lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20100625014253.698d9ff5.akpm@linux-foundation.org>
Date:	Fri, 25 Jun 2010 01:42:53 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Peter Zijlstra <peterz@...radead.org>
Cc:	David Miller <davem@...emloft.net>, herbert@...dor.hengli.com.au,
	mst@...hat.com, frzhang@...hat.com, netdev@...r.kernel.org,
	amwang@...hat.com, shemminger@...tta.com, mpm@...enic.com,
	paulmck@...ux.vnet.ibm.com, mingo@...e.hu
Subject: Re: [PATCH 6/8] netpoll: Allow netpoll_setup/cleanup recursion

On Fri, 25 Jun 2010 10:08:56 +0200 Peter Zijlstra <peterz@...radead.org> wrote:

> On Thu, 2010-06-24 at 21:42 -0700, Andrew Morton wrote:
> > That being said, I wonder why Herbert didn't hit this in his testing. 
> > I suspect that he'd enabled lockdep, which hid the bug.  I haven't
> > worked out _why_ lockdep hides the double-mutex_unlock bug, but it's a
> > pretty bad thing to do. 
> 
> Most weird indeed, lockdep is supposed so shout its lungs out when
> someone wants to unlock a lock that isn't actually owned by him (and it
> not being locked at all certainly implies you're not the owner).
> 
> In fact, the below patch results in the below splat -- its also
> something that's tested by the locking self-test:

When I enabled lockdep, the bug actually went away.  Is it possible
that when lockdep detects this bug, it prevents mutex.count from going
from 1 to 2?

It could be that lockdep _did_ detect (and correct!) the bug.  But
because I had no usable console output at the time, I didn't see it.

I did notice that the taint output was "G W".  So something warned
about something, but I don't know what.  But that was happening with
lockdep disabled.


> @@ -1344,6 +1346,10 @@ SYSCALL_DEFINE0(getppid)
>  {
>  	int pid;
>  
> +	mutex_lock(&foo);
> +	mutex_unlock(&foo);
> +	mutex_unlock(&foo);
> +
>  	rcu_read_lock();
>  	pid = task_tgid_vnr(current->real_parent);
>  	rcu_read_unlock();

It'd be interesting to add

	printk("%d:%d\n", __LINE__, atomic_read(&foo.count));

after the mutex_unlock()s.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ