lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AM4PR0501MB27691ECD1B0ECB0531B16F20C5F30@AM4PR0501MB2769.eurprd05.prod.outlook.com>
Date:   Mon, 29 Oct 2018 11:24:42 +0000
From:   Ran Rozenstein <ranro@...lanox.com>
To:     "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC:     "mingo@...nel.org" <mingo@...nel.org>,
        "jiangshanlai@...il.com" <jiangshanlai@...il.com>,
        "dipankar@...ibm.com" <dipankar@...ibm.com>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "mathieu.desnoyers@...icios.com" <mathieu.desnoyers@...icios.com>,
        "josh@...htriplett.org" <josh@...htriplett.org>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "rostedt@...dmis.org" <rostedt@...dmis.org>,
        "dhowells@...hat.com" <dhowells@...hat.com>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "fweisbec@...il.com" <fweisbec@...il.com>,
        "oleg@...hat.com" <oleg@...hat.com>,
        "joel@...lfernandes.org" <joel@...lfernandes.org>,
        Maor Gottlieb <maorg@...lanox.com>,
        Tariq Toukan <tariqt@...lanox.com>,
        Eran Ben Elisha <eranbe@...lanox.com>,
        Leon Romanovsky <leonro@...lanox.com>
Subject: RE: [PATCH tip/core/rcu 02/19] rcu: Defer reporting RCU-preempt
 quiescent states when disabled

Hi Paul and all,

> -----Original Message-----
> From: linux-kernel-owner@...r.kernel.org [mailto:linux-kernel-
> owner@...r.kernel.org] On Behalf Of Paul E. McKenney
> Sent: Thursday, August 30, 2018 01:21
> To: linux-kernel@...r.kernel.org
> Cc: mingo@...nel.org; jiangshanlai@...il.com; dipankar@...ibm.com;
> akpm@...ux-foundation.org; mathieu.desnoyers@...icios.com;
> josh@...htriplett.org; tglx@...utronix.de; peterz@...radead.org;
> rostedt@...dmis.org; dhowells@...hat.com; edumazet@...gle.com;
> fweisbec@...il.com; oleg@...hat.com; joel@...lfernandes.org; Paul E.
> McKenney <paulmck@...ux.vnet.ibm.com>
> Subject: [PATCH tip/core/rcu 02/19] rcu: Defer reporting RCU-preempt
> quiescent states when disabled
> 
> This commit defers reporting of RCU-preempt quiescent states at
> rcu_read_unlock_special() time when any of interrupts, softirq, or
> preemption are disabled.  These deferred quiescent states are reported at a
> later RCU_SOFTIRQ, context switch, idle entry, or CPU-hotplug offline
> operation.  Of course, if another RCU read-side critical section has started in
> the meantime, the reporting of the quiescent state will be further deferred.
> 
> This also means that disabling preemption, interrupts, and/or softirqs will act
> as an RCU-preempt read-side critical section.
> This is enforced by checking preempt_count() as needed.
> 
> Some special cases must be handled on an ad-hoc basis, for example,
> context switch is a quiescent state even though both the scheduler and
> do_exit() disable preemption.  In these cases, additional calls to
> rcu_preempt_deferred_qs() override the preemption disabling.  Similar logic
> overrides disabled interrupts in rcu_preempt_check_callbacks() because in
> this case the quiescent state happened just before the corresponding
> scheduling-clock interrupt.
> 
> In theory, this change lifts a long-standing restriction that required that if
> interrupts were disabled across a call to rcu_read_unlock() that the matching
> rcu_read_lock() also be contained within that interrupts-disabled region of
> code.  Because the reporting of the corresponding RCU-preempt quiescent
> state is now deferred until after interrupts have been enabled, it is no longer
> possible for this situation to result in deadlocks involving the scheduler's
> runqueue and priority-inheritance locks.  This may allow some code
> simplification that might reduce interrupt latency a bit.  Unfortunately, in
> practice this would also defer deboosting a low-priority task that had been
> subjected to RCU priority boosting, so real-time-response considerations
> might well force this restriction to remain in place.
> 
> Because RCU-preempt grace periods are now blocked not only by RCU read-
> side critical sections, but also by disabling of interrupts, preemption, and
> softirqs, it will be possible to eliminate RCU-bh and RCU-sched in favor of
> RCU-preempt in CONFIG_PREEMPT=y kernels.  This may require some
> additional plumbing to provide the network denial-of-service guarantees
> that have been traditionally provided by RCU-bh.  Once these are in place,
> CONFIG_PREEMPT=n kernels will be able to fold RCU-bh into RCU-sched.
> This would mean that all kernels would have but one flavor of RCU, which
> would open the door to significant code cleanup.
> 
> Moving to a single flavor of RCU would also have the beneficial effect of
> reducing the NOCB kthreads by at least a factor of two.
> 
> Signed-off-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com> [ paulmck:
> Apply rcu_read_unlock_special() preempt_count() feedback
>   from Joel Fernandes. ]
> [ paulmck: Adjust rcu_eqs_enter() call to rcu_preempt_deferred_qs() in
>   response to bug reports from kbuild test robot. ] [ paulmck: Fix bug located
> by kbuild test robot involving recursion
>   via rcu_preempt_deferred_qs(). ]
> ---
>  .../RCU/Design/Requirements/Requirements.html |  50 +++---
>  include/linux/rcutiny.h                       |   5 +
>  kernel/rcu/tree.c                             |   9 ++
>  kernel/rcu/tree.h                             |   3 +
>  kernel/rcu/tree_exp.h                         |  71 +++++++--
>  kernel/rcu/tree_plugin.h                      | 144 +++++++++++++-----
>  6 files changed, 205 insertions(+), 77 deletions(-)
> 

We started seeing the trace below in our regression system, after I bisected I found this is the offending commit.
This appears immediately on boot. 
Please let me know if you need any additional details.

Thanks,
Ran


[2018-10-27 05:53:07] ================================================================================
[2018-10-27 05:53:07] UBSAN: Undefined behaviour in kernel/rcu/tree_plugin.h:620:28
[2018-10-27 05:53:07] signed integer overflow:
[2018-10-27 05:53:07] 0 - -2147483648 cannot be represented in type 'int'
[2018-10-27 05:53:07] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.19.0-for-upstream-dbg-2018-10-25_03-10-39-82 #1
[2018-10-27 05:53:07] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
[2018-10-27 05:53:07] Call Trace:
[2018-10-27 05:53:07]  dump_stack+0x9a/0xeb
[2018-10-27 05:53:07]  ubsan_epilogue+0x9/0x7c
[2018-10-27 05:53:07]  handle_overflow+0x235/0x278
[2018-10-27 05:53:07]  ? __ubsan_handle_negate_overflow+0x1bd/0x1bd
[2018-10-27 05:53:07]  ? sched_clock_local+0xd4/0x140
[2018-10-27 05:53:07]  ? kvm_clock_read+0x14/0x30
[2018-10-27 05:53:07]  rcu_preempt_deferred_qs+0x12a/0x150
[2018-10-27 05:53:07]  rcu_note_context_switch+0x1b9/0x1ac0
[2018-10-27 05:53:07]  __schedule+0x22d/0x1fd0
[2018-10-27 05:53:07]  ? pci_mmcfg_check_reserved+0x130/0x130
[2018-10-27 05:53:07]  ? sched_set_stop_task+0x330/0x330
[2018-10-27 05:53:07]  ? lockdep_hardirqs_on+0x360/0x620
[2018-10-27 05:53:07]  schedule_idle+0x45/0x80
[2018-10-27 05:53:07]  do_idle+0x23e/0x3e0
[2018-10-27 05:53:07]  ? check_flags.part.26+0x440/0x440
[2018-10-27 05:53:07]  ? arch_cpu_idle_exit+0x40/0x40
[2018-10-27 05:53:07]  ? __wake_up_common+0x156/0x5c0
[2018-10-27 05:53:07]  ? _raw_spin_unlock_irqrestore+0x59/0x70
[2018-10-27 05:53:07]  cpu_startup_entry+0x19/0x20
[2018-10-27 05:53:07]  start_secondary+0x420/0x570
[2018-10-27 05:53:07]  ? set_cpu_sibling_map+0x2f90/0x2f90
[2018-10-27 05:53:07]  secondary_startup_64+0xa4/0xb0
[2018-10-27 05:53:07] ================================================================================
[2018-10-27 05:53:07] ================================================================================
[2018-10-27 05:53:07] UBSAN: Undefined behaviour in kernel/rcu/tree_plugin.h:624:28
[2018-10-27 05:53:07] signed integer overflow:
[2018-10-27 05:53:07] -2147483648 + -2147483648 cannot be represented in type 'int'
[2018-10-27 05:53:07] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.19.0-for-upstream-dbg-2018-10-25_03-10-39-82 #1
[2018-10-27 05:53:07] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
[2018-10-27 05:53:07] Call Trace:
[2018-10-27 05:53:07]  dump_stack+0x9a/0xeb
[2018-10-27 05:53:07]  ubsan_epilogue+0x9/0x7c
[2018-10-27 05:53:07]  handle_overflow+0x235/0x278
[2018-10-27 05:53:07]  ? __ubsan_handle_negate_overflow+0x1bd/0x1bd
[2018-10-27 05:53:07]  ? check_flags.part.26+0x440/0x440
[2018-10-27 05:53:07]  ? _raw_spin_unlock_irqrestore+0x3c/0x70
[2018-10-27 05:53:07]  ? _raw_spin_unlock_irqrestore+0x3c/0x70
[2018-10-27 05:53:07]  ? lockdep_hardirqs_off+0x1fd/0x2c0
[2018-10-27 05:53:07]  ? kvm_clock_read+0x14/0x30
[2018-10-27 05:53:07]  rcu_preempt_deferred_qs+0x145/0x150
[2018-10-27 05:53:07]  rcu_note_context_switch+0x1b9/0x1ac0
[2018-10-27 05:53:07]  __schedule+0x22d/0x1fd0
[2018-10-27 05:53:07]  ? pci_mmcfg_check_reserved+0x130/0x130
[2018-10-27 05:53:07]  ? sched_set_stop_task+0x330/0x330
[2018-10-27 05:53:07]  ? lockdep_hardirqs_on+0x360/0x620
[2018-10-27 05:53:07]  schedule_idle+0x45/0x80
[2018-10-27 05:53:07]  do_idle+0x23e/0x3e0
[2018-10-27 05:53:07]  ? check_flags.part.26+0x440/0x440
[2018-10-27 05:53:07]  ? arch_cpu_idle_exit+0x40/0x40
[2018-10-27 05:53:07]  ? __wake_up_common+0x156/0x5c0
[2018-10-27 05:53:07]  ? _raw_spin_unlock_irqrestore+0x59/0x70
[2018-10-27 05:53:07]  cpu_startup_entry+0x19/0x20
[2018-10-27 05:53:07]  start_secondary+0x420/0x570
[2018-10-27 05:53:07]  ? set_cpu_sibling_map+0x2f90/0x2f90
[2018-10-27 05:53:07]  secondary_startup_64+0xa4/0xb0
[2018-10-27 05:53:07] ================================================================================


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ