lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1271701612.2972.5.camel@dhcp231-113.rdu.redhat.com>
Date:	Mon, 19 Apr 2010 14:26:52 -0400
From:	Eric Paris <eparis@...hat.com>
To:	Peter Zijlstra <peterz@...radead.org>
Cc:	Eric Paris <eparis@...isplace.org>, paulmck@...ux.vnet.ibm.com,
	Miles Lane <miles.lane@...il.com>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: INFO: suspicious rcu_dereference_check() usage - 
 include/linux/cgroup.h:492 invoked rcu_dereference_check() without 
 protection!

On Wed, 2010-04-14 at 12:47 +0200, Peter Zijlstra wrote:
> On Mon, 2010-04-12 at 20:47 +0200, Peter Zijlstra wrote:
> > On Mon, 2010-04-12 at 14:44 -0400, Eric Paris wrote:
> > > On Wed, Mar 10, 2010 at 11:28 PM, Paul E. McKenney
> > > <paulmck@...ux.vnet.ibm.com> wrote:
> > 
> > > I know you indicated this was fixed in mainline and I see that set of
> > > commits objects, but I'm seeing the below spew from linux-next today.
> > > 
> > > tree: git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
> > > tag: next-20100412
> > > commit: bbeecf185fe464ccd7ee97ce6d3646ad686995b4
> > > 
> > > [    0.035602] ===================================================
> > > [    0.036003] [ INFO: suspicious rcu_dereference_check() usage. ]
> > > [    0.037006] ---------------------------------------------------
> > > [    0.038004] include/linux/cgroup.h:533 invoked
> > > rcu_dereference_check() without protection!
> > > [    0.039003]
> > > [    0.039004] other info that might help us debug this:
> > > [    0.039004]
> > > [    0.040003]
> > > [    0.040004] rcu_scheduler_active = 1, debug_locks = 0
> > > [    0.041004] no locks held by swapper/0.
> > > [    0.042003]
> > > [    0.042004] stack backtrace:
> > > [    0.043005] Pid: 0, comm: swapper Not tainted 2.6.34-rc3-next-20100412+ #65
> > > [    0.044003] Call Trace:
> > > [    0.045015]  [<ffffffff8108584f>] lockdep_rcu_dereference+0xaf/0xc0
> > > [    0.046010]  [<ffffffff81044812>] set_task_cpu+0x2d2/0x370
> > 
> > Oh, right, I still have to sort that out.
> > 
> > I need to figure out how all that scheduler and cgroup muck interact to
> > fix this.
> 
> I think the below should cure this..
> 
> 
> Signed-off-by: Peter Zijlstra <a.p.zijlstra@...llo.nl>
> ---
>  kernel/sched.c |   10 ++++++++++
>  1 files changed, 10 insertions(+), 0 deletions(-)
> 
> diff --git a/kernel/sched.c b/kernel/sched.c
> index 3acf694..2e06d87 100644
> --- a/kernel/sched.c
> +++ b/kernel/sched.c
> @@ -323,6 +323,15 @@ static inline struct task_group *task_group(struct task_struct *p)
>  /* Change a task's cfs_rq and parent entity if it moves across CPUs/groups */
>  static inline void set_task_rq(struct task_struct *p, unsigned int cpu)
>  {
> +	/*
> +	 * Strictly speaking this rcu_read_lock() is not needed since the
> +	 * task_group is tied to the cgroup, which in turn can never go away
> +	 * as long as there are tasks attached to it.
> +	 *
> +	 * However since task_group() uses task_subsys_state() which is an
> +	 * rcu_dereference() user, this quiets CONFIG_PROVE_RCU.
> +	 */
> +	rcu_read_lock();
>  #ifdef CONFIG_FAIR_GROUP_SCHED
>  	p->se.cfs_rq = task_group(p)->cfs_rq[cpu];
>  	p->se.parent = task_group(p)->se[cpu];
> @@ -332,6 +341,7 @@ static inline void set_task_rq(struct task_struct *p, unsigned int cpu)
>  	p->rt.rt_rq  = task_group(p)->rt_rq[cpu];
>  	p->rt.parent = task_group(p)->rt_se[cpu];
>  #endif
> +	rcu_read_unlock();
>  }
>  
>  #else

So I'm back with another one even with this patch.  Would people prefer
another thread?

[    0.037175] ===================================================
[    0.038003] [ INFO: suspicious rcu_dereference_check() usage. ]
[    0.039003] ---------------------------------------------------
[    0.040004] include/linux/cgroup.h:533 invoked rcu_dereference_check() without protection!
[    0.041003]
[    0.041004] other info that might help us debug this:
[    0.041005]
[    0.042004]
[    0.042004] rcu_scheduler_active = 1, debug_locks = 0
[    0.043004] no locks held by swapper/0.
[    0.044003]
[    0.044004] stack backtrace:
[    0.045005] Pid: 0, comm: swapper Not tainted 2.6.34-rc4-next-20100415+ #94
[    0.046004] Call Trace:
[    0.047014]  [<ffffffff8108652f>] lockdep_rcu_dereference+0xaf/0xc0
[    0.048013]  [<ffffffff810a3453>] freezer_fork+0xb3/0xd0
[    0.049007]  [<ffffffff8109d61c>] cgroup_fork_callbacks+0x2c/0x40
[    0.050007]  [<ffffffff81055e4a>] copy_process+0xb6a/0x11e0
[    0.051006]  [<ffffffff8105657e>] do_fork+0xbe/0x3e0
[    0.052007]  [<ffffffff81012519>] ? sched_clock+0x9/0x10
[    0.053008]  [<ffffffff81077d45>] ? sched_clock_local+0x15/0x80
[    0.054006]  [<ffffffff81077e69>] ? sched_clock_cpu+0xb9/0xf0
[    0.055006]  [<ffffffff81076cd5>] ? up+0x35/0x50
[    0.056006]  [<ffffffff81084073>] ? get_lock_stats+0x23/0x70
[    0.057006]  [<ffffffff810840ce>] ? put_lock_stats+0xe/0x30
[    0.058010]  [<ffffffff81cade20>] ? kernel_init+0x0/0x2e0
[    0.059006]  [<ffffffff810136dd>] kernel_thread+0x8d/0xa0
[    0.060006]  [<ffffffff81cade20>] ? kernel_init+0x0/0x2e0
[    0.061007]  [<ffffffff8100bc20>] ? kernel_thread_helper+0x0/0x10
[    0.062006]  [<ffffffff81cad140>] ? early_idt_handler+0x0/0x71
[    0.063011]  [<ffffffff814e40c1>] rest_init+0x21/0x110
[    0.064005]  [<ffffffff81cadd3f>] start_kernel+0x3af/0x490
[    0.065006]  [<ffffffff81cad29c>] x86_64_start_reservations+0x7c/0xd0
[    0.066005]  [<ffffffff81cad000>] ? early_idt_handlers+0x0/0x140
[    0.067006]  [<ffffffff81cad3e8>] x86_64_start_kernel+0xf8/0x130

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ