lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 6 May 2010 16:09:17 -0700
From:	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To:	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
Cc:	linux-kernel@...r.kernel.org, mingo@...e.hu, laijs@...fujitsu.com,
	dipankar@...ibm.com, akpm@...ux-foundation.org,
	josh@...htriplett.org, dvhltc@...ibm.com, niv@...ibm.com,
	tglx@...utronix.de, peterz@...radead.org, rostedt@...dmis.org,
	Valdis.Kletnieks@...edu, dhowells@...hat.com,
	eric.dumazet@...il.com
Subject: Re: [PATCH tip/core/rcu 01/48] rcu: optionally leave lockdep
	enabled after RCU lockdep splat

On Wed, May 05, 2010 at 10:05:32PM -0400, Mathieu Desnoyers wrote:
> * Paul E. McKenney (paulmck@...ux.vnet.ibm.com) wrote:
> > On Wed, May 05, 2010 at 07:24:57PM -0400, Mathieu Desnoyers wrote:
> > > * Paul E. McKenney (paulmck@...ux.vnet.ibm.com) wrote:
> > > > On Wed, May 05, 2010 at 06:46:41PM -0400, Mathieu Desnoyers wrote:
> > > > > * Paul E. McKenney (paulmck@...ux.vnet.ibm.com) wrote:
> > > > > > From: Lai Jiangshan <laijs@...fujitsu.com>
> > > > > > 
> > > > > > There is no need to disable lockdep after an RCU lockdep splat,
> > > > > > so remove the debug_lockdeps_off() from lockdep_rcu_dereference().
> > > > > > To avoid repeated lockdep splats, use a static variable in the inlined
> > > > > > rcu_dereference_check() and rcu_dereference_protected() macros so that
> > > > > > a given instance splats only once, but so that multiple instances can
> > > > > > be detected per boot.
> > > > > > 
> > > > > > This is controlled by a new config variable CONFIG_PROVE_RCU_REPEATEDLY,
> > > > > > which is disabled by default.  This provides the normal lockdep behavior
> > > > > > by default, but permits people who want to find multiple RCU-lockdep
> > > > > > splats per boot to easily do so.
> > > > > 
> > > > > I'll play the devil's advocate here. (just because that's so much fun)
> > > > > ;-)
> > > > > 
> > > > > If we look at:
> > > > > 
> > > > > include/linux/debug_locks.h:
> > > > > 
> > > > > static inline int __debug_locks_off(void)
> > > > > {
> > > > >         return xchg(&debug_locks, 0);
> > > > > }
> > > > > 
> > > > > We see that all code following a call to "debug_locks_off()" can assume
> > > > > that it cannot possibly run concurrently with other code following
> > > > > "debug_locks_off()". Now, I'm not saying that the code we currently have
> > > > > will necessarily break, but I think it is worth asking if there is any
> > > > > assumption in lockdep (or RCU lockdep more specifically) about mutual
> > > > > exclusion after debug_locks_off() ?
> > > > > 
> > > > > Because if there is, then this patch is definitely breaking something by
> > > > > not protecting lockdep against multiple concurrent executions.
> > > > 
> > > > So what in lockdep_rcu_dereference() needs to be protected from concurrent
> > > > execution?  All that happens beyond that point is a bunch of printk()s,
> > > > printing the locks held by this task, and dumping this task's stack.
> > > > 
> > > > 							Thanx, Paul
> > > 
> > > I agree with you that printing the current task information should be safe.
> > > However, I am not sure that concurrent updates to the lock_class while printk()
> > > is showing its information will end up doing what we expect it to do.
> > > 
> > > It could be acceptable to have unreliable information in these rare cases, but
> > > the important thing would be to ensure that the kernel does not OOPS.
> > 
> > But any races other than the printk()s can already happen as follows:
> > 
> > o	CPU 0 needs to update some information about the lock.  It
> > 	checks debug_locks and finds that it is non-zero.
> > 
> > o	CPU 1 detects a deadlock, and invokes __debug_locks_off(),
> > 	which atomically sets debug_locks to zero.
> > 
> > o	CPU 1 then proceeds to printk() information that CPU 0
> > 	is concurrently modifying.  Which looks to be OK in any case.
> > 
> > Or is there some other race that cannot already happen that I am
> > introducing?
> 
> Nope, I don't think so. Although it's probably worth putting a comment in
> lockdep_rcu_dereference() to state that lockdep can be used by multiple
> concurrent instances here, just in case someone ever consider adding code
> to this splat handler thinking lockdep is always only used by a single "splat"
> at a time.

Done!

							Thanx, Paul
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ