| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 14 May 2016 11:22:07 +0200
From: Sedat Dilek <sedat.dilek@...il.com>
To: David Miller <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Peter Zijlstra <peterz@...radead.org>,
"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"the arch/x86 maintainers" <x86@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>
Subject: [v4.6-rc7-183-g1410b74e4061]
Hi,
as Linux v4.6 is very near, I decided to write this bug report (only
drunk one coffee).
First, I am not absolutely sure if this is a real issue as...
#1: This is only a (lockdep) warning.
#2: I have not a "vanilla" Linux v4.6-rc7+ here (see P.S. and attached patch)
For a more helpful feedback I should test a...
#1: vanilla v4.6-rc7-183-g1410b74e4061
#2: net.git#master on top of #1
What I am seeing is this while surfing with a UMTS/HSPA internet-stick
(using PPP) and running Firefox on Ubuntu/precise AMD64...
[ 423.484105] ------------[ cut here ]------------
[ 423.484119] WARNING: CPU: 2 PID: 2392 at
kernel/locking/lockdep.c:2098 __lock_acquire
[ 423.484123] DEBUG_LOCKS_WARN_ON(chain_hlocks[chain->base
[ 423.484125] Modules linked in: btrfs xor raid6_pq ntfs xfs
libcrc32c ppp_deflate bsd_comp ppp_async crc_ccitt option usb_wwan
cdc_ether usbserial usbnet snd_hda_codec_hdmi i915
snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel
snd_hda_codec arc4 uvcvideo iwldvm snd_hwdep joydev mac80211
videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core
videodev rfcomm bnep kvm_intel kvm usb_storage btusb i2c_algo_bit
iwlwifi btrtl snd_hda_core drm_kms_helper btbcm snd_pcm parport_pc
btintel syscopyarea irqbypass ppdev snd_seq_midi bluetooth sysfillrect
psmouse snd_seq_midi_event sysimgblt snd_rawmidi fb_sys_fops cfg80211
snd_seq drm serio_raw snd_timer samsung_laptop snd_seq_device snd
soundcore wmi mac_hid video intel_rst lpc_ich lp parport binfmt_misc
hid_generic usbhid hid r8169 mii
[ 423.484241] CPU: 2 PID: 2392 Comm: firefox Not tainted
4.6.0-rc7-183.1-iniza-small #1
[ 423.484244] Hardware name: SAMSUNG ELECTRONICS CO., LTD.
530U3BI/530U4BI/530U4BH/530U3BI/530U4BI/530U4BH, BIOS 13XK 03/28/2013
[ 423.484247] 0000000000000000 ffff88011fa83910 ffffffff81413825
ffff88011fa83960
[ 423.484253] 0000000000000000 ffff88011fa83950 ffffffff81083ea1
0000083282f34ec0
[ 423.484259] 0000000000000005 ffff880082f34540 0000000000000000
0000000000000027
[ 423.484265] Call Trace:
[ 423.484268] <IRQ> [<ffffffff81413825>] dump_stack
[ 423.484280] [<ffffffff81083ea1>] __warn
[ 423.484285] [<ffffffff81083f0f>] warn_slowpath_fmt
[ 423.484289] [<ffffffff810dee38>] __lock_acquire
[ 423.484294] [<ffffffff810de294>] ? __lock_acquire
[ 423.484298] [<ffffffff810de294>] ? __lock_acquire
[ 423.484302] [<ffffffff810e0869>] lock_acquire
[ 423.484307] [<ffffffff81711c3b>] ? __dev_queue_xmit
[ 423.484313] [<ffffffff81823ce8>] _raw_spin_lock
[ 423.484317] [<ffffffff81711c3b>] ? __dev_queue_xmit
[ 423.484321] [<ffffffff81711c3b>] __dev_queue_xmit
[ 423.484326] [<ffffffff81711640>] ? __dev_queue_xmit
[ 423.484330] [<ffffffff81711e30>] dev_queue_xmit
[ 423.484334] [<ffffffff8171a291>] neigh_direct_output
[ 423.484339] [<ffffffff8175566c>] ip_finish_output2
[ 423.484344] [<ffffffff817554ff>] ? ip_finish_output2
[ 423.484349] [<ffffffff817565ba>] ip_finish_output
[ 423.484353] [<ffffffff81757e81>] ip_output
[ 423.484357] [<ffffffff810dbbb9>] ? __lock_is_held
[ 423.484362] [<ffffffff8175737d>] ip_local_out
[ 423.484366] [<ffffffff817577a5>] ip_queue_xmit
[ 423.484371] [<ffffffff817575c5>] ? ip_queue_xmit
[ 423.484376] [<ffffffff81771296>] tcp_transmit_skb
[ 423.484380] [<ffffffff817737ea>] __tcp_retransmit_skb
[ 423.484385] [<ffffffff81773e97>] tcp_retransmit_skb
[ 423.484389] [<ffffffff817754b7>] tcp_retransmit_timer
[ 423.484394] [<ffffffff81775bd0>] ? tcp_write_timer_handler
[ 423.484398] [<ffffffff81775a7c>] tcp_write_timer_handler
[ 423.484402] [<ffffffff81775c50>] tcp_write_timer
[ 423.484407] [<ffffffff81104f84>] call_timer_fn
[ 423.484411] [<ffffffff81104ef5>] ? call_timer_fn
[ 423.484416] [<ffffffff81775bd0>] ? tcp_write_timer_handler
[ 423.484419] [<ffffffff811058f5>] run_timer_softirq
[ 423.484424] [<ffffffff81827632>] __do_softirq
[ 423.484428] [<ffffffff8108b2fe>] irq_exit
[ 423.484432] [<ffffffff818272c2>] smp_apic_timer_interrupt
[ 423.484437] [<ffffffff818253c6>] apic_timer_interrupt
[ 423.484439] <EOI>
[ 423.484443] ---[ end trace a29d8ee0ef420d5c ]---
[ 423.484446]
[ 423.484447] ======================
[ 423.484449] [chain_key collision ]
[ 423.484452] 4.6.0-rc7-183.1-iniza-small #1 Tainted: G W
[ 423.484454] ----------------------
[ 423.484457] firefox/2392: Hash chain already cached but the
contents don't match!
[ 423.484460] Held locks:depth: 6
[ 423.484463] class_idx:1993 -> chain_key:00000000000007c9
(((&icsk->icsk_retransmit_timer))){
[ 423.484473] class_idx:1334 -> chain_key:0000000000f92536 (slock-AF_INET){
[ 423.484482] class_idx:33 -> chain_key:0000001f24a6c021
(rcu_read_lock){......}, at: [<ffffffff817575c5>] ip_queue_xmit
[ 423.484492] class_idx:1005 -> chain_key:0003e494d80423ed
(rcu_read_lock_bh){......}, at: [<ffffffff817554ff>] ip_finish_output2
[ 423.484500] class_idx:1005 -> chain_key:7c929b00847da3ed
(rcu_read_lock_bh){......}, at: [<ffffffff81711640>] __dev_queue_xmit
[ 423.484509] class_idx:1996 -> chain_key:5360108fb47da85e
(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){
[ 423.484517] Locks in cached chain:depth: 6
[ 423.484520] class_idx:1998 -> chain_key:00000000000007ce
(((&sk->sk_timer))){
[ 423.484525] class_idx:1334 -> chain_key:0000000000f9c536 (slock-AF_INET){
[ 423.484531] class_idx:33 -> chain_key:0000001f38a6c021
(rcu_read_lock){......}
[ 423.484536] class_idx:1005 -> chain_key:0003e714d80423ed
(rcu_read_lock_bh){......}
[ 423.484541] class_idx:1005 -> chain_key:7ce29b00847da3ed
(rcu_read_lock_bh){......}
[ 423.484547] class_idx:1986 -> chain_key:5360108fb47da85e (_xmit_PPP#2){
[ 423.484553]
[ 423.484553] stack backtrace:
[ 423.484558] CPU: 2 PID: 2392 Comm: firefox Tainted: G W
4.6.0-rc7-183.1-iniza-small #1
[ 423.484561] Hardware name: SAMSUNG ELECTRONICS CO., LTD.
530U3BI/530U4BI/530U4BH/530U3BI/530U4BI/530U4BH, BIOS 13XK 03/28/2013
[ 423.484563] 0000000000000000 ffff88011fa83968 ffffffff81413825
0000000000000006
[ 423.484570] ffffffff82189c20 ffff88011fa839b0 ffffffff811a8190
000000041fa83980
[ 423.484575] ffff880082f34e48 0000000000000005 ffff880082f34540
0000000000000000
[ 423.484581] Call Trace:
[ 423.484584] <IRQ> [<ffffffff81413825>] dump_stack
[ 423.484592] [<ffffffff811a8190>] print_collision
[ 423.484597] [<ffffffff810dee4d>] __lock_acquire
[ 423.484601] [<ffffffff810de294>] ? __lock_acquire
[ 423.484606] [<ffffffff810de294>] ? __lock_acquire
[ 423.484610] [<ffffffff810e0869>] lock_acquire
[ 423.484615] [<ffffffff81711c3b>] ? __dev_queue_xmit
[ 423.484619] [<ffffffff81823ce8>] _raw_spin_lock
[ 423.484624] [<ffffffff81711c3b>] ? __dev_queue_xmit
[ 423.484628] [<ffffffff81711c3b>] __dev_queue_xmit
[ 423.484632] [<ffffffff81711640>] ? __dev_queue_xmit
[ 423.484636] [<ffffffff81711e30>] dev_queue_xmit
[ 423.484640] [<ffffffff8171a291>] neigh_direct_output
[ 423.484644] [<ffffffff8175566c>] ip_finish_output2
[ 423.484648] [<ffffffff817554ff>] ? ip_finish_output2
[ 423.484653] [<ffffffff817565ba>] ip_finish_output
[ 423.484657] [<ffffffff81757e81>] ip_output
[ 423.484661] [<ffffffff810dbbb9>] ? __lock_is_held
[ 423.484666] [<ffffffff8175737d>] ip_local_out
[ 423.484670] [<ffffffff817577a5>] ip_queue_xmit
[ 423.484675] [<ffffffff817575c5>] ? ip_queue_xmit
[ 423.484679] [<ffffffff81771296>] tcp_transmit_skb
[ 423.484683] [<ffffffff817737ea>] __tcp_retransmit_skb
[ 423.484688] [<ffffffff81773e97>] tcp_retransmit_skb
[ 423.484692] [<ffffffff817754b7>] tcp_retransmit_timer
[ 423.484697] [<ffffffff81775bd0>] ? tcp_write_timer_handler
[ 423.484701] [<ffffffff81775a7c>] tcp_write_timer_handler
[ 423.484705] [<ffffffff81775c50>] tcp_write_timer
[ 423.484709] [<ffffffff81104f84>] call_timer_fn
[ 423.484713] [<ffffffff81104ef5>] ? call_timer_fn
[ 423.484718] [<ffffffff81775bd0>] ? tcp_write_timer_handler
[ 423.484730] [<ffffffff811058f5>] run_timer_softirq
[ 423.484734] [<ffffffff81827632>] __do_softirq
[ 423.484738] [<ffffffff8108b2fe>] irq_exit
[ 423.484742] [<ffffffff818272c2>] smp_apic_timer_interrupt
[ 423.484746] [<ffffffff818253c6>] apic_timer_interrupt
NOTE: I realized this call-trace 1st after v4.6-rc7.
The only commit I see which might have an effect is...
10a81980fc47 tcp: refresh skb timestamp at retransmit time
...but I may be wrong.
So help in...
"No more darkness, no more night." ---> " I see the light, I see the light."
Attached is my linux-config, dmesg output and "customized" patch.
Pleas give some clear instructions to get more light in debugging this.
I'm really in a hurry, so sorry if this BR is unsatisfying and incomplete.
Regards,
- Sedat -
P.S.: For more details see attached patch on top of Linux v4.6-rc7.
Sedat Dilek (5):
Merge branch 'wb-buf-throttle' of
git://git.kernel.org/.../axboe/linux-block into
for-4.8/wb-buf-throttle-20160510
Merge branch 'for-4.6/vfs-fixes' into 4.6.0-rc7-183.1-iniza-small
Merge branch 'for-4.6/net-fixes' into 4.6.0-rc7-183.1-iniza-small
Merge branch 'for-4.7/pm-next-20160513' into 4.6.0-rc7-183.1-iniza-small
Merge branch 'for-4.8/wb-buf-throttle-20160510' into
4.6.0-rc7-183.1-iniza-small
P.S.S: Investigating net/ changes since Linux v4.6-rc7.
$ git log --oneline v4.6-rc7.. net/
e271c7b4420d gre: do not keep the GRE header around in collect medata mode
16ec3d4fbb96 openvswitch: Fix cached ct with helper.
4e8c86155010 net sched: ife action fix late binding
5e1567aeb7fe net sched: skbedit action fix late binding
0e5538ab2b59 net sched: simple action fix late binding
87dfbdc6c747 net sched: mirred action fix late binding
a57f19d30b2d net sched: ipt action fix late binding
5026c9b1bafc net sched: vlan action fix late binding
10a81980fc47 tcp: refresh skb timestamp at retransmit time
adc0a8bfdc52 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
79e48650320e net: fix a kernel infoleak in x25 module
229740c63169 udp_offload: Set encapsulation before inner completes.
43b8448cd7b4 udp_tunnel: Remove redundant udp_tunnel_gro_complete().
1d2f7b2d956e net: ipv6: tcp reset, icmp need to consider L3 domain
856ce5d083e1 bridge: fix igmp / mld query parsing
31ca0458a61a net: bridge: fix old ioctl unlocked net device walk
dedc58e067d8 VSOCK: do not disconnect socket when peer has shutdown SEND only
eda3fc50daa9 netfilter: nfnetlink_acct: validate NFACCT_QUOTA parameter
32b583a0cb9b Merge branch 'master' of
git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec
5f8e44741f9f net: fix infoleak in rtnetlink
b8670c09f37b net: fix infoleak in llc
cec5913c1515 netfilter: IDLETIMER: fix race condition when destroy the target
70d72b7e060e netfilter: conntrack: init all_locks to avoid debug warning
d6af1a31cc72 vti: Add pmtu handling to vti_xmit.
215276c0147e xfrm: Reset encapsulation field of the skb before transformation
6ad3122a08e3 flowcache: Avoid OOM condition under preasure
View attachment "dmesg_4.6.0-rc7-183.1-iniza-small.txt" of type "text/plain" (71212 bytes)
Download attachment "config-4.6.0-rc7-183.1-iniza-small" of type "application/octet-stream" (135209 bytes)
View attachment "4.6.0-rc7-183.1-iniza-small.patch" of type "text/x-diff" (1196499 bytes)
Powered by blists - more mailing lists