linux/lib
Daniel J Blueman 36223a399f swiotlb: fix back-off path when memory allocation fails
This fixes a SWIOTLB oops

With SWIOTLB being enabled and straight-forward page allocation
failure [1], the swiotlb_alloc_coherent fall-back path hits an
issue [2], resulting in my webcam failing to work.

At the time of oops, RDI is clearly a pointer to a structure which
has arrived as NULL, leading to the typo in swiotlb_map_single's
callsite arguments.

Correctly passing the device structure [3] addresses the issue and
gets my webcam working again (the allocation failure still occuring).

 --- [1]

skype: page allocation failure. order:3, mode:0x1
Pid: 5895, comm: skype Not tainted 2.6.27-rc6-235c-debug #1

Call Trace:
 [<ffffffff802b7cf0>] __alloc_pages_internal+0x4a0/0x5d0
 [<ffffffff802d5ddd>] alloc_pages_current+0xad/0x110
 [<ffffffff802b4ccd>] __get_free_pages+0x1d/0x60
 [<ffffffff8046cd39>] swiotlb_alloc_coherent+0x49/0x180
 [<ffffffff80212731>] dma_alloc_coherent+0x281/0x310
 [<ffffffff805621c0>] hcd_buffer_alloc+0x50/0x90
 [<ffffffff805547fd>] usb_buffer_alloc+0x2d/0x40
 [<ffffffffa0056763>] uvc_alloc_urb_buffers+0x53/0xf0 [uvcvideo]
 [<ffffffffa0056958>] uvc_init_video+0x158/0x3e0 [uvcvideo]
 [<ffffffffa0056c17>] uvc_video_enable+0x37/0x80 [uvcvideo]
 [<ffffffffa0055853>] uvc_v4l2_do_ioctl+0x723/0x1260 [uvcvideo]
 [<ffffffff8026dd61>] ? trace_hardirqs_off_caller+0x21/0xc0
 [<ffffffff8026dd61>] ? trace_hardirqs_off_caller+0x21/0xc0
 [<ffffffffa0032c9f>] video_usercopy+0x19f/0x390 [videodev]
 [<ffffffffa0055130>] ? uvc_v4l2_do_ioctl+0x0/0x1260 [uvcvideo]
 [<ffffffff8026d0ce>] ? put_lock_stats+0xe/0x30
 [<ffffffffa0054dad>] uvc_v4l2_ioctl+0x4d/0x80 [uvcvideo]
 [<ffffffffa0045083>] native_ioctl+0x83/0x90 [compat_ioctl32]
 [<ffffffffa004534e>] v4l_compat_ioctl32+0x2be/0x1da4 [compat_ioctl32]
 [<ffffffff806aad21>] ? do_page_fault+0x3d1/0xae0
 [<ffffffff80270ccd>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffff80270c59>] ? trace_hardirqs_on_caller+0x149/0x1b0
 [<ffffffff80270ccd>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffff80329afa>] compat_sys_ioctl+0x8a/0x3c0
 [<ffffffff806a700d>] ? trace_hardirqs_off_thunk+0x3a/0x3c
 [<ffffffff8022f816>] sysenter_dispatch+0x7/0x2c
 [<ffffffff806a6fce>] ? trace_hardirqs_on_thunk+0x3a/0x3f

Mem-Info:
Node 0 DMA per-cpu:
CPU    0: hi:    0, btch:   1 usd:   0
CPU    1: hi:    0, btch:   1 usd:   0
Node 0 DMA32 per-cpu:
CPU    0: hi:  186, btch:  31 usd:   3
CPU    1: hi:  186, btch:  31 usd:   0
Node 0 Normal per-cpu:
CPU    0: hi:  186, btch:  31 usd:  23
CPU    1: hi:  186, btch:  31 usd: 179
Active:78545 inactive:48683 dirty:31 writeback:0 unstable:2
 free:830202 slab:17516 mapped:17473 pagetables:3496 bounce:0
Node 0 DMA free:36kB min:28kB low:32kB high:40kB active:0kB
inactive:0kB present:15156kB pages_scanned:0 all_unreclaimable? no
lowmem_reserve[]: 0 3207 3956 3956
Node 0 DMA32 free:3197192kB min:6512kB low:8140kB high:9768kB
active:0kB inactive:0kB present:3284896kB pages_scanned:0
all_unreclaimable? no
lowmem_reserve[]: 0 0 748 748
Node 0 Normal free:123580kB min:1516kB low:1892kB high:2272kB
active:314180kB inactive:194732kB present:766464kB pages_scanned:0
all_unreclaimable? no
lowmem_reserve[]: 0 0 0 0
Node 0 DMA: 1*4kB 0*8kB 0*16kB 1*32kB 0*64kB 0*128kB 0*256kB 0*512kB
0*1024kB 0*2048kB 0*4096kB = 36kB
Node 0 DMA32: 4*4kB 3*8kB 2*16kB 3*32kB 4*64kB 5*128kB 3*256kB 5*512kB
4*1024kB 5*2048kB 776*4096kB = 3197224kB
Node 0 Normal: 14*4kB 14*8kB 8*16kB 6*32kB 1*64kB 3*128kB 3*256kB
2*512kB 4*1024kB 1*2048kB 28*4096kB = 123560kB
64847 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 502752kB
Total swap = 502752kB
1048576 pages RAM
52120 pages reserved
71967 pages shared
143004 pages non-shared

 --- [2]

BUG: unable to handle kernel NULL pointer dereference at 00000000000002c8
IP: [<ffffffff8046c84c>] map_single+0x1c/0x280
PGD 10e54e067 PUD 10e595067 PMD 0
Oops: 0000 [1] PREEMPT SMP DEBUG_PAGEALLOC
CPU 0
Modules linked in: kvm_intel kvm microcode uvcvideo compat_ioctl32
videodev v4l1_compat shpchp pci_hotplug
Pid: 5895, comm: skype Not tainted 2.6.27-rc6-235c-debug #1
RIP: 0010:[<ffffffff8046c84c>]  [<ffffffff8046c84c>] map_single+0x1c/0x280
RSP: 0018:ffff88010e78d988  EFLAGS: 00210296
RAX: 0000780000000000 RBX: 0000000000000000 RCX: 0000000000000002
RDX: 0000000000005000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffff88010e78d9e8 R08: 0000000000000000 R09: 0000000000000001
R10: ffff88010e78d698 R11: 0000000000000001 R12: 0000000000000002
R13: 0000000000000000 R14: 0000000000005000 R15: ffff88012f1c9968
FS:  0000000000000000(0000) GS:ffffffff80a6cdc0(0063) knlGS:00000000f6355b90
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00000000000002c8 CR3: 000000010e57d000 CR4: 00000000000026e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process skype (pid: 5895, threadinfo ffff88010e78c000, task ffff88012b9cc460)
Stack:  0000000200000000 0000000000005000 0000000000000000 0000000000000000
 00000000000017b8 0000000000000000 ffff88010e78d9c8 0000000000000000
 0000000000000002 0000000000000000 0000000000005000 ffff88012f1c9968
Call Trace:
 [<ffffffff8046cbb0>] swiotlb_map_single_attrs+0x60/0xf0
 [<ffffffff8046cc4c>] swiotlb_map_single+0xc/0x10
 [<ffffffff8046cdee>] swiotlb_alloc_coherent+0xfe/0x180
 [<ffffffff80212731>] dma_alloc_coherent+0x281/0x310
 [<ffffffff805621c0>] hcd_buffer_alloc+0x50/0x90
 [<ffffffff805547fd>] usb_buffer_alloc+0x2d/0x40
 [<ffffffffa0056763>] uvc_alloc_urb_buffers+0x53/0xf0 [uvcvideo]
 [<ffffffffa0056958>] uvc_init_video+0x158/0x3e0 [uvcvideo]
 [<ffffffffa0056c17>] uvc_video_enable+0x37/0x80 [uvcvideo]
 [<ffffffffa0055853>] uvc_v4l2_do_ioctl+0x723/0x1260 [uvcvideo]
 [<ffffffff8026dd61>] ? trace_hardirqs_off_caller+0x21/0xc0
 [<ffffffff8026dd61>] ? trace_hardirqs_off_caller+0x21/0xc0
 [<ffffffffa0032c9f>] video_usercopy+0x19f/0x390 [videodev]
 [<ffffffffa0055130>] ? uvc_v4l2_do_ioctl+0x0/0x1260 [uvcvideo]
 [<ffffffff8026d0ce>] ? put_lock_stats+0xe/0x30
 [<ffffffffa0054dad>] uvc_v4l2_ioctl+0x4d/0x80 [uvcvideo]
 [<ffffffffa0045083>] native_ioctl+0x83/0x90 [compat_ioctl32]
 [<ffffffffa004534e>] v4l_compat_ioctl32+0x2be/0x1da4 [compat_ioctl32]
 [<ffffffff806aad21>] ? do_page_fault+0x3d1/0xae0
 [<ffffffff80270ccd>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffff80270c59>] ? trace_hardirqs_on_caller+0x149/0x1b0
 [<ffffffff80270ccd>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffff80329afa>] compat_sys_ioctl+0x8a/0x3c0
 [<ffffffff806a700d>] ? trace_hardirqs_off_thunk+0x3a/0x3c
 [<ffffffff8022f816>] sysenter_dispatch+0x7/0x2c
 [<ffffffff806a6fce>] ? trace_hardirqs_on_thunk+0x3a/0x3f

Code: 45 31 c0 48 89 e5 e8 a4 ff ff ff c9 c3 66 90 55 48 89 e5 41 57
41 56 41 55 41 54 53 48 83 ec 38 48 89 75 b0 48 89 55 a8 89 4d a4 <48>
8b 87 c8 02 00 00 48 85 c0 0f 84 1c 02 00 00 48 8b 58 08 48
RIP  [<ffffffff8046c84c>] map_single+0x1c/0x280
 RSP <ffff88010e78d988>
CR2: 00000000000002c8
---[ end trace 5d15baeeb7025a0e ]---

 --- [3]

ffffffff8046c830 <map_single>:
map_single():
/store/kernel/linux/lib/swiotlb.c:291
ffffffff8046c830:       55                      push   %rbp
ffffffff8046c831:       48 89 e5                mov    %rsp,%rbp
ffffffff8046c834:       41 57                   push   %r15
ffffffff8046c836:       41 56                   push   %r14
ffffffff8046c838:       41 55                   push   %r13
ffffffff8046c83a:       41 54                   push   %r12
ffffffff8046c83c:       53                      push   %rbx
ffffffff8046c83d:       48 83 ec 38             sub    $0x38,%rsp
ffffffff8046c841:       48 89 75 b0             mov    %rsi,-0x50(%rbp)
ffffffff8046c845:       48 89 55 a8             mov    %rdx,-0x58(%rbp)
ffffffff8046c849:       89 4d a4                mov    %ecx,-0x5c(%rbp)
dma_get_seg_boundary():
/store/kernel/linux/include/linux/dma-mapping.h:80
ffffffff8046c84c:       48 8b 87 c8 02 00 00    mov    0x2c8(%rdi),%rax <----

 --- [4]

Signed-off-by: Daniel J Blueman <daniel.blueman@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-09-10 14:00:23 -07:00
..
lzo lzo: use get/put_unaligned_* helpers 2008-07-25 10:53:26 -07:00
reed_solomon lib: Remove unnecessary inclusions of asm/semaphore.h 2008-04-18 22:17:17 -04:00
zlib_deflate lib/: Spelling fixes 2008-02-03 17:48:52 +02:00
zlib_inflate [ZLIB]: Fix external builds of zlib_inflate code. 2007-10-11 22:17:20 -07:00
.gitignore Add some basic .gitignore files 2005-10-18 08:26:15 -07:00
argv_split.c LIB: Replace inappropriate include of <linux/bug.h> 2007-10-20 00:26:10 +02:00
audit.c [PATCH] audit signal recipients 2007-05-11 05:38:25 -04:00
bcd.c rtc: BCD codeshrink 2008-07-24 10:47:33 -07:00
bitmap.c seq_file: add seq_cpumask(), seq_nodemask() 2008-08-12 16:07:30 -07:00
bitrev.c lib: export bitrev16 2008-06-06 11:29:10 -07:00
bug.c lib: taint kernel in common report_bug() WARN path. 2008-07-04 10:40:05 -07:00
bust_spinlocks.c handle recursive calls to bust_spinlocks() 2007-10-17 08:42:56 -07:00
check_signature.c uninline check_signature() 2007-07-16 09:05:50 -07:00
cmdline.c lib: allow memparse() to accept a NULL and ignorable second parm 2008-07-25 10:53:27 -07:00
cpumask.c x86: Add performance variants of cpumask operators 2008-05-23 18:23:38 +02:00
crc7.c CRC7 support 2007-07-17 10:23:04 -07:00
crc16.c [PATCH] kernel-doc for lib/crc*.c 2006-06-25 10:01:20 -07:00
crc32.c lib/: Spelling fixes 2008-02-03 17:48:52 +02:00
crc32defs.h
crc-ccitt.c [PATCH] kernel-doc for lib/crc*.c 2006-06-25 10:01:20 -07:00
crc-itu-t.c CRC ITU-T V.41 2007-05-10 18:24:13 +02:00
crc-t10dif.c [SCSI] lib: Add support for the T10 (SCSI) Data Integrity Field CRC 2008-07-12 08:22:32 -05:00
ctype.c
debug_locks.c debug_locks: set oops_in_progress if we will log messages. 2008-08-01 10:46:43 +02:00
debugobjects.c debugobjects: fix lockdep warning 2008-09-01 09:47:16 +02:00
dec_and_lock.c [PATCH] atomic: dec_and_lock use atomic primitives 2006-01-08 20:13:48 -08:00
devres.c [POWERPC] devres: Add devm_ioremap_prot() 2008-05-05 16:47:14 +10:00
div64.c add an inlined version of iter_div_u64_rem 2008-06-12 10:47:58 +02:00
dump_stack.c
extable.c lib/extable.c: remove an expensive integer divide in search_extable() 2008-02-06 10:41:08 -08:00
fault-inject.c libfs: allow error return from simple attributes 2008-02-08 09:22:34 -08:00
find_next_bit.c bitops: remove "optimizations" 2008-04-29 08:11:16 -07:00
gen_crc32table.c
genalloc.c Slab allocators: Replace explicit zeroing with __GFP_ZERO 2007-07-17 10:23:02 -07:00
halfmd4.c
hexdump.c lib: create common ascii hex array 2008-05-14 19:11:14 -07:00
hweight.c remove asm/bitops.h includes 2007-10-19 11:53:41 -07:00
idr.c SL*B: drop kmem cache argument from constructor 2008-07-26 12:00:07 -07:00
inflate.c inflate: refactor inflate malloc code 2008-07-25 10:53:28 -07:00
int_sqrt.c [PATCH] lib: Fix bug in int_sqrt() for 64 bit longs 2006-02-03 08:32:08 -08:00
iomap_copy.c [PATCH] add __iowrite64_copy 2006-06-20 20:24:58 -07:00
iomap.c Use WARN() in lib/ 2008-07-26 12:00:07 -07:00
iommu-helper.c generic, x86: fix add iommu_num_pages helper function 2008-07-29 12:12:48 +02:00
ioremap.c lib/ioremap.c should #include <linux/io.h> 2007-10-17 08:42:50 -07:00
irq_regs.c [PATCH] irq_reqs: export __irq_regs 2006-10-06 08:53:40 -07:00
kasprintf.c lib: move kasprintf to a separate file 2007-07-31 15:39:39 -07:00
Kconfig [SCSI] lib: Add support for the T10 (SCSI) Data Integrity Field CRC 2008-07-12 08:22:32 -05:00
Kconfig.debug powerpc: Work around gcc's -fno-omit-frame-pointer bug 2008-09-03 20:53:34 +10:00
Kconfig.kgdb kgdb: remove the requirement for CONFIG_FRAME_POINTER 2008-08-01 08:39:34 -05:00
kernel_lock.c BKL: revert back to the old spinlock implementation 2008-05-10 20:58:02 -07:00
klist.c klist: fix coding style errors in klist.h and klist.c 2008-04-30 16:52:58 -07:00
kobject_uevent.c Use WARN() in lib/ 2008-07-26 12:00:07 -07:00
kobject.c kobject: Replace ALL occurrences of '/' with '!' instead of only the first one. 2008-08-21 10:15:34 -07:00
kref.c kref: add kref_set() 2008-01-24 20:40:05 -08:00
libcrc32c.c [LIB] crc32c: Keep intermediate crc state in cpu order 2007-11-08 21:34:09 +08:00
list_debug.c list debugging: use WARN() instead of BUG() 2008-07-25 10:53:29 -07:00
lmb.c lmb: Fix reserved region handling in lmb_enforce_memory_limit(). 2008-08-15 19:57:57 -07:00
locking-selftest-hardirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-mutex.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-rlock-hardirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-rlock-softirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-rlock.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-rsem.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-softirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-spin-hardirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-spin-softirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-spin.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-wlock-hardirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-wlock-softirq.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-wlock.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest-wsem.h [PATCH] lockdep: locking API self tests 2006-07-03 15:27:03 -07:00
locking-selftest.c [PATCH] lockdep: show more details about self-test failures 2006-12-07 08:39:43 -08:00
Makefile lib: generic show_mem() 2008-07-26 12:00:10 -07:00
parser.c add match_strlcpy() us it to make v9fs make uname and remotename parsing more robust 2008-05-14 19:23:25 -05:00
percpu_counter.c percpu_counter: new function percpu_counter_sum_and_set 2008-07-11 19:27:31 -04:00
plist.c Use WARN() in lib/ 2008-07-26 12:00:07 -07:00
prio_heap.c Fix cpusets update_cpumask 2007-10-19 11:53:41 -07:00
prio_tree.c
proportions.c mm: bdi: allow setting a maximum for the bdi dirty limit 2008-04-30 08:29:50 -07:00
radix-tree.c SL*B: drop kmem cache argument from constructor 2008-07-26 12:00:07 -07:00
random32.c random32: seeding improvement 2008-07-30 16:29:19 -07:00
ratelimit.c __ratelimit() cpu flags can't be static 2008-07-28 16:30:20 -07:00
rbtree.c [PATCH] rbtree: fixed reversed RB_EMPTY_NODE and rb_next/prev 2006-09-30 20:26:56 +02:00
reciprocal_div.c [PATCH] SLAB: use a multiply instead of a divide in obj_to_index() 2006-12-13 09:05:49 -08:00
rwsem-spinlock.c lib: remove fastcall from lib/* 2008-02-08 09:22:31 -08:00
rwsem.c x86: fix UML and -regparm=3 2008-01-30 13:33:00 +01:00
scatterlist.c sg: reimplement sg mapping iterator 2008-07-23 14:42:09 +02:00
sha1.c [PATCH] Numerous fixes to kernel-doc info in source files. 2007-02-11 10:51:32 -08:00
show_mem.c lib: generic show_mem() 2008-07-26 12:00:10 -07:00
smp_processor_id.c cpumask: change cpumask_of_cpu_ptr to use new cpumask_of_cpu 2008-07-26 16:40:33 +02:00
sort.c lib/sort.c optimization 2007-10-17 08:42:52 -07:00
spinlock_debug.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
string.c Add a new sysfs_streq() string comparison function 2008-05-01 08:03:59 -07:00
swiotlb.c swiotlb: fix back-off path when memory allocation fails 2008-09-10 14:00:23 -07:00
syscall.c task_current_syscall 2008-07-26 12:00:10 -07:00
textsearch.c remove CONFIG_KMOD from lib 2008-07-22 19:24:31 +10:00
ts_bm.c textsearch: ts_bm: support case insensitive searching in Boyer-Moore algorithm 2008-07-08 02:37:54 -07:00
ts_fsm.c textsearch: ts_fsm: return error on request for case insensitive search 2008-07-08 02:38:27 -07:00
ts_kmp.c textsearch: ts_kmp: support case insensitive searching in Knuth-Morris-Pratt algorithm 2008-07-08 02:38:09 -07:00
vsprintf.c lib: Correct printk %pF to work on all architectures 2008-09-09 11:51:15 -07:00