: [PATCH v2] bcache: fixup btree_cache_wait list damage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> 2023年3月28日 21:44,Coly Li <colyli@xxxxxxx> 写道:
> 
> 
> 
>> 2023年3月28日 15:54,邹明哲 <mingzhe.zou@xxxxxxxxxxxx> 写道:
>> 
>> From: Eric Wheeler <bcache@xxxxxxxxxxxxxxxxxx>
>> Date: 2023-03-28 05:28:05
>> To:  Mingzhe Zou <mingzhe.zou@xxxxxxxxxxxx>
>> Cc:  colyli@xxxxxxx,linux-bcache@xxxxxxxxxxxxxxx,zoumingzhe@xxxxxx
>> Subject: Re: [PATCH v2] bcache: fixup btree_cache_wait list damage>On Mon, 27 Mar 2023, Mingzhe Zou wrote:
>>> 
>>>> We get a kernel crash about "list_add corruption. next->prev should be
>>>> prev (ffff9c801bc01210), but was ffff9c77b688237c. (next=ffffae586d8afe68)."
>>>> 
>>>> crash> struct list_head 0xffff9c801bc01210
>>>> struct list_head {
>>>> next = 0xffffae586d8afe68,
>>>> prev = 0xffffae586d8afe68
>>>> }
>>>> crash> struct list_head 0xffff9c77b688237c
>>>> struct list_head {
>>>> next = 0x0,
>>>> prev = 0x0
>>>> }
>>>> crash> struct list_head 0xffffae586d8afe68
>>>> struct list_head struct: invalid kernel virtual address: ffffae586d8afe68  type: "gdb_readmem_callback"
>>>> Cannot access memory at address 0xffffae586d8afe68
>>>> 
>>>> [230469.019492] Call Trace:
>>>> [230469.032041]  prepare_to_wait+0x8a/0xb0
>>>> [230469.044363]  ? bch_btree_keys_free+0x6c/0xc0 [bcache]
>>>> [230469.056533]  mca_cannibalize_lock+0x72/0x90 [bcache]
>>>> [230469.068788]  mca_alloc+0x2ae/0x450 [bcache]
>>>> [230469.080790]  bch_btree_node_get+0x136/0x2d0 [bcache]
>>>> [230469.092681]  bch_btree_check_thread+0x1e1/0x260 [bcache]
>>>> [230469.104382]  ? finish_wait+0x80/0x80
>>>> [230469.115884]  ? bch_btree_check_recurse+0x1a0/0x1a0 [bcache]
>>>> [230469.127259]  kthread+0x112/0x130
>>>> [230469.138448]  ? kthread_flush_work_fn+0x10/0x10
>>>> [230469.149477]  ret_from_fork+0x35/0x40
>>>> 
>>>> bch_btree_check_thread() and bch_dirty_init_thread() maybe call
>>>> mca_cannibalize() to cannibalize other cached btree nodes. Only
>>>> one thread can do it at a time, so the op of other threads will
>>>> be added to the btree_cache_wait list.
>>>> 
>>>> We must call finish_wait() to remove op from btree_cache_wait
>>>> before free it's memory address. Otherwise, the list will be
>>>> damaged. Also should call bch_cannibalize_unlock() to release
>>>> the btree_cache_alloc_lock and wake_up other waiters.
>>>> 
>>>> Signed-off-by: Mingzhe Zou <mingzhe.zou@xxxxxxxxxxxx>
>>> 
>>> Is there a reason not to cc stable?
>>> 
>>> If its ok to cc stable then please add:
>>> Cc: stable@xxxxxxxxxxxxxxx 
>>> 
>> 
>> This is an old patch that was not processed last year,  and cannot be applied to the latest branch now.
>> 
>> I have updated it to latest branch, cc stable seems unnecessary.
> 
> Hi Mingzhe,
> 
> Thank you for updating the patch against latest kernel. Let me firstly test and evaluation the change, then I will add these stuffs if necessary.

I add this patch into my for-next queue, rebased again the patch with current upstream kernel. And add Fixes and Cc tags.

This one will be submitted for my next submission.

Thanks.

Coly Li





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux ARM Kernel]     [Linux Filesystem Development]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux