From: Fengguang Wu <fengguang.wu@intel.com>
To: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Christoph Lameter <cl@linux.com>,
Shan Wei <davidshan@tencent.com>, Jet Chen <jet.chen@intel.com>,
Su Tao <tao.su@intel.com>, Yuanhan Liu <yuanhan.liu@intel.com>,
LKP <lkp@01.org>,
linux-kernel@vger.kernel.org, bobby.prani@gmail.com,
Tejun Heo <htejun@gmail.com>
Subject: Re: [rcu] BUG: unable to handle kernel NULL pointer dereference at 000000da
Date: Sat, 13 Sep 2014 20:38:57 +0800 [thread overview]
Message-ID: <20140913123857.GA20185@localhost> (raw)
In-Reply-To: <20140913003837.GO4775@linux.vnet.ibm.com>
On Fri, Sep 12, 2014 at 05:38:37PM -0700, Paul E. McKenney wrote:
> On Sat, Sep 13, 2014 at 08:20:05AM +0800, Fengguang Wu wrote:
> > On Fri, Sep 12, 2014 at 12:26:59PM -0700, Paul E. McKenney wrote:
> > > On Fri, Sep 12, 2014 at 02:19:57PM -0500, Christoph Lameter wrote:
> > > > On Fri, 12 Sep 2014, Paul E. McKenney wrote:
> > > >
> > > > > So, I am not seeing this failure in my testing, but my best guess is
> > > > > that the problem is due to the fact that force_quiescent_state() is
> > > > > sometimes invoked with preemption enabled, which breaks __this_cpu_read()
> > > > > though perhaps with very low probability. The common-case call (from
> > > > > __call_rcu_core()) -does- have preemption disabled, in fact, it has
> > > > > interrupts disabled.
> > > >
> > > > How could __this_cpu_read() break in a way that would make a difference to
> > > > the code? There was no disabling/enabling of preemption before the patch
> > > > and there is nothing like that after the patch. If there was a race then
> > > > it still exists. The modification certainly cannot create a race.
> > >
> > > Excellent question. Yet Fengguang's tests show breakage.
> > >
> > > Fengguang, any possibility of a false positive here?
> >
> > Yes, it is possible. I find the first bad commit and its parent
> > commit's kernels are built in 2 different machines which might
> > cause subtle changes. I'll redo the bisect.
>
> Thank you, Fengguang, and please let me know how it goes!
The new bisect finds the below commit. However, Christoph has fixed
this bug and it no longer shows up in current mainline and linux-next
trees. So please ignore this noise..
commit 188a81409ff7de1c5aae947a96356ddd8ff4aaa3
Author: Christoph Lameter <cl@linux.com>
Date: Mon Apr 7 15:39:44 2014 -0700
percpu: add preemption checks to __this_cpu ops
We define a check function in order to avoid trouble with the include
files. Then the higher level __this_cpu macros are modified to invoke
the preemption check.
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Christoph Lameter <cl@linux.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: Tejun Heo <tj@kernel.org>
Tested-by: Grygorii Strashko <grygorii.strashko@ti.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Thanks,
Fengguang
WARNING: multiple messages have this Message-ID (diff)
From: Fengguang Wu <fengguang.wu@intel.com>
To: lkp@lists.01.org
Subject: Re: [rcu] BUG: unable to handle kernel NULL pointer dereference at 000000da
Date: Sat, 13 Sep 2014 12:39:00 +0000 [thread overview]
Message-ID: <20140913123857.GA20185@localhost> (raw)
In-Reply-To: <20140913003837.GO4775@linux.vnet.ibm.com>
[-- Attachment #1: Type: text/plain, Size: 2458 bytes --]
On Fri, Sep 12, 2014 at 05:38:37PM -0700, Paul E. McKenney wrote:
> On Sat, Sep 13, 2014 at 08:20:05AM +0800, Fengguang Wu wrote:
> > On Fri, Sep 12, 2014 at 12:26:59PM -0700, Paul E. McKenney wrote:
> > > On Fri, Sep 12, 2014 at 02:19:57PM -0500, Christoph Lameter wrote:
> > > > On Fri, 12 Sep 2014, Paul E. McKenney wrote:
> > > >
> > > > > So, I am not seeing this failure in my testing, but my best guess is
> > > > > that the problem is due to the fact that force_quiescent_state() is
> > > > > sometimes invoked with preemption enabled, which breaks __this_cpu_read()
> > > > > though perhaps with very low probability. The common-case call (from
> > > > > __call_rcu_core()) -does- have preemption disabled, in fact, it has
> > > > > interrupts disabled.
> > > >
> > > > How could __this_cpu_read() break in a way that would make a difference to
> > > > the code? There was no disabling/enabling of preemption before the patch
> > > > and there is nothing like that after the patch. If there was a race then
> > > > it still exists. The modification certainly cannot create a race.
> > >
> > > Excellent question. Yet Fengguang's tests show breakage.
> > >
> > > Fengguang, any possibility of a false positive here?
> >
> > Yes, it is possible. I find the first bad commit and its parent
> > commit's kernels are built in 2 different machines which might
> > cause subtle changes. I'll redo the bisect.
>
> Thank you, Fengguang, and please let me know how it goes!
The new bisect finds the below commit. However, Christoph has fixed
this bug and it no longer shows up in current mainline and linux-next
trees. So please ignore this noise..
commit 188a81409ff7de1c5aae947a96356ddd8ff4aaa3
Author: Christoph Lameter <cl@linux.com>
Date: Mon Apr 7 15:39:44 2014 -0700
percpu: add preemption checks to __this_cpu ops
We define a check function in order to avoid trouble with the include
files. Then the higher level __this_cpu macros are modified to invoke
the preemption check.
[akpm(a)linux-foundation.org: coding-style fixes]
Signed-off-by: Christoph Lameter <cl@linux.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: Tejun Heo <tj@kernel.org>
Tested-by: Grygorii Strashko <grygorii.strashko@ti.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Thanks,
Fengguang
next prev parent reply other threads:[~2014-09-13 12:39 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-01 8:44 [rcu] BUG: unable to handle kernel NULL pointer dereference at 000000da Fengguang Wu
2014-09-01 8:44 ` Fengguang Wu
2014-09-12 19:02 ` Paul E. McKenney
2014-09-12 19:02 ` Paul E. McKenney
2014-09-12 19:19 ` Christoph Lameter
2014-09-12 19:20 ` Christoph Lameter
2014-09-12 19:26 ` Paul E. McKenney
2014-09-12 19:27 ` Paul E. McKenney
2014-09-13 0:20 ` Fengguang Wu
2014-09-13 0:20 ` Fengguang Wu
2014-09-13 0:38 ` Paul E. McKenney
2014-09-13 0:38 ` Paul E. McKenney
2014-09-13 12:38 ` Fengguang Wu [this message]
2014-09-13 12:39 ` Fengguang Wu
2014-09-12 20:39 ` Pranith Kumar
2014-09-12 20:41 ` Pranith Kumar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140913123857.GA20185@localhost \
--to=fengguang.wu@intel.com \
--cc=bobby.prani@gmail.com \
--cc=cl@linux.com \
--cc=davidshan@tencent.com \
--cc=htejun@gmail.com \
--cc=jet.chen@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@01.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=tao.su@intel.com \
--cc=yuanhan.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.