Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754717AbbG0Jtq (ORCPT <rfc822;w@1wt.eu>);
	Mon, 27 Jul 2015 05:49:46 -0400
Received: from mail-ig0-f180.google.com ([209.85.213.180]:33629 "EHLO
	mail-ig0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754426AbbG0Jtg convert rfc822-to-8bit (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 27 Jul 2015 05:49:36 -0400
MIME-Version: 1.0
In-Reply-To: <1437487125.7490.5.camel@mita-ThinkPad-T540p>
References: <1437236903-31617-1-git-send-email-akinobu.mita@gmail.com>
	<1437236903-31617-2-git-send-email-akinobu.mita@gmail.com>
	<CACVXFVNi_US+e=YJ=n-6PFrv5XN+Q3Zfx5c0MbrAOL6BvSMRfA@mail.gmail.com>
	<1437487125.7490.5.camel@mita-ThinkPad-T540p>
Date: Mon, 27 Jul 2015 05:49:35 -0400
Message-ID: <CACVXFVOtAxuFRQYLUwwnR3GN5s+ecgLKyLT5+ovoD+iDEp+XPg@mail.gmail.com>
Subject: Re: [PATCH v3 1/7] blk-mq: avoid access hctx->tags->cpumask before allocation
From: Ming Lei <tom.leiming@gmail.com>
To: Akinobu Mita <akinobu.mita@gmail.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Keith Busch <keith.busch@intel.com>, Jens Axboe <axboe@kernel.dk>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8BIT
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 4070
Lines: 106

On Tue, Jul 21, 2015 at 9:58 AM, Akinobu Mita <akinobu.mita@gmail.com> wrote:
> 2015-07-19 (日) の 18:24 +0800 に Ming Lei さんは書きました:
>> On Sun, Jul 19, 2015 at 12:28 AM, Akinobu Mita <akinobu.mita@gmail.com> wrote:
>> > When unmapped hw queue is remapped after CPU topology is changed,
>> > hctx->tags->cpumask is set before hctx->tags is allocated in
>> > blk_mq_map_swqueue().
>> >
>> > In order to fix this null pointer dereference, hctx->tags must be
>> > allocated before configuring hctx->tags->cpumask.
>>
>> The root cause should be that the mapping between hctx and ctx
>> can be changed after CPU topo is changed, then hctx->tags can
>> be changed too, so hctx->tags->cpumask has to be set after
>> hctx->tags is setup.
>>
>> >
>> > Fixes: f26cdc8536 ("blk-mq: Shared tag enhancements")
>>
>> I am wondering if the above commit considers CPU hotplug, and
>> nvme uses tag->cpumask to set irq affinity hint just during
>> starting queue. Looks it should be reasonalbe to
>> introduce one callback of mapping_changed() for handling
>> this kind of stuff. But this isn't related with this patch.
>>
>> > Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
>> > Cc: Keith Busch <keith.busch@intel.com>
>> > Cc: Jens Axboe <axboe@kernel.dk>
>> > Cc: Ming Lei <tom.leiming@gmail.com>
>> > ---
>> >  block/blk-mq.c | 9 ++++++++-
>> >  1 file changed, 8 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/block/blk-mq.c b/block/blk-mq.c
>> > index 7d842db..f29f766 100644
>> > --- a/block/blk-mq.c
>> > +++ b/block/blk-mq.c
>> > @@ -1821,7 +1821,6 @@ static void blk_mq_map_swqueue(struct request_queue *q)
>> >
>> >                 hctx = q->mq_ops->map_queue(q, i);
>> >                 cpumask_set_cpu(i, hctx->cpumask);
>> > -               cpumask_set_cpu(i, hctx->tags->cpumask);
>> >                 ctx->index_hw = hctx->nr_ctx;
>> >                 hctx->ctxs[hctx->nr_ctx++] = ctx;
>> >         }
>> > @@ -1861,6 +1860,14 @@ static void blk_mq_map_swqueue(struct request_queue *q)
>> >                 hctx->next_cpu = cpumask_first(hctx->cpumask);
>> >                 hctx->next_cpu_batch = BLK_MQ_CPU_WORK_BATCH;
>> >         }
>> > +
>> > +       queue_for_each_ctx(q, ctx, i) {
>> > +               if (!cpu_online(i))
>> > +                       continue;
>> > +
>> > +               hctx = q->mq_ops->map_queue(q, i);
>> > +               cpumask_set_cpu(i, hctx->tags->cpumask);
>>
>> If tags->cpumask is always same with hctx->cpumaks, this
>> CPU iterator can be avoided.
>
> How about this patch?
> Or should we use cpumask_or() instead cpumask_copy?

I guess tags->cpumask need to be fixed in future, so better to
just take the current patch:

[PATCH v3 1/7] blk-mq: avoid access hctx->tags->cpumask before allocation

Thanks,

>
> diff --git a/block/blk-mq.c b/block/blk-mq.c
> index 7d842db..56f814a 100644
> --- a/block/blk-mq.c
> +++ b/block/blk-mq.c
> @@ -1821,7 +1821,6 @@ static void blk_mq_map_swqueue(struct request_queue *q)
>
>                 hctx = q->mq_ops->map_queue(q, i);
>                 cpumask_set_cpu(i, hctx->cpumask);
> -               cpumask_set_cpu(i, hctx->tags->cpumask);
>                 ctx->index_hw = hctx->nr_ctx;
>                 hctx->ctxs[hctx->nr_ctx++] = ctx;
>         }
> @@ -1846,7 +1845,10 @@ static void blk_mq_map_swqueue(struct request_queue *q)
>                 if (!set->tags[i])
>                         set->tags[i] = blk_mq_init_rq_map(set, i);
>                 hctx->tags = set->tags[i];
> -               WARN_ON(!hctx->tags);
> +               if (hctx->tags)
> +                       cpumask_copy(hctx->tags->cpumask, hctx->cpumask);
> +               else
> +                       WARN_ON(1);
>
>                 /*
>                  * Set the map size to the number of mapped software queues.
>
>



-- 
Ming Lei
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/