AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-11-24 11:50:52 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
94a2c3a32b
linux_dsm_epyc7002/block
History
Yufen Yu 94a2c3a32b block: use rcu_work instead of call_rcu to avoid sleep in softirq 
We recently got a stack by syzkaller like this:

BUG: sleeping function called from invalid context at mm/slab.h:361
in_atomic(): 1, irqs_disabled(): 0, pid: 6644, name: blkid
INFO: lockdep is turned off.
CPU: 1 PID: 6644 Comm: blkid Not tainted 4.4.163-514.55.6.9.x86_64+ #76
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
 0000000000000000 5ba6a6b879e50c00 ffff8801f6b07b10 ffffffff81cb2194
 0000000041b58ab3 ffffffff833c7745 ffffffff81cb2080 5ba6a6b879e50c00
 0000000000000000 0000000000000001 0000000000000004 0000000000000000
Call Trace:
 <IRQ>  [<ffffffff81cb2194>] __dump_stack lib/dump_stack.c:15 [inline]
 <IRQ>  [<ffffffff81cb2194>] dump_stack+0x114/0x1a0 lib/dump_stack.c:51
 [<ffffffff8129a981>] ___might_sleep+0x291/0x490 kernel/sched/core.c:7675
 [<ffffffff8129ac33>] __might_sleep+0xb3/0x270 kernel/sched/core.c:7637
 [<ffffffff81794c13>] slab_pre_alloc_hook mm/slab.h:361 [inline]
 [<ffffffff81794c13>] slab_alloc_node mm/slub.c:2610 [inline]
 [<ffffffff81794c13>] slab_alloc mm/slub.c:2692 [inline]
 [<ffffffff81794c13>] kmem_cache_alloc_trace+0x2c3/0x5c0 mm/slub.c:2709
 [<ffffffff81cbe9a7>] kmalloc include/linux/slab.h:479 [inline]
 [<ffffffff81cbe9a7>] kzalloc include/linux/slab.h:623 [inline]
 [<ffffffff81cbe9a7>] kobject_uevent_env+0x2c7/0x1150 lib/kobject_uevent.c:227
 [<ffffffff81cbf84f>] kobject_uevent+0x1f/0x30 lib/kobject_uevent.c:374
 [<ffffffff81cbb5b9>] kobject_cleanup lib/kobject.c:633 [inline]
 [<ffffffff81cbb5b9>] kobject_release+0x229/0x440 lib/kobject.c:675
 [<ffffffff81cbb0a2>] kref_sub include/linux/kref.h:73 [inline]
 [<ffffffff81cbb0a2>] kref_put include/linux/kref.h:98 [inline]
 [<ffffffff81cbb0a2>] kobject_put+0x72/0xd0 lib/kobject.c:692
 [<ffffffff8216f095>] put_device+0x25/0x30 drivers/base/core.c:1237
 [<ffffffff81c4cc34>] delete_partition_rcu_cb+0x1d4/0x2f0 block/partition-generic.c:232
 [<ffffffff813c08bc>] __rcu_reclaim kernel/rcu/rcu.h:118 [inline]
 [<ffffffff813c08bc>] rcu_do_batch kernel/rcu/tree.c:2705 [inline]
 [<ffffffff813c08bc>] invoke_rcu_callbacks kernel/rcu/tree.c:2973 [inline]
 [<ffffffff813c08bc>] __rcu_process_callbacks kernel/rcu/tree.c:2940 [inline]
 [<ffffffff813c08bc>] rcu_process_callbacks+0x59c/0x1c70 kernel/rcu/tree.c:2957
 [<ffffffff8120f509>] __do_softirq+0x299/0xe20 kernel/softirq.c:273
 [<ffffffff81210496>] invoke_softirq kernel/softirq.c:350 [inline]
 [<ffffffff81210496>] irq_exit+0x216/0x2c0 kernel/softirq.c:391
 [<ffffffff82c2cd7b>] exiting_irq arch/x86/include/asm/apic.h:652 [inline]
 [<ffffffff82c2cd7b>] smp_apic_timer_interrupt+0x8b/0xc0 arch/x86/kernel/apic/apic.c:926
 [<ffffffff82c2bc25>] apic_timer_interrupt+0xa5/0xb0 arch/x86/entry/entry_64.S:746
 <EOI>  [<ffffffff814cbf40>] ? audit_kill_trees+0x180/0x180
 [<ffffffff8187d2f7>] fd_install+0x57/0x80 fs/file.c:626
 [<ffffffff8180989e>] do_sys_open+0x45e/0x550 fs/open.c:1043
 [<ffffffff818099c2>] SYSC_open fs/open.c:1055 [inline]
 [<ffffffff818099c2>] SyS_open+0x32/0x40 fs/open.c:1050
 [<ffffffff82c299e1>] entry_SYSCALL_64_fastpath+0x1e/0x9a

In softirq context, we call rcu callback function delete_partition_rcu_cb(),
which may allocate memory by kzalloc with GFP_KERNEL flag. If the
allocation cannot be satisfied, it may sleep. However, That is not allowed
in softirq contex.

Although we found this problem on linux 4.4, the latest kernel version
seems to have this problem as well. And it is very similar to the
previous one:
	https://lkml.org/lkml/2018/7/9/391

Fix it by using RCU workqueue, which allows sleep.

Reviewed-by: Paul E. McKenney <paulmck@linux.ibm.com>
Signed-off-by: Yufen Yu <yuyufen@huawei.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-11-28 09:08:27 -07:00
..
partitions partitions/aix: append null character to print data from disk 2018-07-27 09:17:41 -06:00
badblocks.c badblocks: fix wrong return value in badblocks_set if badblocks are disabled 2017-11-03 11:29:50 -07:00
bfq-cgroup.c block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
bfq-iosched.c block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
bfq-iosched.h block, bfq: improve asymmetric scenarios detection 2018-10-13 15:40:00 -06:00
bfq-wf2q.c block, bfq: fix asymmetric scenarios detection 2018-10-25 11:17:40 -06:00
bio-integrity.c block: remove bio_rewind_iter() 2018-09-06 15:12:24 -06:00
bio.c block: Remove bio->bi_ioc 2018-11-19 19:03:44 -07:00
blk-cgroup.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
blk-core.c block: sum requests in the plug structure 2018-11-26 10:35:22 -07:00
blk-exec.c block: remove dead elevator code 2018-11-07 13:42:32 -07:00
blk-flush.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
blk-integrity.c block: merge BIOVEC_SEG_BOUNDARY into biovec_phys_mergeable 2018-09-24 12:33:57 -06:00
blk-ioc.c block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-iolatency.c block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-lib.c block: fix 32 bit overflow in __blkdev_issue_discard() 2018-11-14 08:17:18 -07:00
blk-map.c Merge branch 'for-4.16/block' of git://git.kernel.dk/linux-block 2018-01-29 11:51:49 -08:00
blk-merge.c block: prevent merging of requests with different priorities 2018-11-19 19:03:49 -07:00
blk-mq-cpumap.c blk-mq: initial support for multiple queue maps 2018-11-07 13:45:00 -07:00
blk-mq-debugfs-zoned.c block: Make struct request_queue smaller for CONFIG_BLK_DEV_ZONED=n 2018-07-09 09:07:52 -06:00
blk-mq-debugfs.c block: remove QUEUE_FLAG_BYPASS and ->bypass 2018-11-15 12:13:15 -07:00
blk-mq-debugfs.h block: Make struct request_queue smaller for CONFIG_BLK_DEV_ZONED=n 2018-07-09 09:07:52 -06:00
blk-mq-pci.c blk-mq: initial support for multiple queue maps 2018-11-07 13:45:00 -07:00
blk-mq-rdma.c blk-mq: abstract out queue map 2018-11-07 13:44:59 -07:00
blk-mq-sched.c block: fix attempt to assign NULL io_context 2018-11-20 19:12:46 -07:00
blk-mq-sched.h block: Remove bio->bi_ioc 2018-11-19 19:03:44 -07:00
blk-mq-sysfs.c blk-mq: not embed .mq_kobj and ctx->kobj into queue instance 2018-11-21 05:57:56 -07:00
blk-mq-tag.c blk-mq-tag: document tag iteration helper return value 2018-11-08 11:09:50 -07:00
blk-mq-tag.h Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block 2017-11-14 15:32:19 -08:00
blk-mq-virtio.c blk-mq: initial support for multiple queue maps 2018-11-07 13:45:00 -07:00
blk-mq.c blk-mq: fix failure to decrement plug count on single rq removal 2018-11-28 06:29:23 -07:00
blk-mq.h blk-mq: not embed .mq_kobj and ctx->kobj into queue instance 2018-11-21 05:57:56 -07:00
blk-pm.c block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-pm.h block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-rq-qos.c blk-rq-qos: inline check for q->rq_qos functions 2018-11-16 08:34:19 -07:00
blk-rq-qos.h blk-rq-qos: inline check for q->rq_qos functions 2018-11-16 08:34:19 -07:00
blk-settings.c block: use atomic bitops for ->queue_flags 2018-11-15 12:13:19 -07:00
blk-softirq.c block: remove a few unused exports 2018-11-15 12:13:25 -07:00
blk-stat.c block: remove a few unused exports 2018-11-15 12:13:25 -07:00
blk-stat.h blk-stat: export helpers for modifying blk_rq_stat 2018-07-09 09:07:54 -06:00
blk-sysfs.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
blk-throttle.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
blk-timeout.c block: don't hold the queue_lock over blk_abort_request 2018-11-15 12:13:18 -07:00
blk-wbt.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
blk-wbt.h block: remove external dependency on wbt_flags 2018-07-09 09:07:54 -06:00
blk-zoned.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
blk.h block: sum requests in the plug structure 2018-11-26 10:35:22 -07:00
bounce.c block: copy ioprio in __bio_clone_fast() and bounce 2018-11-12 10:35:25 -07:00
bsg-lib.c bsg: move bsg-lib parts outside of request queue 2018-11-07 13:42:33 -07:00
bsg.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
cmdline-parser.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compat_ioctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
elevator.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
genhd.c block: add queue_is_mq() helper 2018-11-16 08:34:06 -07:00
ioctl.c block: Introduce BLKGETNRZONES ioctl 2018-10-25 11:17:40 -06:00
ioprio.c block: add ioprio_check_cap function 2018-05-31 10:50:54 -04:00
Kconfig blk-wbt: kill check for legacy queue type 2018-11-07 13:42:32 -07:00
Kconfig.iosched block: remove legacy IO schedulers 2018-11-07 13:42:32 -07:00
kyber-iosched.c blk-mq: allow software queue to map to multiple hardware queues 2018-11-07 13:44:59 -07:00
Makefile block: remove legacy IO schedulers 2018-11-07 13:42:32 -07:00
mq-deadline.c block: get rid of MQ scheduler ops union 2018-11-07 13:42:32 -07:00
opal_proto.h block: sed-opal: Set MBRDone on S3 resume path if TPER is MBREnabled 2017-09-11 09:45:52 -06:00
partition-generic.c block: use rcu_work instead of call_rcu to avoid sleep in softirq 2018-11-28 09:08:27 -07:00
scsi_ioctl.c block: consistently use GFP_NOIO instead of __GFP_NORECLAIM 2018-05-14 08:55:18 -06:00
sed-opal.c block: sed-opal: Fix a couple off by one bugs 2018-06-20 12:04:06 -06:00
t10-pi.c block: move dif_prepare/dif_complete functions to block layer 2018-07-30 08:27:02 -06:00