From d9b9f4d2243393944d375009fdf8fb07aa459180 Mon Sep 17 00:00:00 2001 From: Andrew Warfield Date: Thu, 28 Sep 2006 11:41:23 -0700 Subject: [PATCH] [BLKTAP] Fix blktap oops on domain shutdown When a domain shuts down with a blktap-backed block device open, it can easily cause a dom0 oops. The XenbusStateClosing event can occur while the tapdisk userland thread is still processing IO requests (eg. readaheads) from the domU. But the xenbus state handler calls tap_blkif_unmap(), unmapping the blkif->blk_ring.sring rin buffer, so when the tapdisk thread next calls the BLKTAP_IOCTL_KICK_FE to return the completion event to the FE via that ring buffer, it oopses. This can be fixed simply by not calling tap_blkif_unmap() in this case; the ring buffer will still be unmapped later on when the blkif is destroyed by blktap_remove(), only then it will properly wait for the blkif refcnt to reach zero before doing so. Signed-off-by: Stephen Tweedie --- linux-2.6-xen-sparse/drivers/xen/blktap/xenbus.c | 1 - 1 file changed, 1 deletion(-) diff --git a/linux-2.6-xen-sparse/drivers/xen/blktap/xenbus.c b/linux-2.6-xen-sparse/drivers/xen/blktap/xenbus.c index 6c16a2e60b..b08e1dcc1d 100644 --- a/linux-2.6-xen-sparse/drivers/xen/blktap/xenbus.c +++ b/linux-2.6-xen-sparse/drivers/xen/blktap/xenbus.c @@ -273,7 +273,6 @@ static void tap_frontend_changed(struct xenbus_device *dev, kthread_stop(be->blkif->xenblkd); be->blkif->xenblkd = NULL; } - tap_blkif_unmap(be->blkif); xenbus_switch_state(dev, XenbusStateClosing); break; -- 2.30.2