lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAOihqkLtVLgP1zzGWB0L_w=unveD1bBxENWrzX9AOQmRMd23Mw@mail.gmail.com>
Date:	Wed, 27 Apr 2016 12:55:47 +0200
From:	Andreas Starzer <stzlinux@...il.com>
To:	linux-kernel@...r.kernel.org
Cc:	mingo@...e.hu, paulmck@...ux.vnet.ibm.com, tglx@...utronix.de
Subject: wake_up on wait-queue called from hard-irq context in 3.10.63-rt65

This Bug was already fixed in rcutiny_plugin.h with changing the
wait-queue to simple-waiter.

Found this bug with 3.10.63-rt65 in rcutree_plugin.h too. (It is not
fixed in current 3.10-release)

SVC (hard-irq-context) for scheduling tries to wake-up wait-queue
waiters and therefore simple-waiter is needed.

I fixed the problem for myself with this patch, but I don't know if
this is a correct fix.

Index: src/kernel/rcutree_plugin.h
===================================================================
--- src/kernel/rcutree_plugin.h    (revision 159)
+++ src/kernel/rcutree_plugin.h    (working copy)
@@ -705,7 +705,8 @@
 }
 EXPORT_SYMBOL_GPL(synchronize_rcu);

-static DECLARE_WAIT_QUEUE_HEAD(sync_rcu_preempt_exp_wq);
+/* (stz): bug#16085 replace standard wq by simple waiter for call by
SVC context. */
+static DEFINE_SWAIT_HEAD(sync_rcu_preempt_exp_wq);
 static unsigned long sync_rcu_preempt_exp_count;
 static DEFINE_MUTEX(sync_rcu_preempt_exp_mutex);

@@ -762,8 +763,10 @@
         }
         if (rnp->parent == NULL) {
             raw_spin_unlock_irqrestore(&rnp->lock, flags);
-            if (wake)
-                wake_up(&sync_rcu_preempt_exp_wq);
+            if (wake) {
+              /* (stz): bug#16085 replace standard wq by simple
waiter for call by SVC context. */
+              swait_wake(&sync_rcu_preempt_exp_wq);
+            }
             break;
         }
         mask = rnp->grpmask;
@@ -883,8 +886,9 @@

     /* Wait for snapshotted ->blkd_tasks lists to drain. */
     rnp = rcu_get_root(rsp);
-    wait_event(sync_rcu_preempt_exp_wq,
-           sync_rcu_preempt_exp_done(rnp));
+    /* (stz): bug#16085 replace standard wq by simple waiter for call
by SVC context. */
+    swait_event(sync_rcu_preempt_exp_wq,
+           sync_rcu_preempt_exp_done(rnp));

     /* Clean up and exit. */
     smp_mb(); /* ensure expedited GP seen before counter increment. */



------------------------------
Detailed Output:
------------------------------

[22503.069680] BUG: sleeping function called from invalid context at
kernel/rtmutex.c:796
[22503.069685] in_atomic(): 1, irqs_disabled(): 0, pid: 385, name: rstpd
[22503.069707] Preemption disabled at:[<8000e28c>] svc_preempt+0x8/0x20
[22503.069708]
[22503.069717] CPU: 1 PID: 385 Comm: rstpd Tainted: G           O
3.10.63-sp4-rt65-svn160 #6
[22503.069723] Backtrace:
[22503.069742] [<80011d08>] (dump_backtrace+0x0/0x108) from
[<80011f18>] (show_stack+0x18/0x1c)
[22503.069753]  r6:00000003 r5:8c906000 r4:00000000 r3:00000000
[22503.069772] [<80011f00>] (show_stack+0x0/0x1c) from [<8060ce58>]
(dump_stack+0x24/0x28)
[22503.069794] [<8060ce34>] (dump_stack+0x0/0x28) from [<80054524>]
(__might_sleep+0x100/0x158)
[22503.069810] [<80054424>] (__might_sleep+0x0/0x158) from
[<806104f4>] (rt_spin_lock+0x24/0x30)
[22503.069816]  r5:00000001 r4:8086461c
[22503.069831] [<806104d0>] (rt_spin_lock+0x0/0x30) from [<800565b0>]
(__wake_up+0x2c/0x58)
[22503.069837]  r4:8086461c r3:00000001
[22503.069850] [<80056584>] (__wake_up+0x0/0x58) from [<80089f9c>]
(rcu_report_exp_rnp.isra.50+0xac/0xb4)
[22503.069861]  r7:00000001 r6:20010113 r5:00000001 r4:80864340
[22503.069874] [<80089ef0>] (rcu_report_exp_rnp.isra.50+0x0/0xb4) from
[<8008b9d0>] (rcu_read_unlock_special+0x138/0x1cc)
[22503.069885]  r7:40010113 r6:80864340 r5:00000001 r4:80864340
[22503.069897] [<8008b898>] (rcu_read_unlock_special+0x0/0x1cc) from
[<8008bb10>] (rcu_note_context_switch+0xac/0x1fc)
[22503.069912]  r9:00000001 r8:8c906000 r7:00000001 r6:8c3a6e80 r5:8c906008
[22503.069912] r4:80853a38
[22503.069924] [<8008ba64>] (rcu_note_context_switch+0x0/0x1fc) from
[<8060eee4>] (__schedule+0x70/0x44c)
[22503.069935] [<8060ee74>] (__schedule+0x0/0x44c) from [<8060f898>]
(preempt_schedule_irq+0x40/0x6c)
[22503.069947] [<8060f858>] (preempt_schedule_irq+0x0/0x6c) from
[<8000e28c>] (svc_preempt+0x8/0x20)
[22503.069953]  r4:800476bc r3:00000000
[22503.069979] [<8004766c>] (__rcu_read_unlock+0x0/0x5c) from
[<8046db5c>] (dev_queue_xmit+0x200/0x444)
[22503.070007]  r4:8c957c00 r3:00001000
[22503.070031] [<8046d95c>] (dev_queue_xmit+0x0/0x444) from
[<8059f390>] (packet_sendmsg+0xb74/0xca0)
[22503.070059] [<8059e81c>] (packet_sendmsg+0x0/0xca0) from
[<80455a80>] (sock_sendmsg+0xb0/0xd8)
[22503.070077] [<804559d0>] (sock_sendmsg+0x0/0xd8) from [<80458048>]
(SyS_sendto+0xc0/0xe4)
[22503.070104]  r7:0001d4e0 r6:8a02d440 r5:00000000 r4:00000035
[22503.070120] [<80457f88>] (SyS_sendto+0x0/0xe4) from [<8000e680>]
(ret_fast_syscall+0x0/0x30)
[22503.070145]  r7:00000122 r6:00000014 r5:00000014 r4:7ed242dc

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ