| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2012 15:09:09 -0700
From: Mandeep Singh Baines <msb@...gle.com>
To: "Srivatsa S. Bhat" <srivatsa.bhat@...ux.vnet.ibm.com>
Cc: mandeep.baines@...il.com, Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org,
Mandeep Singh Baines <msb@...omium.org>, x86@...nel.org,
Tejun Heo <tj@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Christoph Lameter <cl@...two.org>,
Olof Johansson <olofj@...omium.org>
Subject: Re: [PATCH] x86, mm: only wait for flushes from online cpus
Srivatsa S. Bhat (srivatsa.bhat@...ux.vnet.ibm.com) wrote:
> On 06/21/2012 03:33 AM, mandeep.baines@...il.com wrote:
> > From: Mandeep Singh Baines <msb@...omium.org>
> >
> > A cpu in the mm_cpumask could go offline before we send the
> > invalidate IPI causing us to wait forever.
> >
> > Bug Trace:
> >
> > <4>[10222.234548] WARNING: at ../../arch/x86/kernel/apic/ipi.c:113 default_send_IPI_mask_logical+0x58/0x73()
> > <5>[10222.234633] Pid: 23605, comm: lmt-udev Tainted: G C 3.2.7 #1
> > <5>[10222.234639] Call Trace:
> > <5>[10222.234651] [<8102e666>] warn_slowpath_common+0x68/0x7d
> > <5>[10222.234661] [<81016c36>] ? default_send_IPI_mask_logical+0x58/0x73
> > <5>[10222.234670] [<8102e68f>] warn_slowpath_null+0x14/0x18
> > <5>[10222.234678] [<81016c36>] default_send_IPI_mask_logical+0x58/0x73
> > <5>[10222.234687] [<8101eec2>] flush_tlb_others_ipi+0x86/0xba
> > <5>[10222.234696] [<8101f0bb>] flush_tlb_mm+0x5e/0x62
> > <5>[10222.234703] [<8101e36c>] pud_populate+0x2c/0x31
> > <5>[10222.234711] [<8101e409>] pgd_alloc+0x98/0xc7
> > <5>[10222.234719] [<8102c881>] mm_init.isra.38+0xcc/0xf3
> > <5>[10222.234727] [<8102cbc2>] dup_mm+0x68/0x34e
> > <5>[10222.234736] [<8139bbae>] ? _cond_resched+0xd/0x21
> > <5>[10222.234745] [<810a5b7c>] ? kmem_cache_alloc+0x26/0xe2
> > <5>[10222.234753] [<8102d421>] ? copy_process+0x556/0xda6
> > <5>[10222.234761] [<8102d641>] copy_process+0x776/0xda6
> > <5>[10222.234770] [<8102dd5e>] do_fork+0xcb/0x1d4
> > <5>[10222.234778] [<810a8c96>] ? do_sync_write+0xd3/0xd3
> > <5>[10222.234786] [<810a94ab>] ? vfs_read+0x95/0xa2
> > <5>[10222.234795] [<81008850>] sys_clone+0x20/0x25
> > <5>[10222.234804] [<8139d8c5>] ptregs_clone+0x15/0x30
> > <5>[10222.234812] [<8139d7f7>] ? sysenter_do_call+0x12/0x26
> > <4>[10222.234818] ---[ end trace 31e095600f50fd48 ]---
> > <3>[10234.880183] BUG: soft lockup - CPU#0 stuck for 11s! [lmt-udev:23605]
> >
> > Addresses http://crosbug.com/31737
> >
> > Signed-off-by: Mandeep Singh Baines <msb@...omium.org>
> > Cc: Thomas Gleixner <tglx@...utronix.de>
> > Cc: Ingo Molnar <mingo@...hat.com>
> > Cc: "H. Peter Anvin" <hpa@...or.com>
> > Cc: x86@...nel.org
> > Cc: Tejun Heo <tj@...nel.org>
> > Cc: Andrew Morton <akpm@...ux-foundation.org>
> > Cc: Stephen Rothwell <sfr@...b.auug.org.au>
> > Cc: Christoph Lameter <cl@...two.org>
> > Cc: Olof Johansson <olofj@...omium.org>
> > ---
> > arch/x86/mm/tlb.c | 7 ++++++-
> > 1 files changed, 6 insertions(+), 1 deletions(-)
> >
> > diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
> > index 5e57e11..010090d 100644
> > --- a/arch/x86/mm/tlb.c
> > +++ b/arch/x86/mm/tlb.c
> > @@ -194,8 +194,13 @@ static void flush_tlb_others_ipi(const struct cpumask *cpumask,
> > apic->send_IPI_mask(to_cpumask(f->flush_cpumask),
> > INVALIDATE_TLB_VECTOR_START + sender);
> >
>
> This function is always called with preempt_disabled() right?
> In that case, _while_ this function is running, a CPU cannot go offline
> because of stop_machine(). (I understand that it might go offline in between
> calculating that cpumask and calling preempt_disable() - which is the race
> you are trying to handle).
>
Ah. Good point. A cpu cannot be remove from the cpu_online_mask while
preemption is disabled because stop_machine() can't run until
preemption is enabled.
./kernel/cpu.c: err = __stop_machine(take_cpu_down, &tcd_param, cpumask_of(cpu));
> So, why not take the offline cpus out of the way even before sending that IPI?
> That way, we need not modify the while loop below.
>
> > - while (!cpumask_empty(to_cpumask(f->flush_cpumask)))
> > + while (!cpumask_empty(to_cpumask(f->flush_cpumask))) {
> > + /* Only wait for online cpus */
> > + cpumask_and(to_cpumask(f->flush_cpumask),
> > + to_cpumask(f->flush_cpumask),
> > + cpu_online_mask);
> > cpu_relax();
> > + }
> > }
> >
> > f->flush_mm = NULL;
> >
>
> That is, how about something like this:
>
Acked-off-by: Mandeep Singh Baines <msb@...omium.org>
Do you mind re-sending you're patch with a proper sign-off.
Thanks and regards,
Mandeep
> diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
> index 5e57e11..9d387a9 100644
> --- a/arch/x86/mm/tlb.c
> +++ b/arch/x86/mm/tlb.c
> @@ -186,7 +186,11 @@ static void flush_tlb_others_ipi(const struct cpumask *cpumask,
>
> f->flush_mm = mm;
> f->flush_va = va;
> - if (cpumask_andnot(to_cpumask(f->flush_cpumask), cpumask, cpumask_of(smp_processor_id()))) {
> +
> + cpumask_and(to_cpumask(f->flush_cpumask), cpumask, cpu_online_mask);
> + cpumask_clear_cpu(smp_processor_id(), to_cpumask(f->flush_cpumask));
> +
> + if (!cpumask_empty(to_cpumask(f->flush_cpumask))) {
> /*
> * We have to send the IPI only to
> * CPUs affected.
>
>
>
> Regards,
> Srivatsa S. Bhat
> IBM Linux Technology Center
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists