tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

aoe: allocate unused request_queue for sysfs

Andy Whitcroft reported an oops in aoe triggered by use of an
incorrectly initialised request_queue object:

[ 2645.959090] kobject '<NULL>' (ffff880059ca22c0): tried to add
an uninitialized object, something is seriously wrong.
[ 2645.959104] Pid: 6, comm: events/0 Not tainted 2.6.31-5-generic #24-Ubuntu
[ 2645.959107] Call Trace:
[ 2645.959139] [<ffffffff8126ca2f>] kobject_add+0x5f/0x70
[ 2645.959151] [<ffffffff8125b4ab>] blk_register_queue+0x8b/0xf0
[ 2645.959155] [<ffffffff8126043f>] add_disk+0x8f/0x160
[ 2645.959161] [<ffffffffa01673c4>] aoeblk_gdalloc+0x164/0x1c0 [aoe]

The request queue of an aoe device is not used but can be allocated in
code that does not sleep.

Bruno bisected this regression down to

cd43e26f071524647e660706b784ebcbefbd2e44

block: Expose stacked device queues in sysfs

"This seems to generate /sys/block/$device/queue and its contents for
everyone who is using queues, not just for those queues that have a
non-NULL queue->request_fn."

Addresses http://bugs.launchpad.net/bugs/410198
Addresses http://bugzilla.kernel.org/show_bug.cgi?id=13942

Note that embedding a queue inside another object has always been
an illegal construct, since the queues are reference counted and
must persist until the last reference is dropped. So aoe was
always buggy in this respect (Jens).

Signed-off-by: Ed Cashin <ecashin@coraid.com>
Cc: Andy Whitcroft <apw@canonical.com>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>
Cc: Bruno Premont <bonbons@linux-vserver.org>
Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>

authored by

Ed Cashin and committed by
Jens Axboe 7135a71b e6890f6f

+11 -4
+1 -1
drivers/block/aoe/aoe.h
··· 155 155 u16 fw_ver; /* version of blade's firmware */ 156 156 struct work_struct work;/* disk create work struct */ 157 157 struct gendisk *gd; 158 - struct request_queue blkq; 158 + struct request_queue *blkq; 159 159 struct hd_geometry geo; 160 160 sector_t ssize; 161 161 struct timer_list timer;
+9 -3
drivers/block/aoe/aoeblk.c
··· 264 264 goto err_disk; 265 265 } 266 266 267 - blk_queue_make_request(&d->blkq, aoeblk_make_request); 268 - if (bdi_init(&d->blkq.backing_dev_info)) 267 + d->blkq = blk_alloc_queue(GFP_KERNEL); 268 + if (!d->blkq) 269 269 goto err_mempool; 270 + blk_queue_make_request(d->blkq, aoeblk_make_request); 271 + if (bdi_init(&d->blkq->backing_dev_info)) 272 + goto err_blkq; 270 273 spin_lock_irqsave(&d->lock, flags); 271 274 gd->major = AOE_MAJOR; 272 275 gd->first_minor = d->sysminor * AOE_PARTITIONS; ··· 279 276 snprintf(gd->disk_name, sizeof gd->disk_name, "etherd/e%ld.%d", 280 277 d->aoemajor, d->aoeminor); 281 278 282 - gd->queue = &d->blkq; 279 + gd->queue = d->blkq; 283 280 d->gd = gd; 284 281 d->flags &= ~DEVFL_GDALLOC; 285 282 d->flags |= DEVFL_UP; ··· 290 287 aoedisk_add_sysfs(d); 291 288 return; 292 289 290 + err_blkq: 291 + blk_cleanup_queue(d->blkq); 292 + d->blkq = NULL; 293 293 err_mempool: 294 294 mempool_destroy(d->bufpool); 295 295 err_disk:
+1
drivers/block/aoe/aoedev.c
··· 113 113 if (d->bufpool) 114 114 mempool_destroy(d->bufpool); 115 115 skbpoolfree(d); 116 + blk_cleanup_queue(d->blkq); 116 117 kfree(d); 117 118 } 118 119