[openib-general] oops with multicast patches

[Michael S. Tsirkin]

> OK, I got back to this finally. First, I reproduced the crash again,
> with spinlock debugger enabled. It seems we are looking at some use-after-free.
> Next, I'll try adding the debugging patch Sean posted, and see what this gives.

Sean, Yohad here tried adding your debugging patch and reproduced the crash.
Unfortunately, none of the BUG_ON errors got triggered.
Here's the trace from the last crash:

BUG: spinlock bad magic on CPU#1, ib_mad2/17805
 lock: ffff810079fc4140, .magic: 00000000, .owner: /-32512, .owner_cpu: 2039181760

Call Trace: <ffffffff802e02cd>{_raw_spin_lock+28} <ffffffff8040ee4b>{_spin_lock_irqsave+11}
       <ffffffff8807beff>{:ib_sa:release_group+27} <ffffffff8807c95a>{:ib_sa:mcast_work_handler+1345}
       <ffffffff880724de>{:ib_mad:ib_mad_post_receive_mads+268}
       <ffffffff8040eef7>{_spin_unlock_irq+7} <ffffffff880732ce>{:ib_mad:timeout_sends+0}
       <ffffffff8807b8c3>{:ib_sa:ib_sa_mcmember_rec_callback+64}
       <ffffffff8040eef7>{_spin_unlock_irq+7} <ffffffff8040d976>{thread_return+100}
       <ffffffff8807bac4>{:ib_sa:send_handler+74} <ffffffff8807345b>{:ib_mad:timeout_sends+397}
       <ffffffff80238e94>{run_workqueue+161} <ffffffff80238ede>{worker_thread+0}
       <ffffffff8023be88>{keventd_create_kthread+0} <ffffffff80238fe3>{worker_thread+261}
       <ffffffff80223e8f>{default_wake_function+0} <ffffffff8023be88>{keventd_create_kthread+0}
       <ffffffff80223e8f>{default_wake_function+0} <ffffffff8023be88>{keventd_create_kthread+0}
       <ffffffff8023be5f>{kthread+200} <ffffffff8020a6aa>{child_rip+8}
       <ffffffff8023be88>{keventd_create_kthread+0} <ffffffff8023bd97>{kthread+0}
       <ffffffff8020a6a2>{child_rip+0}

-- 
MST