From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 95165C433DB for ; Mon, 1 Feb 2021 18:10:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5D1EB64DDE for ; Mon, 1 Feb 2021 18:10:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230224AbhBASKq (ORCPT ); Mon, 1 Feb 2021 13:10:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48158 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229963AbhBASKo (ORCPT ); Mon, 1 Feb 2021 13:10:44 -0500 Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 210F5C06174A for ; Mon, 1 Feb 2021 10:10:04 -0800 (PST) Received: by mail-qk1-x734.google.com with SMTP id k193so17168858qke.6 for ; Mon, 01 Feb 2021 10:10:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=aFYcz2wx3YcoNA7SoQ9+Z7cQV1+YG8iv6K+CoY5Z0tA=; b=p1a/Zon4q10aFOJ0j1zT9J9N3mmhk1TXF/8mZUhTtc7KPNT1flv6jASOH81zRd7ztV Abhdw4yW7eV+jw20qjq8m8fbf4394i61qQpmHgJBE5qYwxfhs/Hq/wQFnptJ6RRbOH/C TNw1RFwtvN2ox6+fKFHtuNuK+WuJe2yD3wxFwrTUXrDy85eqsb5OLDtJDEZKoaMoBGNv xf0FTrOnSR5Co00puFtdcCzbGkD7sFwVB7CV7B/zVfYHtDLh+zgAcMKvtjSNFdQAtYdZ pnz5UUZF93+fum3OOYQFAj5VzXkxcbKjeyRCAyKfliDjvsKkLjuiiIWoKMS6CTkrG7Zc OPsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=aFYcz2wx3YcoNA7SoQ9+Z7cQV1+YG8iv6K+CoY5Z0tA=; b=IRQ/D+D1SaRcnRpIU/QYYzINwGd/vJQl+XFeVHhsLD/AwRZ/nk5PyOvfRF/wnlPBt6 7LOkf/QLBgMf6OdqvLMVYTI5EOw5GDxSGA1iPzSAaR+ab968Kb87fNl496CQim9zwHjV ZUJ/VRhOHvEwKAeUSf8Jt+2Mv0ug9IIqAudHYCDNLbOKq+frNem4JQ9ncwObt5sg4mXX 14XzekJz+vA2Tl35wFGIVCldMOdKYBRa2s1rR9avfpOz+Ms+SGRqzUOSPXWsItE+bX// jnld78XLTHAOiCnstgPZlXxPzJlY/oriHV5Jx26KrbSZc+9hX3kfUd4n7QFKIidkrXXP n4mg== X-Gm-Message-State: AOAM533CmVEaIOk6ZJQ31uTRHod9FrfhrBwpVNybxb6RQdJEiyR7Mp73 fptU19mUMo5RqSpeuoZY4cWR9PrhKYDDtfi+kwpkug== X-Google-Smtp-Source: ABdhPJxxOUy3OV/E12GCdn/Fj4Wwp9IFhZ1vR4HVV3eYmdEgZzOM1ZPvKbDNnKm9qhGhDUClvYtVKjzP3MJr7QNnIkY= X-Received: by 2002:a05:620a:410f:: with SMTP id j15mr16821693qko.424.1612203003088; Mon, 01 Feb 2021 10:10:03 -0800 (PST) MIME-Version: 1.0 References: <5936f4a4-f150-e56e-f07d-1efee06eba16@redhat.com> In-Reply-To: <5936f4a4-f150-e56e-f07d-1efee06eba16@redhat.com> From: Dmitry Vyukov Date: Mon, 1 Feb 2021 19:09:51 +0100 Message-ID: Subject: Re: corrupted pvqspinlock in htab_map_update_elem To: Waiman Long Cc: Peter Zijlstra , Alexei Starovoitov , Daniel Borkmann , andrii@kernel.org, Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , kpsingh@kernel.org, netdev , bpf , LKML , Ingo Molnar Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 1, 2021 at 6:54 PM Waiman Long wrote: > > On 2/1/21 6:23 AM, Peter Zijlstra wrote: > > On Mon, Feb 01, 2021 at 10:50:58AM +0100, Peter Zijlstra wrote: > > > >>> queued_spin_unlock arch/x86/include/asm/qspinlock.h:56 [inline] > >>> lockdep_unlock+0x10e/0x290 kernel/locking/lockdep.c:124 > >>> debug_locks_off_graph_unlock kernel/locking/lockdep.c:165 [inline] > >>> print_usage_bug kernel/locking/lockdep.c:3710 [inline] > >> Ha, I think you hit a bug in lockdep. > > Something like so I suppose. > > > > --- > > Subject: locking/lockdep: Avoid unmatched unlock > > From: Peter Zijlstra > > Date: Mon Feb 1 11:55:38 CET 2021 > > > > Commit f6f48e180404 ("lockdep: Teach lockdep about "USED" <- "IN-NMI" > > inversions") overlooked that print_usage_bug() releases the graph_lock > > and called it without the graph lock held. > > > > Fixes: f6f48e180404 ("lockdep: Teach lockdep about "USED" <- "IN-NMI" inversions") > > Reported-by: Dmitry Vyukov > > Signed-off-by: Peter Zijlstra (Intel) > > --- > > kernel/locking/lockdep.c | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > --- a/kernel/locking/lockdep.c > > +++ b/kernel/locking/lockdep.c > > @@ -3773,7 +3773,7 @@ static void > > print_usage_bug(struct task_struct *curr, struct held_lock *this, > > enum lock_usage_bit prev_bit, enum lock_usage_bit new_bit) > > { > > - if (!debug_locks_off_graph_unlock() || debug_locks_silent) > > + if (!debug_locks_off() || debug_locks_silent) > > return; > > > > pr_warn("\n"); > > @@ -3814,6 +3814,7 @@ valid_state(struct task_struct *curr, st > > enum lock_usage_bit new_bit, enum lock_usage_bit bad_bit) > > { > > if (unlikely(hlock_class(this)->usage_mask & (1 << bad_bit))) { > > + graph_unlock() > > print_usage_bug(curr, this, bad_bit, new_bit); > > return 0; > > } > > I have also suspected doing unlock without a corresponding lock. This > patch looks good to me. > > Acked-by: Waiman Long Just so that it's not lost: there is still a bug related to bpf map lock, right?