| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 29 Oct 2018 11:24:42 +0000
From: Ran Rozenstein <ranro@...lanox.com>
To: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC: "mingo@...nel.org" <mingo@...nel.org>,
"jiangshanlai@...il.com" <jiangshanlai@...il.com>,
"dipankar@...ibm.com" <dipankar@...ibm.com>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
"mathieu.desnoyers@...icios.com" <mathieu.desnoyers@...icios.com>,
"josh@...htriplett.org" <josh@...htriplett.org>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"peterz@...radead.org" <peterz@...radead.org>,
"rostedt@...dmis.org" <rostedt@...dmis.org>,
"dhowells@...hat.com" <dhowells@...hat.com>,
"edumazet@...gle.com" <edumazet@...gle.com>,
"fweisbec@...il.com" <fweisbec@...il.com>,
"oleg@...hat.com" <oleg@...hat.com>,
"joel@...lfernandes.org" <joel@...lfernandes.org>,
Maor Gottlieb <maorg@...lanox.com>,
Tariq Toukan <tariqt@...lanox.com>,
Eran Ben Elisha <eranbe@...lanox.com>,
Leon Romanovsky <leonro@...lanox.com>
Subject: RE: [PATCH tip/core/rcu 02/19] rcu: Defer reporting RCU-preempt
quiescent states when disabled
Hi Paul and all,
> -----Original Message-----
> From: linux-kernel-owner@...r.kernel.org [mailto:linux-kernel-
> owner@...r.kernel.org] On Behalf Of Paul E. McKenney
> Sent: Thursday, August 30, 2018 01:21
> To: linux-kernel@...r.kernel.org
> Cc: mingo@...nel.org; jiangshanlai@...il.com; dipankar@...ibm.com;
> akpm@...ux-foundation.org; mathieu.desnoyers@...icios.com;
> josh@...htriplett.org; tglx@...utronix.de; peterz@...radead.org;
> rostedt@...dmis.org; dhowells@...hat.com; edumazet@...gle.com;
> fweisbec@...il.com; oleg@...hat.com; joel@...lfernandes.org; Paul E.
> McKenney <paulmck@...ux.vnet.ibm.com>
> Subject: [PATCH tip/core/rcu 02/19] rcu: Defer reporting RCU-preempt
> quiescent states when disabled
>
> This commit defers reporting of RCU-preempt quiescent states at
> rcu_read_unlock_special() time when any of interrupts, softirq, or
> preemption are disabled. These deferred quiescent states are reported at a
> later RCU_SOFTIRQ, context switch, idle entry, or CPU-hotplug offline
> operation. Of course, if another RCU read-side critical section has started in
> the meantime, the reporting of the quiescent state will be further deferred.
>
> This also means that disabling preemption, interrupts, and/or softirqs will act
> as an RCU-preempt read-side critical section.
> This is enforced by checking preempt_count() as needed.
>
> Some special cases must be handled on an ad-hoc basis, for example,
> context switch is a quiescent state even though both the scheduler and
> do_exit() disable preemption. In these cases, additional calls to
> rcu_preempt_deferred_qs() override the preemption disabling. Similar logic
> overrides disabled interrupts in rcu_preempt_check_callbacks() because in
> this case the quiescent state happened just before the corresponding
> scheduling-clock interrupt.
>
> In theory, this change lifts a long-standing restriction that required that if
> interrupts were disabled across a call to rcu_read_unlock() that the matching
> rcu_read_lock() also be contained within that interrupts-disabled region of
> code. Because the reporting of the corresponding RCU-preempt quiescent
> state is now deferred until after interrupts have been enabled, it is no longer
> possible for this situation to result in deadlocks involving the scheduler's
> runqueue and priority-inheritance locks. This may allow some code
> simplification that might reduce interrupt latency a bit. Unfortunately, in
> practice this would also defer deboosting a low-priority task that had been
> subjected to RCU priority boosting, so real-time-response considerations
> might well force this restriction to remain in place.
>
> Because RCU-preempt grace periods are now blocked not only by RCU read-
> side critical sections, but also by disabling of interrupts, preemption, and
> softirqs, it will be possible to eliminate RCU-bh and RCU-sched in favor of
> RCU-preempt in CONFIG_PREEMPT=y kernels. This may require some
> additional plumbing to provide the network denial-of-service guarantees
> that have been traditionally provided by RCU-bh. Once these are in place,
> CONFIG_PREEMPT=n kernels will be able to fold RCU-bh into RCU-sched.
> This would mean that all kernels would have but one flavor of RCU, which
> would open the door to significant code cleanup.
>
> Moving to a single flavor of RCU would also have the beneficial effect of
> reducing the NOCB kthreads by at least a factor of two.
>
> Signed-off-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com> [ paulmck:
> Apply rcu_read_unlock_special() preempt_count() feedback
> from Joel Fernandes. ]
> [ paulmck: Adjust rcu_eqs_enter() call to rcu_preempt_deferred_qs() in
> response to bug reports from kbuild test robot. ] [ paulmck: Fix bug located
> by kbuild test robot involving recursion
> via rcu_preempt_deferred_qs(). ]
> ---
> .../RCU/Design/Requirements/Requirements.html | 50 +++---
> include/linux/rcutiny.h | 5 +
> kernel/rcu/tree.c | 9 ++
> kernel/rcu/tree.h | 3 +
> kernel/rcu/tree_exp.h | 71 +++++++--
> kernel/rcu/tree_plugin.h | 144 +++++++++++++-----
> 6 files changed, 205 insertions(+), 77 deletions(-)
>
We started seeing the trace below in our regression system, after I bisected I found this is the offending commit.
This appears immediately on boot.
Please let me know if you need any additional details.
Thanks,
Ran
[2018-10-27 05:53:07] ================================================================================
[2018-10-27 05:53:07] UBSAN: Undefined behaviour in kernel/rcu/tree_plugin.h:620:28
[2018-10-27 05:53:07] signed integer overflow:
[2018-10-27 05:53:07] 0 - -2147483648 cannot be represented in type 'int'
[2018-10-27 05:53:07] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.19.0-for-upstream-dbg-2018-10-25_03-10-39-82 #1
[2018-10-27 05:53:07] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
[2018-10-27 05:53:07] Call Trace:
[2018-10-27 05:53:07] dump_stack+0x9a/0xeb
[2018-10-27 05:53:07] ubsan_epilogue+0x9/0x7c
[2018-10-27 05:53:07] handle_overflow+0x235/0x278
[2018-10-27 05:53:07] ? __ubsan_handle_negate_overflow+0x1bd/0x1bd
[2018-10-27 05:53:07] ? sched_clock_local+0xd4/0x140
[2018-10-27 05:53:07] ? kvm_clock_read+0x14/0x30
[2018-10-27 05:53:07] rcu_preempt_deferred_qs+0x12a/0x150
[2018-10-27 05:53:07] rcu_note_context_switch+0x1b9/0x1ac0
[2018-10-27 05:53:07] __schedule+0x22d/0x1fd0
[2018-10-27 05:53:07] ? pci_mmcfg_check_reserved+0x130/0x130
[2018-10-27 05:53:07] ? sched_set_stop_task+0x330/0x330
[2018-10-27 05:53:07] ? lockdep_hardirqs_on+0x360/0x620
[2018-10-27 05:53:07] schedule_idle+0x45/0x80
[2018-10-27 05:53:07] do_idle+0x23e/0x3e0
[2018-10-27 05:53:07] ? check_flags.part.26+0x440/0x440
[2018-10-27 05:53:07] ? arch_cpu_idle_exit+0x40/0x40
[2018-10-27 05:53:07] ? __wake_up_common+0x156/0x5c0
[2018-10-27 05:53:07] ? _raw_spin_unlock_irqrestore+0x59/0x70
[2018-10-27 05:53:07] cpu_startup_entry+0x19/0x20
[2018-10-27 05:53:07] start_secondary+0x420/0x570
[2018-10-27 05:53:07] ? set_cpu_sibling_map+0x2f90/0x2f90
[2018-10-27 05:53:07] secondary_startup_64+0xa4/0xb0
[2018-10-27 05:53:07] ================================================================================
[2018-10-27 05:53:07] ================================================================================
[2018-10-27 05:53:07] UBSAN: Undefined behaviour in kernel/rcu/tree_plugin.h:624:28
[2018-10-27 05:53:07] signed integer overflow:
[2018-10-27 05:53:07] -2147483648 + -2147483648 cannot be represented in type 'int'
[2018-10-27 05:53:07] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.19.0-for-upstream-dbg-2018-10-25_03-10-39-82 #1
[2018-10-27 05:53:07] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
[2018-10-27 05:53:07] Call Trace:
[2018-10-27 05:53:07] dump_stack+0x9a/0xeb
[2018-10-27 05:53:07] ubsan_epilogue+0x9/0x7c
[2018-10-27 05:53:07] handle_overflow+0x235/0x278
[2018-10-27 05:53:07] ? __ubsan_handle_negate_overflow+0x1bd/0x1bd
[2018-10-27 05:53:07] ? check_flags.part.26+0x440/0x440
[2018-10-27 05:53:07] ? _raw_spin_unlock_irqrestore+0x3c/0x70
[2018-10-27 05:53:07] ? _raw_spin_unlock_irqrestore+0x3c/0x70
[2018-10-27 05:53:07] ? lockdep_hardirqs_off+0x1fd/0x2c0
[2018-10-27 05:53:07] ? kvm_clock_read+0x14/0x30
[2018-10-27 05:53:07] rcu_preempt_deferred_qs+0x145/0x150
[2018-10-27 05:53:07] rcu_note_context_switch+0x1b9/0x1ac0
[2018-10-27 05:53:07] __schedule+0x22d/0x1fd0
[2018-10-27 05:53:07] ? pci_mmcfg_check_reserved+0x130/0x130
[2018-10-27 05:53:07] ? sched_set_stop_task+0x330/0x330
[2018-10-27 05:53:07] ? lockdep_hardirqs_on+0x360/0x620
[2018-10-27 05:53:07] schedule_idle+0x45/0x80
[2018-10-27 05:53:07] do_idle+0x23e/0x3e0
[2018-10-27 05:53:07] ? check_flags.part.26+0x440/0x440
[2018-10-27 05:53:07] ? arch_cpu_idle_exit+0x40/0x40
[2018-10-27 05:53:07] ? __wake_up_common+0x156/0x5c0
[2018-10-27 05:53:07] ? _raw_spin_unlock_irqrestore+0x59/0x70
[2018-10-27 05:53:07] cpu_startup_entry+0x19/0x20
[2018-10-27 05:53:07] start_secondary+0x420/0x570
[2018-10-27 05:53:07] ? set_cpu_sibling_map+0x2f90/0x2f90
[2018-10-27 05:53:07] secondary_startup_64+0xa4/0xb0
[2018-10-27 05:53:07] ================================================================================
Powered by blists - more mailing lists