From: Andrew Morton <akpm@linux-foundation.org>
To: holzheu@linux.vnet.ibm.com
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
Vivek Goyal <vgoyal@redhat.com>,
schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com,
kexec@lists.infradead.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] kdump: Fix crash_kexec - smp_send_stop race in panic
Date: Fri, 28 Oct 2011 16:11:43 -0700 [thread overview]
Message-ID: <20111028161143.e5ebf617.akpm@linux-foundation.org> (raw)
In-Reply-To: <1319639649.3321.11.camel@br98xy6r>
On Wed, 26 Oct 2011 16:34:09 +0200
Michael Holzheu <holzheu@linux.vnet.ibm.com> wrote:
> Hello Andrew,
>
> After the discussion with Eric and Vivek the following patch
> seems to be a good solution to me. Could you accept this patch?
>
> When two CPUs call panic at the same time there is a
> possible race condition that can stop kdump. The first
> CPU calls crash_kexec() and the second CPU calls
> smp_send_stop() in panic() before crash_kexec() finished
> on the first CPU. So the second CPU stops the first CPU
> and therefore kdump fails:
>
> 1st CPU:
> panic()->crash_kexec()->mutex_trylock(&kexec_mutex)-> do kdump
>
> 2nd CPU:
> panic()->crash_kexec()->kexec_mutex already held by 1st CPU
> ->smp_send_stop()-> stop 1st CPU (stop kdump)
>
> This patch fixes the problem by introducing a spinlock in
> panic that allows only one CPU to process crash_kexec() and
> the subsequent panic code.
>
> Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
> ---
> kernel/panic.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -59,6 +59,7 @@ EXPORT_SYMBOL(panic_blink);
> */
> NORET_TYPE void panic(const char * fmt, ...)
> {
> + static DEFINE_SPINLOCK(panic_lock);
> static char buf[1024];
> va_list args;
> long i, i_next = 0;
> @@ -82,6 +83,13 @@ NORET_TYPE void panic(const char * fmt,
> #endif
>
> /*
> + * Only one CPU is allowed to execute the panic code from here. For
> + * multiple parallel invocations of panic all other CPUs will wait on
> + * the panic_lock. They are stopped afterwards by smp_send_stop().
> + */
> + spin_lock(&panic_lock);
> +
hm. Boy. That'll stop 'em OK!
Should this be done earlier in the function? As it stands we'll have
multiple CPUs scribbling on buf[] at the same time and all trying to
print the same thing at the same time, dumping their stacks, etc.
Perhaps it would be better to single-thread all that stuff.
Also... this patch affects all CPU architectures, all configs, etc.
So we're expecting that every architecture's smp_send_stop() is able to
stop a CPU which is spinning in spin_lock(), possibly with local
interrupts disabled. Will this work?
WARNING: multiple messages have this Message-ID (diff)
From: Andrew Morton <akpm@linux-foundation.org>
To: holzheu@linux.vnet.ibm.com
Cc: heiko.carstens@de.ibm.com, kexec@lists.infradead.org,
linux-kernel@vger.kernel.org,
"Eric W. Biederman" <ebiederm@xmission.com>,
schwidefsky@de.ibm.com, Vivek Goyal <vgoyal@redhat.com>
Subject: Re: [PATCH] kdump: Fix crash_kexec - smp_send_stop race in panic
Date: Fri, 28 Oct 2011 16:11:43 -0700 [thread overview]
Message-ID: <20111028161143.e5ebf617.akpm@linux-foundation.org> (raw)
In-Reply-To: <1319639649.3321.11.camel@br98xy6r>
On Wed, 26 Oct 2011 16:34:09 +0200
Michael Holzheu <holzheu@linux.vnet.ibm.com> wrote:
> Hello Andrew,
>
> After the discussion with Eric and Vivek the following patch
> seems to be a good solution to me. Could you accept this patch?
>
> When two CPUs call panic at the same time there is a
> possible race condition that can stop kdump. The first
> CPU calls crash_kexec() and the second CPU calls
> smp_send_stop() in panic() before crash_kexec() finished
> on the first CPU. So the second CPU stops the first CPU
> and therefore kdump fails:
>
> 1st CPU:
> panic()->crash_kexec()->mutex_trylock(&kexec_mutex)-> do kdump
>
> 2nd CPU:
> panic()->crash_kexec()->kexec_mutex already held by 1st CPU
> ->smp_send_stop()-> stop 1st CPU (stop kdump)
>
> This patch fixes the problem by introducing a spinlock in
> panic that allows only one CPU to process crash_kexec() and
> the subsequent panic code.
>
> Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
> ---
> kernel/panic.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -59,6 +59,7 @@ EXPORT_SYMBOL(panic_blink);
> */
> NORET_TYPE void panic(const char * fmt, ...)
> {
> + static DEFINE_SPINLOCK(panic_lock);
> static char buf[1024];
> va_list args;
> long i, i_next = 0;
> @@ -82,6 +83,13 @@ NORET_TYPE void panic(const char * fmt,
> #endif
>
> /*
> + * Only one CPU is allowed to execute the panic code from here. For
> + * multiple parallel invocations of panic all other CPUs will wait on
> + * the panic_lock. They are stopped afterwards by smp_send_stop().
> + */
> + spin_lock(&panic_lock);
> +
hm. Boy. That'll stop 'em OK!
Should this be done earlier in the function? As it stands we'll have
multiple CPUs scribbling on buf[] at the same time and all trying to
print the same thing at the same time, dumping their stacks, etc.
Perhaps it would be better to single-thread all that stuff.
Also... this patch affects all CPU architectures, all configs, etc.
So we're expecting that every architecture's smp_send_stop() is able to
stop a CPU which is spinning in spin_lock(), possibly with local
interrupts disabled. Will this work?
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2011-10-28 23:11 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-26 14:34 [PATCH] kdump: Fix crash_kexec - smp_send_stop race in panic Michael Holzheu
2011-10-26 14:34 ` Michael Holzheu
2011-10-27 17:40 ` Vivek Goyal
2011-10-27 17:40 ` Vivek Goyal
2011-10-28 23:11 ` Andrew Morton [this message]
2011-10-28 23:11 ` Andrew Morton
2011-10-31 9:57 ` Michael Holzheu
2011-10-31 9:57 ` Michael Holzheu
2011-10-31 10:39 ` Andrew Morton
2011-10-31 10:39 ` Andrew Morton
2011-10-31 12:34 ` [PATCH v2] " Michael Holzheu
2011-10-31 12:34 ` Michael Holzheu
2011-11-01 20:04 ` Don Zickus
2011-11-01 20:04 ` Don Zickus
2011-11-02 10:03 ` Michael Holzheu
2011-11-02 10:03 ` Michael Holzheu
2011-11-02 10:03 ` Michael Holzheu
2011-11-02 20:57 ` Luck, Tony
2011-11-02 20:57 ` Luck, Tony
2011-11-03 10:07 ` [PATCH] " Michael Holzheu
2011-11-03 10:07 ` Michael Holzheu
2011-11-10 0:04 ` Andrew Morton
2011-11-10 0:04 ` Andrew Morton
2011-11-10 14:17 ` Américo Wang
2011-11-10 14:17 ` Américo Wang
[not found] ` <20111109160400.cc2d27d9.akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
2011-11-10 14:22 ` Michael Holzheu
2011-11-10 14:22 ` Michael Holzheu
2011-11-10 15:11 ` Chris Metcalf
2011-11-10 15:11 ` Chris Metcalf
[not found] ` <4EBBE9B4.3040009-kv+TWInifGbQT0dZR+AlfA@public.gmane.org>
2011-11-11 12:28 ` Michael Holzheu
2011-11-11 12:28 ` Michael Holzheu
2011-11-11 12:30 ` James Bottomley
2011-11-11 12:30 ` James Bottomley
2011-11-11 17:02 ` Chris Metcalf
2011-11-11 17:02 ` Chris Metcalf
[not found] ` <4EBD5536.7010806-kv+TWInifGbQT0dZR+AlfA@public.gmane.org>
2011-11-29 8:58 ` [PATCH v3] " Michael Holzheu
2011-11-29 8:58 ` Michael Holzheu
2011-11-11 17:45 ` [PATCH] " Richard Kuo
2011-11-11 17:45 ` Richard Kuo
2011-11-10 15:31 ` James Bottomley
2011-11-10 15:31 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111028161143.e5ebf617.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=ebiederm@xmission.com \
--cc=heiko.carstens@de.ibm.com \
--cc=holzheu@linux.vnet.ibm.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=schwidefsky@de.ibm.com \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.