From 8d48d44bc0ba7ab6b4057800dd47e5d4e59c995e Mon Sep 17 00:00:00 2001 From: Josh Boyer Date: Thu, 18 Dec 2014 08:49:08 -0500 Subject: [PATCH] Fix blk-mq crash on CPU hotplug (rhbz 1175261) --- ...itialized-kobject-at-CPU-hotplugging.patch | 79 +++++++++++++++++++ kernel.spec | 9 +++ 2 files changed, 88 insertions(+) create mode 100644 blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch diff --git a/blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch b/blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch new file mode 100644 index 000000000..9042e1bee --- /dev/null +++ b/blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch @@ -0,0 +1,79 @@ +From: Takashi Iwai +Date: Wed, 10 Dec 2014 16:38:30 +0100 +Subject: [PATCH] blk-mq: Fix uninitialized kobject at CPU hotplugging + +When a CPU is hotplugged, the current blk-mq spews a warning like: + + kobject '(null)' (ffffe8ffffc8b5d8): tried to add an uninitialized object, something is seriously wrong. + CPU: 1 PID: 1386 Comm: systemd-udevd Not tainted 3.18.0-rc7-2.g088d59b-default #1 + Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_171129-lamiak 04/01/2014 + 0000000000000000 0000000000000002 ffffffff81605f07 ffffe8ffffc8b5d8 + ffffffff8132c7a0 ffff88023341d370 0000000000000020 ffff8800bb05bd58 + ffff8800bb05bd08 000000000000a0a0 000000003f441940 0000000000000007 + Call Trace: + [] dump_trace+0x86/0x330 + [] show_stack_log_lvl+0x94/0x170 + [] show_stack+0x21/0x50 + [] dump_stack+0x41/0x51 + [] kobject_add+0xa0/0xb0 + [] blk_mq_register_hctx+0x91/0xb0 + [] blk_mq_sysfs_register+0x3e/0x60 + [] blk_mq_queue_reinit_notify+0xf8/0x190 + [] notifier_call_chain+0x4c/0x70 + [] cpu_notify+0x23/0x50 + [] _cpu_up+0x157/0x170 + [] cpu_up+0x89/0xb0 + [] cpu_subsys_online+0x35/0x80 + [] device_online+0x5d/0xa0 + [] online_store+0x75/0x80 + [] kernfs_fop_write+0xda/0x150 + [] vfs_write+0xb2/0x1f0 + [] SyS_write+0x42/0xb0 + [] system_call_fastpath+0x16/0x1b + [<00007f0132fb24e0>] 0x7f0132fb24e0 + +This is indeed because of an uninitialized kobject for blk_mq_ctx. +The blk_mq_ctx kobjects are initialized in blk_mq_sysfs_init(), but it +goes loop over hctx_for_each_ctx(), i.e. it initializes only for +online CPUs. Thus, when a CPU is hotplugged, the ctx for the newly +onlined CPU is registered without initialization. + +This patch fixes the issue by initializing the all ctx kobjects +belonging to each queue. + +Bugzilla: https://bugzilla.novell.com/show_bug.cgi?id=908794 +Cc: +Signed-off-by: Takashi Iwai +Signed-off-by: Jens Axboe +--- + block/blk-mq-sysfs.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c +index 371d8800b48a..1630a20d5dcf 100644 +--- a/block/blk-mq-sysfs.c ++++ b/block/blk-mq-sysfs.c +@@ -390,16 +390,15 @@ static void blk_mq_sysfs_init(struct request_queue *q) + { + struct blk_mq_hw_ctx *hctx; + struct blk_mq_ctx *ctx; +- int i, j; ++ int i; + + kobject_init(&q->mq_kobj, &blk_mq_ktype); + +- queue_for_each_hw_ctx(q, hctx, i) { ++ queue_for_each_hw_ctx(q, hctx, i) + kobject_init(&hctx->kobj, &blk_mq_hw_ktype); + +- hctx_for_each_ctx(hctx, ctx, j) +- kobject_init(&ctx->kobj, &blk_mq_ctx_ktype); +- } ++ queue_for_each_ctx(q, ctx, i) ++ kobject_init(&ctx->kobj, &blk_mq_ctx_ktype); + } + + /* see blk_register_queue() */ +-- +2.1.0 + diff --git a/kernel.spec b/kernel.spec index 9f57d87e9..a033b8557 100644 --- a/kernel.spec +++ b/kernel.spec @@ -635,6 +635,9 @@ Patch26101: powerpc-powernv-force-all-CPUs-to-be-bootable.patch #CVE-2014-XXXX rhbz 1175235 1175250 Patch26102: isofs-Fix-infinite-looping-over-CE-entries.patch +#rhbz 1175261 +Patch26103: blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch + # git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel Patch30000: kernel-arm64.patch @@ -1378,6 +1381,9 @@ ApplyPatch powerpc-powernv-force-all-CPUs-to-be-bootable.patch #CVE-2014-XXXX rhbz 1175235 1175250 ApplyPatch isofs-Fix-infinite-looping-over-CE-entries.patch +#rhbz 1175261 +ApplyPatch blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch + %if 0%{?aarch64patches} ApplyPatch kernel-arm64.patch %ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does. @@ -2246,6 +2252,9 @@ fi # ||----w | # || || %changelog +* Thu Dec 18 2014 Josh Boyer +- Fix blk-mq crash on CPU hotplug (rhbz 1175261) + * Wed Dec 17 2014 Josh Boyer - 3.18.1-1 - Linux v3.18.1 - CVE-2014-XXXX isofs: infinite loop in CE record entries (rhbz 1175235 1175250)