* [PATCH v2] bcache: fixup btree_cache_wait list damage
@ 2023-03-27 8:28 Mingzhe Zou
2023-03-27 21:28 ` Eric Wheeler
0 siblings, 1 reply; 5+ messages in thread
From: Mingzhe Zou @ 2023-03-27 8:28 UTC (permalink / raw)
To: colyli; +Cc: linux-bcache, bcache, zoumingzhe
We get a kernel crash about "list_add corruption. next->prev should be
prev (ffff9c801bc01210), but was ffff9c77b688237c. (next=ffffae586d8afe68)."
crash> struct list_head 0xffff9c801bc01210
struct list_head {
next = 0xffffae586d8afe68,
prev = 0xffffae586d8afe68
}
crash> struct list_head 0xffff9c77b688237c
struct list_head {
next = 0x0,
prev = 0x0
}
crash> struct list_head 0xffffae586d8afe68
struct list_head struct: invalid kernel virtual address: ffffae586d8afe68 type: "gdb_readmem_callback"
Cannot access memory at address 0xffffae586d8afe68
[230469.019492] Call Trace:
[230469.032041] prepare_to_wait+0x8a/0xb0
[230469.044363] ? bch_btree_keys_free+0x6c/0xc0 [bcache]
[230469.056533] mca_cannibalize_lock+0x72/0x90 [bcache]
[230469.068788] mca_alloc+0x2ae/0x450 [bcache]
[230469.080790] bch_btree_node_get+0x136/0x2d0 [bcache]
[230469.092681] bch_btree_check_thread+0x1e1/0x260 [bcache]
[230469.104382] ? finish_wait+0x80/0x80
[230469.115884] ? bch_btree_check_recurse+0x1a0/0x1a0 [bcache]
[230469.127259] kthread+0x112/0x130
[230469.138448] ? kthread_flush_work_fn+0x10/0x10
[230469.149477] ret_from_fork+0x35/0x40
bch_btree_check_thread() and bch_dirty_init_thread() maybe call
mca_cannibalize() to cannibalize other cached btree nodes. Only
one thread can do it at a time, so the op of other threads will
be added to the btree_cache_wait list.
We must call finish_wait() to remove op from btree_cache_wait
before free it's memory address. Otherwise, the list will be
damaged. Also should call bch_cannibalize_unlock() to release
the btree_cache_alloc_lock and wake_up other waiters.
Signed-off-by: Mingzhe Zou <mingzhe.zou@easystack.cn>
---
Changelog:
v2: apply to 6.3-rc4.
v1: Original verison.
---
drivers/md/bcache/btree.c | 10 +++++++++-
drivers/md/bcache/btree.h | 2 ++
drivers/md/bcache/writeback.c | 8 ++++++++
3 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c
index 147c493a989a..d53483cbd378 100644
--- a/drivers/md/bcache/btree.c
+++ b/drivers/md/bcache/btree.c
@@ -885,7 +885,7 @@ static struct btree *mca_cannibalize(struct cache_set *c, struct btree_op *op,
* cannibalize_bucket() will take. This means every time we unlock the root of
* the btree, we need to release this lock if we have it held.
*/
-static void bch_cannibalize_unlock(struct cache_set *c)
+void bch_cannibalize_unlock(struct cache_set *c)
{
spin_lock(&c->btree_cannibalize_lock);
if (c->btree_cache_alloc_lock == current) {
@@ -1968,6 +1968,14 @@ static int bch_btree_check_thread(void *arg)
c->gc_stats.nodes++;
bch_btree_op_init(&op, 0);
ret = bcache_btree(check_recurse, p, c->root, &op);
+ /* The op may be added to cache_set's btree_cache_wait
+ * in mca_cannibalize(), must ensure it is removed from
+ * the list and release btree_cache_alloc_lock before
+ * free op memory.
+ * Otherwise, the btree_cache_wait will be damaged.
+ */
+ bch_cannibalize_unlock(c);
+ finish_wait(&c->btree_cache_wait, &(&op)->wait);
if (ret)
goto out;
}
diff --git a/drivers/md/bcache/btree.h b/drivers/md/bcache/btree.h
index 1b5fdbc0d83e..5a3c602c2929 100644
--- a/drivers/md/bcache/btree.h
+++ b/drivers/md/bcache/btree.h
@@ -365,6 +365,8 @@ static inline void force_wake_up_gc(struct cache_set *c)
_r; \
})
+void bch_cannibalize_unlock(struct cache_set *c);
+
#define MAP_DONE 0
#define MAP_CONTINUE 1
diff --git a/drivers/md/bcache/writeback.c b/drivers/md/bcache/writeback.c
index d4a5fc0650bb..ebc1f65727ea 100644
--- a/drivers/md/bcache/writeback.c
+++ b/drivers/md/bcache/writeback.c
@@ -890,6 +890,14 @@ static int bch_root_node_dirty_init(struct cache_set *c,
if (ret < 0)
pr_warn("sectors dirty init failed, ret=%d!\n", ret);
+ /* The op may be added to cache_set's btree_cache_wait
+ * in mca_cannibalize(), must ensure it is removed from
+ * the list and release btree_cache_alloc_lock before
+ * free op memory.
+ * Otherwise, the btree_cache_wait will be damaged.
+ */
+ bch_cannibalize_unlock(c);
+ finish_wait(&c->btree_cache_wait, &(&op.op)->wait);
return ret;
}
--
2.17.1.windows.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2] bcache: fixup btree_cache_wait list damage
2023-03-27 8:28 [PATCH v2] bcache: fixup btree_cache_wait list damage Mingzhe Zou
@ 2023-03-27 21:28 ` Eric Wheeler
2023-03-28 7:54 ` 邹明哲
0 siblings, 1 reply; 5+ messages in thread
From: Eric Wheeler @ 2023-03-27 21:28 UTC (permalink / raw)
To: Mingzhe Zou; +Cc: colyli, linux-bcache, zoumingzhe
On Mon, 27 Mar 2023, Mingzhe Zou wrote:
> We get a kernel crash about "list_add corruption. next->prev should be
> prev (ffff9c801bc01210), but was ffff9c77b688237c. (next=ffffae586d8afe68)."
>
> crash> struct list_head 0xffff9c801bc01210
> struct list_head {
> next = 0xffffae586d8afe68,
> prev = 0xffffae586d8afe68
> }
> crash> struct list_head 0xffff9c77b688237c
> struct list_head {
> next = 0x0,
> prev = 0x0
> }
> crash> struct list_head 0xffffae586d8afe68
> struct list_head struct: invalid kernel virtual address: ffffae586d8afe68 type: "gdb_readmem_callback"
> Cannot access memory at address 0xffffae586d8afe68
>
> [230469.019492] Call Trace:
> [230469.032041] prepare_to_wait+0x8a/0xb0
> [230469.044363] ? bch_btree_keys_free+0x6c/0xc0 [bcache]
> [230469.056533] mca_cannibalize_lock+0x72/0x90 [bcache]
> [230469.068788] mca_alloc+0x2ae/0x450 [bcache]
> [230469.080790] bch_btree_node_get+0x136/0x2d0 [bcache]
> [230469.092681] bch_btree_check_thread+0x1e1/0x260 [bcache]
> [230469.104382] ? finish_wait+0x80/0x80
> [230469.115884] ? bch_btree_check_recurse+0x1a0/0x1a0 [bcache]
> [230469.127259] kthread+0x112/0x130
> [230469.138448] ? kthread_flush_work_fn+0x10/0x10
> [230469.149477] ret_from_fork+0x35/0x40
>
> bch_btree_check_thread() and bch_dirty_init_thread() maybe call
> mca_cannibalize() to cannibalize other cached btree nodes. Only
> one thread can do it at a time, so the op of other threads will
> be added to the btree_cache_wait list.
>
> We must call finish_wait() to remove op from btree_cache_wait
> before free it's memory address. Otherwise, the list will be
> damaged. Also should call bch_cannibalize_unlock() to release
> the btree_cache_alloc_lock and wake_up other waiters.
>
> Signed-off-by: Mingzhe Zou <mingzhe.zou@easystack.cn>
Is there a reason not to cc stable?
If its ok to cc stable then please add:
Cc: stable@vger.kernel.org
--
Eric Wheeler
>
> ---
> Changelog:
> v2: apply to 6.3-rc4.
> v1: Original verison.
> ---
> drivers/md/bcache/btree.c | 10 +++++++++-
> drivers/md/bcache/btree.h | 2 ++
> drivers/md/bcache/writeback.c | 8 ++++++++
> 3 files changed, 19 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c
> index 147c493a989a..d53483cbd378 100644
> --- a/drivers/md/bcache/btree.c
> +++ b/drivers/md/bcache/btree.c
> @@ -885,7 +885,7 @@ static struct btree *mca_cannibalize(struct cache_set *c, struct btree_op *op,
> * cannibalize_bucket() will take. This means every time we unlock the root of
> * the btree, we need to release this lock if we have it held.
> */
> -static void bch_cannibalize_unlock(struct cache_set *c)
> +void bch_cannibalize_unlock(struct cache_set *c)
> {
> spin_lock(&c->btree_cannibalize_lock);
> if (c->btree_cache_alloc_lock == current) {
> @@ -1968,6 +1968,14 @@ static int bch_btree_check_thread(void *arg)
> c->gc_stats.nodes++;
> bch_btree_op_init(&op, 0);
> ret = bcache_btree(check_recurse, p, c->root, &op);
> + /* The op may be added to cache_set's btree_cache_wait
> + * in mca_cannibalize(), must ensure it is removed from
> + * the list and release btree_cache_alloc_lock before
> + * free op memory.
> + * Otherwise, the btree_cache_wait will be damaged.
> + */
> + bch_cannibalize_unlock(c);
> + finish_wait(&c->btree_cache_wait, &(&op)->wait);
> if (ret)
> goto out;
> }
> diff --git a/drivers/md/bcache/btree.h b/drivers/md/bcache/btree.h
> index 1b5fdbc0d83e..5a3c602c2929 100644
> --- a/drivers/md/bcache/btree.h
> +++ b/drivers/md/bcache/btree.h
> @@ -365,6 +365,8 @@ static inline void force_wake_up_gc(struct cache_set *c)
> _r; \
> })
>
> +void bch_cannibalize_unlock(struct cache_set *c);
> +
> #define MAP_DONE 0
> #define MAP_CONTINUE 1
>
> diff --git a/drivers/md/bcache/writeback.c b/drivers/md/bcache/writeback.c
> index d4a5fc0650bb..ebc1f65727ea 100644
> --- a/drivers/md/bcache/writeback.c
> +++ b/drivers/md/bcache/writeback.c
> @@ -890,6 +890,14 @@ static int bch_root_node_dirty_init(struct cache_set *c,
> if (ret < 0)
> pr_warn("sectors dirty init failed, ret=%d!\n", ret);
>
> + /* The op may be added to cache_set's btree_cache_wait
> + * in mca_cannibalize(), must ensure it is removed from
> + * the list and release btree_cache_alloc_lock before
> + * free op memory.
> + * Otherwise, the btree_cache_wait will be damaged.
> + */
> + bch_cannibalize_unlock(c);
> + finish_wait(&c->btree_cache_wait, &(&op.op)->wait);
> return ret;
> }
>
> --
> 2.17.1.windows.2
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re:Re: [PATCH v2] bcache: fixup btree_cache_wait list damage
2023-03-27 21:28 ` Eric Wheeler
@ 2023-03-28 7:54 ` 邹明哲
2023-03-28 13:44 ` Coly Li
0 siblings, 1 reply; 5+ messages in thread
From: 邹明哲 @ 2023-03-28 7:54 UTC (permalink / raw)
To: Eric Wheeler; +Cc: colyli, linux-bcache, zoumingzhe
From: Eric Wheeler <bcache@lists.ewheeler.net>
Date: 2023-03-28 05:28:05
To: Mingzhe Zou <mingzhe.zou@easystack.cn>
Cc: colyli@suse.de,linux-bcache@vger.kernel.org,zoumingzhe@qq.com
Subject: Re: [PATCH v2] bcache: fixup btree_cache_wait list damage>On Mon, 27 Mar 2023, Mingzhe Zou wrote:
>
>> We get a kernel crash about "list_add corruption. next->prev should be
>> prev (ffff9c801bc01210), but was ffff9c77b688237c. (next=ffffae586d8afe68)."
>>
>> crash> struct list_head 0xffff9c801bc01210
>> struct list_head {
>> next = 0xffffae586d8afe68,
>> prev = 0xffffae586d8afe68
>> }
>> crash> struct list_head 0xffff9c77b688237c
>> struct list_head {
>> next = 0x0,
>> prev = 0x0
>> }
>> crash> struct list_head 0xffffae586d8afe68
>> struct list_head struct: invalid kernel virtual address: ffffae586d8afe68 type: "gdb_readmem_callback"
>> Cannot access memory at address 0xffffae586d8afe68
>>
>> [230469.019492] Call Trace:
>> [230469.032041] prepare_to_wait+0x8a/0xb0
>> [230469.044363] ? bch_btree_keys_free+0x6c/0xc0 [bcache]
>> [230469.056533] mca_cannibalize_lock+0x72/0x90 [bcache]
>> [230469.068788] mca_alloc+0x2ae/0x450 [bcache]
>> [230469.080790] bch_btree_node_get+0x136/0x2d0 [bcache]
>> [230469.092681] bch_btree_check_thread+0x1e1/0x260 [bcache]
>> [230469.104382] ? finish_wait+0x80/0x80
>> [230469.115884] ? bch_btree_check_recurse+0x1a0/0x1a0 [bcache]
>> [230469.127259] kthread+0x112/0x130
>> [230469.138448] ? kthread_flush_work_fn+0x10/0x10
>> [230469.149477] ret_from_fork+0x35/0x40
>>
>> bch_btree_check_thread() and bch_dirty_init_thread() maybe call
>> mca_cannibalize() to cannibalize other cached btree nodes. Only
>> one thread can do it at a time, so the op of other threads will
>> be added to the btree_cache_wait list.
>>
>> We must call finish_wait() to remove op from btree_cache_wait
>> before free it's memory address. Otherwise, the list will be
>> damaged. Also should call bch_cannibalize_unlock() to release
>> the btree_cache_alloc_lock and wake_up other waiters.
>>
>> Signed-off-by: Mingzhe Zou <mingzhe.zou@easystack.cn>
>
>Is there a reason not to cc stable?
>
>If its ok to cc stable then please add:
> Cc: stable@vger.kernel.org
>
This is an old patch that was not processed last year, and cannot be applied to the latest branch now.
I have updated it to latest branch, cc stable seems unnecessary.
mingzhe
>
>--
>Eric Wheeler
>
>
>>
>> ---
>> Changelog:
>> v2: apply to 6.3-rc4.
>> v1: Original verison.
>> ---
>> drivers/md/bcache/btree.c | 10 +++++++++-
>> drivers/md/bcache/btree.h | 2 ++
>> drivers/md/bcache/writeback.c | 8 ++++++++
>> 3 files changed, 19 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c
>> index 147c493a989a..d53483cbd378 100644
>> --- a/drivers/md/bcache/btree.c
>> +++ b/drivers/md/bcache/btree.c
>> @@ -885,7 +885,7 @@ static struct btree *mca_cannibalize(struct cache_set *c, struct btree_op *op,
>> * cannibalize_bucket() will take. This means every time we unlock the root of
>> * the btree, we need to release this lock if we have it held.
>> */
>> -static void bch_cannibalize_unlock(struct cache_set *c)
>> +void bch_cannibalize_unlock(struct cache_set *c)
>> {
>> spin_lock(&c->btree_cannibalize_lock);
>> if (c->btree_cache_alloc_lock == current) {
>> @@ -1968,6 +1968,14 @@ static int bch_btree_check_thread(void *arg)
>> c->gc_stats.nodes++;
>> bch_btree_op_init(&op, 0);
>> ret = bcache_btree(check_recurse, p, c->root, &op);
>> + /* The op may be added to cache_set's btree_cache_wait
>> + * in mca_cannibalize(), must ensure it is removed from
>> + * the list and release btree_cache_alloc_lock before
>> + * free op memory.
>> + * Otherwise, the btree_cache_wait will be damaged.
>> + */
>> + bch_cannibalize_unlock(c);
>> + finish_wait(&c->btree_cache_wait, &(&op)->wait);
>> if (ret)
>> goto out;
>> }
>> diff --git a/drivers/md/bcache/btree.h b/drivers/md/bcache/btree.h
>> index 1b5fdbc0d83e..5a3c602c2929 100644
>> --- a/drivers/md/bcache/btree.h
>> +++ b/drivers/md/bcache/btree.h
>> @@ -365,6 +365,8 @@ static inline void force_wake_up_gc(struct cache_set *c)
>> _r; \
>> })
>>
>> +void bch_cannibalize_unlock(struct cache_set *c);
>> +
>> #define MAP_DONE 0
>> #define MAP_CONTINUE 1
>>
>> diff --git a/drivers/md/bcache/writeback.c b/drivers/md/bcache/writeback.c
>> index d4a5fc0650bb..ebc1f65727ea 100644
>> --- a/drivers/md/bcache/writeback.c
>> +++ b/drivers/md/bcache/writeback.c
>> @@ -890,6 +890,14 @@ static int bch_root_node_dirty_init(struct cache_set *c,
>> if (ret < 0)
>> pr_warn("sectors dirty init failed, ret=%d!\n", ret);
>>
>> + /* The op may be added to cache_set's btree_cache_wait
>> + * in mca_cannibalize(), must ensure it is removed from
>> + * the list and release btree_cache_alloc_lock before
>> + * free op memory.
>> + * Otherwise, the btree_cache_wait will be damaged.
>> + */
>> + bch_cannibalize_unlock(c);
>> + finish_wait(&c->btree_cache_wait, &(&op.op)->wait);
>> return ret;
>> }
>>
>> --
>> 2.17.1.windows.2
>>
>>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] bcache: fixup btree_cache_wait list damage
2023-03-28 7:54 ` 邹明哲
@ 2023-03-28 13:44 ` Coly Li
2023-05-30 14:28 ` Coly Li
0 siblings, 1 reply; 5+ messages in thread
From: Coly Li @ 2023-03-28 13:44 UTC (permalink / raw)
To: 邹明哲; +Cc: Eric Wheeler, linux-bcache, zoumingzhe
> 2023年3月28日 15:54,邹明哲 <mingzhe.zou@easystack.cn> 写道:
>
> From: Eric Wheeler <bcache@lists.ewheeler.net>
> Date: 2023-03-28 05:28:05
> To: Mingzhe Zou <mingzhe.zou@easystack.cn>
> Cc: colyli@suse.de,linux-bcache@vger.kernel.org,zoumingzhe@qq.com
> Subject: Re: [PATCH v2] bcache: fixup btree_cache_wait list damage>On Mon, 27 Mar 2023, Mingzhe Zou wrote:
>>
>>> We get a kernel crash about "list_add corruption. next->prev should be
>>> prev (ffff9c801bc01210), but was ffff9c77b688237c. (next=ffffae586d8afe68)."
>>>
>>> crash> struct list_head 0xffff9c801bc01210
>>> struct list_head {
>>> next = 0xffffae586d8afe68,
>>> prev = 0xffffae586d8afe68
>>> }
>>> crash> struct list_head 0xffff9c77b688237c
>>> struct list_head {
>>> next = 0x0,
>>> prev = 0x0
>>> }
>>> crash> struct list_head 0xffffae586d8afe68
>>> struct list_head struct: invalid kernel virtual address: ffffae586d8afe68 type: "gdb_readmem_callback"
>>> Cannot access memory at address 0xffffae586d8afe68
>>>
>>> [230469.019492] Call Trace:
>>> [230469.032041] prepare_to_wait+0x8a/0xb0
>>> [230469.044363] ? bch_btree_keys_free+0x6c/0xc0 [bcache]
>>> [230469.056533] mca_cannibalize_lock+0x72/0x90 [bcache]
>>> [230469.068788] mca_alloc+0x2ae/0x450 [bcache]
>>> [230469.080790] bch_btree_node_get+0x136/0x2d0 [bcache]
>>> [230469.092681] bch_btree_check_thread+0x1e1/0x260 [bcache]
>>> [230469.104382] ? finish_wait+0x80/0x80
>>> [230469.115884] ? bch_btree_check_recurse+0x1a0/0x1a0 [bcache]
>>> [230469.127259] kthread+0x112/0x130
>>> [230469.138448] ? kthread_flush_work_fn+0x10/0x10
>>> [230469.149477] ret_from_fork+0x35/0x40
>>>
>>> bch_btree_check_thread() and bch_dirty_init_thread() maybe call
>>> mca_cannibalize() to cannibalize other cached btree nodes. Only
>>> one thread can do it at a time, so the op of other threads will
>>> be added to the btree_cache_wait list.
>>>
>>> We must call finish_wait() to remove op from btree_cache_wait
>>> before free it's memory address. Otherwise, the list will be
>>> damaged. Also should call bch_cannibalize_unlock() to release
>>> the btree_cache_alloc_lock and wake_up other waiters.
>>>
>>> Signed-off-by: Mingzhe Zou <mingzhe.zou@easystack.cn>
>>
>> Is there a reason not to cc stable?
>>
>> If its ok to cc stable then please add:
>> Cc: stable@vger.kernel.org
>>
>
> This is an old patch that was not processed last year, and cannot be applied to the latest branch now.
>
> I have updated it to latest branch, cc stable seems unnecessary.
Hi Mingzhe,
Thank you for updating the patch against latest kernel. Let me firstly test and evaluation the change, then I will add these stuffs if necessary.
Coly Li
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] bcache: fixup btree_cache_wait list damage
2023-03-28 13:44 ` Coly Li
@ 2023-05-30 14:28 ` Coly Li
0 siblings, 0 replies; 5+ messages in thread
From: Coly Li @ 2023-05-30 14:28 UTC (permalink / raw)
To: 邹明哲; +Cc: Eric Wheeler, Bcache Linux, zoumingzhe
> 2023年3月28日 21:44,Coly Li <colyli@suse.de> 写道:
>
>
>
>> 2023年3月28日 15:54,邹明哲 <mingzhe.zou@easystack.cn> 写道:
>>
>> From: Eric Wheeler <bcache@lists.ewheeler.net>
>> Date: 2023-03-28 05:28:05
>> To: Mingzhe Zou <mingzhe.zou@easystack.cn>
>> Cc: colyli@suse.de,linux-bcache@vger.kernel.org,zoumingzhe@qq.com
>> Subject: Re: [PATCH v2] bcache: fixup btree_cache_wait list damage>On Mon, 27 Mar 2023, Mingzhe Zou wrote:
>>>
>>>> We get a kernel crash about "list_add corruption. next->prev should be
>>>> prev (ffff9c801bc01210), but was ffff9c77b688237c. (next=ffffae586d8afe68)."
>>>>
>>>> crash> struct list_head 0xffff9c801bc01210
>>>> struct list_head {
>>>> next = 0xffffae586d8afe68,
>>>> prev = 0xffffae586d8afe68
>>>> }
>>>> crash> struct list_head 0xffff9c77b688237c
>>>> struct list_head {
>>>> next = 0x0,
>>>> prev = 0x0
>>>> }
>>>> crash> struct list_head 0xffffae586d8afe68
>>>> struct list_head struct: invalid kernel virtual address: ffffae586d8afe68 type: "gdb_readmem_callback"
>>>> Cannot access memory at address 0xffffae586d8afe68
>>>>
>>>> [230469.019492] Call Trace:
>>>> [230469.032041] prepare_to_wait+0x8a/0xb0
>>>> [230469.044363] ? bch_btree_keys_free+0x6c/0xc0 [bcache]
>>>> [230469.056533] mca_cannibalize_lock+0x72/0x90 [bcache]
>>>> [230469.068788] mca_alloc+0x2ae/0x450 [bcache]
>>>> [230469.080790] bch_btree_node_get+0x136/0x2d0 [bcache]
>>>> [230469.092681] bch_btree_check_thread+0x1e1/0x260 [bcache]
>>>> [230469.104382] ? finish_wait+0x80/0x80
>>>> [230469.115884] ? bch_btree_check_recurse+0x1a0/0x1a0 [bcache]
>>>> [230469.127259] kthread+0x112/0x130
>>>> [230469.138448] ? kthread_flush_work_fn+0x10/0x10
>>>> [230469.149477] ret_from_fork+0x35/0x40
>>>>
>>>> bch_btree_check_thread() and bch_dirty_init_thread() maybe call
>>>> mca_cannibalize() to cannibalize other cached btree nodes. Only
>>>> one thread can do it at a time, so the op of other threads will
>>>> be added to the btree_cache_wait list.
>>>>
>>>> We must call finish_wait() to remove op from btree_cache_wait
>>>> before free it's memory address. Otherwise, the list will be
>>>> damaged. Also should call bch_cannibalize_unlock() to release
>>>> the btree_cache_alloc_lock and wake_up other waiters.
>>>>
>>>> Signed-off-by: Mingzhe Zou <mingzhe.zou@easystack.cn>
>>>
>>> Is there a reason not to cc stable?
>>>
>>> If its ok to cc stable then please add:
>>> Cc: stable@vger.kernel.org
>>>
>>
>> This is an old patch that was not processed last year, and cannot be applied to the latest branch now.
>>
>> I have updated it to latest branch, cc stable seems unnecessary.
>
> Hi Mingzhe,
>
> Thank you for updating the patch against latest kernel. Let me firstly test and evaluation the change, then I will add these stuffs if necessary.
I add this patch into my for-next queue, rebased again the patch with current upstream kernel. And add Fixes and Cc tags.
This one will be submitted for my next submission.
Thanks.
Coly Li
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-05-30 14:29 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-27 8:28 [PATCH v2] bcache: fixup btree_cache_wait list damage Mingzhe Zou
2023-03-27 21:28 ` Eric Wheeler
2023-03-28 7:54 ` 邹明哲
2023-03-28 13:44 ` Coly Li
2023-05-30 14:28 ` Coly Li
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.