Re: [OOPS, 3.13-rc2] null ptr in dio_complete()
From: Jens Axboe
Date: Fri Dec 06 2013 - 11:47:09 EST
On 12/05/2013 04:16 PM, Dave Chinner wrote:
> On Fri, Dec 06, 2013 at 08:26:51AM +1100, Dave Chinner wrote:
>> On Thu, Dec 05, 2013 at 10:22:20PM +0800, Ming Lei wrote:
>>> On Wed, 4 Dec 2013 12:58:38 +1100
>>> Dave Chinner <david@xxxxxxxxxxxxx> wrote:
>>>
>>>>
>>>> And I just hit this from running xfs_repair which is doing
>>>> multithreaded direct IO directly on /dev/vdc:
>> .....
>>>> So this is looking like another virtio+blk_mq problem....
>>>
>>> This one might be caused by using-after-'free' request because the freed
>>> request may be allocated to another CPU immediately, and the below patch
>>> may be helpful, would you mind testing it?
>>>
>>> diff --git a/block/blk-mq.c b/block/blk-mq.c
>>> index 6875736..2358bdf 100644
>>> --- a/block/blk-mq.c
>>> +++ b/block/blk-mq.c
>>> @@ -311,12 +311,12 @@ void blk_mq_complete_request(struct request *rq, int error)
>>>
>>> blk_account_io_completion(rq, bytes);
>>>
>>> + blk_account_io_done(rq);
>>> +
>>> if (rq->end_io)
>>> rq->end_io(rq, error);
>>> else
>>> blk_mq_free_request(rq);
>>> -
>>> - blk_account_io_done(rq);
>>> }
>>>
>>> void __blk_mq_end_io(struct request *rq, int error)
>>
>> Testing it now. I'll let you know how it goes in couple of hours.
>
> Ok, this looks like it is working correctly. The read/write io stats
> are now working properly, too. Thanks for finding the problem
> quickly!
Great, thanks for testing, Dave. The fix is now in Linus' tree.
--
Jens Axboe
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/