diff options
| author | royger <royger@FreeBSD.org> | 2015-10-26 14:50:35 +0000 |
|---|---|---|
| committer | royger <royger@FreeBSD.org> | 2015-10-26 14:50:35 +0000 |
| commit | f25e305738764cf8cb037bd0cf26402522915e2c (patch) | |
| tree | 17faf0d5e0b527305ab0f630db0b037785cb92c6 /sys/dev/xen | |
| parent | 7da4fecded5533c3d274d91dd0053828f2a17f5f (diff) | |
| download | FreeBSD-src-f25e305738764cf8cb037bd0cf26402522915e2c.zip FreeBSD-src-f25e305738764cf8cb037bd0cf26402522915e2c.tar.gz | |
x86/dma_bounce: revert r289834 and r289836
The new load_ma implementation can cause dereferences when used with
certain drivers, back it out until the reason is found:
Fatal trap 12: page fault while in kernel mode
cpuid = 11; apic id = 03
fault virtual address = 0x30
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff808a2d22
stack pointer = 0x28:0xfffffe07cc737710
frame pointer = 0x28:0xfffffe07cc737790
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 13 (g_down)
trap number = 12
panic: page fault
cpuid = 11
KDB: stack backtrace:
#0 0xffffffff80641647 at kdb_backtrace+0x67
#1 0xffffffff80606762 at vpanic+0x182
#2 0xffffffff806067e3 at panic+0x43
#3 0xffffffff8084eef1 at trap_fatal+0x351
#4 0xffffffff8084f0e4 at trap_pfault+0x1e4
#5 0xffffffff8084e82f at trap+0x4bf
#6 0xffffffff80830d57 at calltrap+0x8
#7 0xffffffff8063beab at _bus_dmamap_load_ccb+0x1fb
#8 0xffffffff8063bc51 at bus_dmamap_load_ccb+0x91
#9 0xffffffff8042dcad at ata_dmaload+0x11d
#10 0xffffffff8042df7e at ata_begin_transaction+0x7e
#11 0xffffffff8042c18e at ataaction+0x9ce
#12 0xffffffff802a220f at xpt_run_devq+0x5bf
#13 0xffffffff802a17ad at xpt_action_default+0x94d
#14 0xffffffff802c0024 at adastart+0x8b4
#15 0xffffffff802a2e93 at xpt_run_allocq+0x193
#16 0xffffffff802c0735 at adastrategy+0xf5
#17 0xffffffff80554206 at g_disk_start+0x426
Uptime: 2m29s
Diffstat (limited to 'sys/dev/xen')
| -rw-r--r-- | sys/dev/xen/blkfront/blkfront.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/sys/dev/xen/blkfront/blkfront.c b/sys/dev/xen/blkfront/blkfront.c index 0a75d79..fa8d479 100644 --- a/sys/dev/xen/blkfront/blkfront.c +++ b/sys/dev/xen/blkfront/blkfront.c @@ -293,12 +293,8 @@ xbd_queue_request(struct xbd_softc *sc, struct xbd_command *cm) { int error; - if (cm->cm_bp != NULL) - error = bus_dmamap_load_bio(sc->xbd_io_dmat, cm->cm_map, - cm->cm_bp, xbd_queue_cb, cm, 0); - else - error = bus_dmamap_load(sc->xbd_io_dmat, cm->cm_map, - cm->cm_data, cm->cm_datalen, xbd_queue_cb, cm, 0); + error = bus_dmamap_load(sc->xbd_io_dmat, cm->cm_map, cm->cm_data, + cm->cm_datalen, xbd_queue_cb, cm, 0); if (error == EINPROGRESS) { /* * Maintain queuing order by freezing the queue. The next @@ -358,6 +354,8 @@ xbd_bio_command(struct xbd_softc *sc) } cm->cm_bp = bp; + cm->cm_data = bp->bio_data; + cm->cm_datalen = bp->bio_bcount; cm->cm_sector_number = (blkif_sector_t)bp->bio_pblkno; switch (bp->bio_cmd) { @@ -1011,7 +1009,7 @@ xbd_instance_create(struct xbd_softc *sc, blkif_sector_t sectors, sc->xbd_disk->d_mediasize = sectors * sector_size; sc->xbd_disk->d_maxsize = sc->xbd_max_request_size; - sc->xbd_disk->d_flags = DISKFLAG_UNMAPPED_BIO; + sc->xbd_disk->d_flags = 0; if ((sc->xbd_flags & (XBDF_FLUSH|XBDF_BARRIER)) != 0) { sc->xbd_disk->d_flags |= DISKFLAG_CANFLUSHCACHE; device_printf(sc->xbd_dev, |
