| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Nov 2012 11:52:59 -0800
From: Frank Rowand <frank.rowand@...sony.com>
To: Thomas Gleixner <tglx@...utronix.de>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-rt-users@...r.kernel.org" <linux-rt-users@...r.kernel.org>,
"grant.likely@...retlab.ca" <grant.likely@...retlab.ca>
Subject: Re: 3.6.7-rt18 ARM BUG_ON() at kernel/sched/core.c:3817
On 11/28/12 19:31, Frank Rowand wrote:
> 3.6.7-rt18: kernel BUG at .../kernel/sched/core.c:3817!
>
> Grant reported this same problem for 3.6.5-rt15.
>
> I am seeing it on a different arm board.
>
> Here is the BUG_ON():
>
> asmlinkage void __sched preempt_schedule_irq(void)
> {
> struct thread_info *ti = current_thread_info();
>
> /* Catch callers which need to be fixed */
> BUG_ON(ti->preempt_count || !irqs_disabled());
>
> Putting in some extra printk(), the BUG_ON() is triggering because
> ti->preempt_count is non-zero.
>
>
> It appears that the cause is in arch/arm/kernel/entry-armv.S.
>
> The call to preempt_schedule_irq() is from svc_preempt:
>
> #ifdef CONFIG_PREEMPT
> svc_preempt:
> mov r8, lr
> 1: bl preempt_schedule_irq @ irq en/disable is done inside
>
>
> svc_preempt is branched to from one of two possible places. The first was
> present before the lazy preempt code was added. The first appears ok to me.
> (Note that the first branch does not occur if preempt count is non-zero.)
>
> The second branch can occur even if the preempt count is non-zero (which is
> what the BUG_ON() is finding):
>
> __irq_svc:
> svc_entry
> irq_handler
>
> #ifdef CONFIG_PREEMPT
> get_thread_info tsk
> ldr r8, [tsk, #TI_PREEMPT] @ get preempt count
> ldr r0, [tsk, #TI_FLAGS] @ get flags
> teq r8, #0 @ if preempt count != 0
> movne r0, #0 @ force flags to 0
> tst r0, #_TIF_NEED_RESCHED
> blne svc_preempt
> ldr r8, [tsk, #TI_PREEMPT_LAZY] @ get preempt lazy count
> ldr r0, [tsk, #TI_FLAGS] @ get flags
> teq r8, #0 @ if preempt lazy count != 0
> movne r0, #0 @ force flags to 0
> tst r0, #_TIF_NEED_RESCHED_LAZY
> blne svc_preempt
> #endif
And here is a patch that fixes the symptom. I'll have to look at how
the preempt lazy count feature works to see if the patch is consistent
with the feature. I'll do that next.
Signed-off-by: Frank Rowand <frank.rowand@...sony.com>
---
arch/arm/kernel/entry-armv.S | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)
Index: b/arch/arm/kernel/entry-armv.S
===================================================================
--- a/arch/arm/kernel/entry-armv.S
+++ b/arch/arm/kernel/entry-armv.S
@@ -221,8 +221,10 @@ __irq_svc:
movne r0, #0 @ force flags to 0
tst r0, #_TIF_NEED_RESCHED
blne svc_preempt
- ldr r8, [tsk, #TI_PREEMPT_LAZY] @ get preempt lazy count
ldr r0, [tsk, #TI_FLAGS] @ get flags
+ teq r8, #0 @ if preempt count != 0
+ movne r0, #0 @ force flags to 0
+ ldr r8, [tsk, #TI_PREEMPT_LAZY] @ get preempt lazy count
teq r8, #0 @ if preempt lazy count != 0
movne r0, #0 @ force flags to 0
tst r0, #_TIF_NEED_RESCHED_LAZY
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists