lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <480FF821.9050208@gmail.com>
Date:	Thu, 24 Apr 2008 12:01:53 +0900
From:	Tejun Heo <htejun@...il.com>
To:	Peter Zijlstra <peterz@...radead.org>
CC:	Vegard Nossum <vegard.nossum@...il.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Jeff Garzik <jgarzik@...ox.com>, Ingo Molnar <mingo@...e.hu>,
	IDE/ATA development list <linux-ide@...r.kernel.org>,
	Alan Cox <alan@...rguk.ukuu.org.uk>
Subject: Re: v2.6.25: WARNING: at kernel/lockdep.c:2437	__lock_acquire+0xc69/0xfa0()

Peter Zijlstra wrote:
> On Sun, 2008-04-20 at 12:29 +0200, Vegard Nossum wrote:
>> Hi,
>>
>> This appears in clean v2.6.25:
>>
>> ------------[ cut here ]------------
>> WARNING: at kernel/lockdep.c:2437 __lock_acquire+0xc69/0xfa0()
>> Pid: 1002, comm: scsi_eh_4 Not tainted 2.6.25 #379
>>  [<c011bb5c>] warn_on_slowpath+0x3c/0x50
>>  [<c013b0f9>] ? __lock_acquire+0x219/0xfa0
>>  [<c013b0f9>] ? __lock_acquire+0x219/0xfa0
>>  [<c012c2c8>] ? __kernel_text_address+0x8/0x20
>>  [<c0104fce>] ? dump_trace+0xce/0x120
>>  [<c010a56c>] ? save_stack_trace+0x1c/0x40
>>  [<c0138659>] ? save_trace+0x39/0xa0
>>  [<c013a3d1>] ? mark_lock+0x61/0x540
>>  [<c013bb49>] __lock_acquire+0xc69/0xfa0
>>  [<c012b46a>] ? __cancel_work_timer+0x5a/0x140
>>  [<c01082ac>] ? native_sched_clock+0x5c/0xb0
>>  [<c013beee>] lock_acquire+0x6e/0x90
>>  [<c02a8e23>] ? ata_scsi_error+0x33/0x6a0
>>  [<c02e4946>] _spin_lock_irqsave+0x26/0x60
>>  [<c02a8e23>] ? ata_scsi_error+0x33/0x6a0
>>  [<c02a4ee0>] ? ata_bmdma_error_handler+0x0/0x50
>>  [<c02a8e23>] ata_scsi_error+0x33/0x6a0
>>  [<c02e249a>] ? schedule+0x27a/0x410
>>  [<c0256dd1>] ? __scsi_iterate_devices+0x51/0x70
>>  [<c025c681>] ? scsi_run_host_queues+0x21/0x30
>>  [<c025ae5e>] scsi_error_handler+0x9e/0x4e0
>>  [<c02e249a>] ? schedule+0x27a/0x410
>>  [<c025adc0>] ? scsi_error_handler+0x0/0x4e0
>>  [<c012dd86>] kthread+0x36/0x60
>>  [<c012dd50>] ? kthread+0x0/0x60
>>  [<c0104c27>] kernel_thread_helper+0x7/0x10
>>  =======================
>> ---[ end trace 5e5d737e76fd4940 ]---
> 
> Indeed, quite easy to reproduce:
> 
> diff --git a/kernel/lockdep.c b/kernel/lockdep.c
> index 81a4e4a..33901ef 100644
> --- a/kernel/lockdep.c
> +++ b/kernel/lockdep.c
> @@ -2434,6 +2434,13 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass,
>  	 * the hash, not class->key.
>  	 */
>  	id = class - lock_classes;
> +	if (id >= MAX_LOCKDEP_KEYS) {
> +		spinlock_t *slock = container_of(lock, spinlock_t, dep_map);
> +
> +		printk(KERN_EMERG "magic: %x\n", slock->magic);
> +		printk(KERN_EMERG "class: %p\n", class);
> +		printk(KERN_EMERG "id: %u\n", id);
> +	}
>  	if (DEBUG_LOCKS_WARN_ON(id >= MAX_LOCKDEP_KEYS))
>  		return 0;
>  
> 
> 
> gives me:
> 
> ata3: PATA max PIO4 cmd 0x1e8 ctl 0x3ee irq 11
> magic: c050cf60
> class: c7c20e54
> id: 2265185251
> ------------[ cut here ]------------
> WARNING: at /mnt/md0/src/linux-2.6-2/kernel/lockdep.c:2444
> __lock_acquire+0x57b/0xfd0()
> 
> 
> Looks like someone is stomping on the spinlock or just passing us
> garbage.

Does the attached patch help?

-- 
tejun

View attachment "legacy-fix.patch" of type "text/x-patch" (351 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ