lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <AANLkTikeREMGKRKCifrdu37FfwBNkcKGb_2heC5YDEFM@mail.gmail.com>
Date:	Fri, 14 Jan 2011 23:20:12 +1100
From:	Nick Piggin <npiggin@...il.com>
To:	"Kirill A. Shutemov" <kas@...nvz.org>
Cc:	Nick Piggin <npiggin@...nel.dk>,
	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
	Alexander Viro <viro@...iv.linux.org.uk>,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] list_bl: fix oops on UP with DEBUG_SPINLOCK

On Fri, Jan 14, 2011 at 11:16 PM, Kirill A. Shutemov <kas@...nvz.org> wrote:
> This patch partly reverts 2c6755988a.
>
> spin_[un]lock_bucket() uses bit_spin_[un]lock() to set/clear first
> bit of ->head.first. bit_spin_[un]lock() touches the bit on UP if
> DEBUG_SPINLOCK enabled.
>
> So we have to define LIST_BL_LOCKMASK to 1, if DEBUG_SPINLOCK enabled.
> Other way is reimplementation of spin_[un]lock_bucket().
>
> [    0.140008] BUG: unable to handle kernel NULL pointer dereference at 00000005
> [    0.140008] IP: [<c10a7cdf>] __d_rehash+0x6f/0xc0
> [    0.140008] *pde = 00000000
> [    0.140008] Oops: 0002 [#1]
> [    0.140008] last sysfs file:
> [    0.140008] Modules linked in:
> [    0.140008]
> [    0.140008] Pid: 1, comm: swapper Not tainted 2.6.37+ #150 /Bochs
> [    0.140008] EIP: 0060:[<c10a7cdf>] EFLAGS: 00010202 CPU: 0
> [    0.140008] EIP is at __d_rehash+0x6f/0xc0
> [    0.140008] EAX: 00000022 EBX: c7402460 ECX: 00000000 EDX: c7402468
> [    0.140008] ESI: c7ee157c EDI: 00000001 EBP: c782bedc ESP: c782bec4
> [    0.140008]  DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
> [    0.140008] Process swapper (pid: 1, ti=c782a000 task=c7830000 task.ti=c782a000)
> [    0.140008] Stack:
> [    0.140008]  c13b698f 00000001 c7402468 02eef038 c7402460 c7402460 c782bee8 c10a7d69
> [    0.140008]  c74024b0 c782bef8 c10a7d90 c7402460 c7400430 c782bf04 c10b32f4 c1304380
> [    0.140008]  c782bf1c c109dcd2 00000000 00000000 c74023c0 c7400430 c782bf3c c109df85
> [    0.140008] Call Trace:
> [    0.140008]  [<c10a7d69>] _d_rehash+0x39/0x40
> [    0.140008]  [<c10a7d90>] d_rehash+0x20/0x40
> [    0.140008]  [<c10b32f4>] simple_lookup+0x34/0x40
> [    0.140008]  [<c109dcd2>] d_alloc_and_lookup+0x32/0x60
> [    0.140008]  [<c109df85>] __lookup_hash+0xc5/0x160
> [    0.140008]  [<c109f2ae>] lookup_one_len+0x8e/0xe0
> [    0.140008]  [<c111e997>] debugfs_create_file+0x77/0x200
> [    0.140008]  [<c11bc7c9>] ? __class_create+0x29/0x80
> [    0.140008]  [<c143f6ec>] ? kernel_init+0x0/0x120
> [    0.140008]  [<c111ebb1>] debugfs_create_dir+0x21/0x30
> [    0.140008]  [<c144c256>] bdi_class_init+0x33/0x3c
> [    0.140008]  [<c1001100>] do_one_initcall+0x30/0x160
> [    0.140008]  [<c144c223>] ? bdi_class_init+0x0/0x3c
> [    0.140008]  [<c143f6ec>] ? kernel_init+0x0/0x120
> [    0.140008]  [<c143f778>] kernel_init+0x8c/0x120
> [    0.140008]  [<c1003096>] kernel_thread_helper+0x6/0x10
> [    0.140008] Code: 9e d0 3d c1 e8 19 14 25 00 8b 3e 8d 53 08 89 55 f0 89 7c 24 04 c7 04 24 8f 69 3b c1 e8 01 14 25 00 85 ff 8b 55 f0 89 7b 08 74 03 <89> 57 04 89 73 0c 89 16 c7 04 24 6c dc 3d c1 e8 e3 13 25 00 8b
> [    0.140008] EIP: [<c10a7cdf>] __d_rehash+0x6f/0xc0 SS:ESP 0068:c782bec4
> [    0.140008] CR2: 0000000000000005
> [    0.144008] ---[ end trace 4eaa2a86a8e2da22 ]---
>
> Signed-off-by: Kirill A. Shutemov <kas@...nvz.org>
> ---
>  include/linux/list_bl.h |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/include/linux/list_bl.h b/include/linux/list_bl.h
> index b2adbb4..5bad17d 100644
> --- a/include/linux/list_bl.h
> +++ b/include/linux/list_bl.h
> @@ -16,7 +16,7 @@
>  * some fast and compact auxiliary data.
>  */
>
> -#if defined(CONFIG_SMP)
> +#if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)
>  #define LIST_BL_LOCKMASK       1UL
>  #else
>  #define LIST_BL_LOCKMASK       0UL

Thank you. Russell reported this too.
I need a brown paper bag...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ