* futex: Ahead futex_init from __initcall to core_initcall
@ 2016-12-30 8:17 Yang Yang
2017-02-13 15:16 ` [tip:locking/urgent] futex: Move futex_init() " tip-bot for Yang Yang
0 siblings, 1 reply; 2+ messages in thread
From: Yang Yang @ 2016-12-30 8:17 UTC (permalink / raw)
To: tglx
Cc: linux-kernel, jiang.biao2, deng.huali, jiang.zhengxiong, zhong.weidong
If configs UEVENT_HELPER_PATH [=/sbin/mdev](/sbin/mdev belongs to busybox),
the kernel may trigger oops and kill progress "mdev" when booting.
The reason is when the init progress is calling do_one_initcall(),devices
will be added and trigger /sbin/mdev to execute(in order to make device
nodes automatically),then /sbin/mdev will call SyS_futex().But when
SyS_futex() visit the global variable futex_queues,it maynot be
initalized yet at this time.
Ahead futex_init from __initcall to core_initcall will make sure
futex_queues is always initalized before the /sbin/mdev executes.
See oops below on arm CPU SABER.
The bug maynot occur due to different race conditions on different CPUs.
But it has a chance to occur by using QUME simulating x86 CPU with
kernel linux-4.10-rc1.
Unable to handle kernel NULL pointer dereference at virtual
address 00000000 pgd = ed100000
[00000000] *pgd=8e0b1831, *pte=00000000, *ppte=00000000
Internal error: Oops: 17 [#1] ARM
Modules linked in:
task: ed08b080 ti: ed0ea000 task.ti: ed0ea000
PC is at futex_wake+0x58/0x11c
LR is at futex_wake+0x48/0x11c
pc : [<c004baac>] lr : [<c004ba9c>] psr: a0000213
sp : ed0ebe98 ip : bec10000 fp : ed0ebecc
r10: 00000000 r9 : 00000001 r8 : 00000000
r7 : c088e700 r6 : ffffffff r5 : 00000001 r4 : 00008114
r3 : 00000000 r2 : c088e700 r1 : 34a81583 r0 : fffffff4
Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
Control: 12c53c7d Table: 8e100059 DAC: 00000015
Process mdev (pid: 225, stack limit = 0xed0ea1b0)
Backtrace:
[<c004ba54>] (futex_wake+0x0/0x11c) from [<c004d3dc>]
[<c004d2b8>] (do_futex+0x0/0x870) from [<c004dbb0>]
[<c004db28>] (SyS_futex+0x0/0x16c) from [<c0009240>]
Code: e1a07000 e5903000 e1500003 e243000c (e5934000)
Signed-off-by: Yang Yang <yang.yang29@zte.com.cn>
---
kernel/futex.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/futex.c b/kernel/futex.c
index 0842c8c..cdf3650 100755
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -3323,4 +3323,4 @@ static int __init futex_init(void)
return 0;
}
-__initcall(futex_init);
+core_initcall(futex_init);
--
1.7.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [tip:locking/urgent] futex: Move futex_init() to core_initcall
2016-12-30 8:17 futex: Ahead futex_init from __initcall to core_initcall Yang Yang
@ 2017-02-13 15:16 ` tip-bot for Yang Yang
0 siblings, 0 replies; 2+ messages in thread
From: tip-bot for Yang Yang @ 2017-02-13 15:16 UTC (permalink / raw)
To: linux-tip-commits; +Cc: mingo, tglx, hpa, yang.yang29, peterz, linux-kernel
Commit-ID: 25f71d1c3e98ef0e52371746220d66458eac75bc
Gitweb: http://git.kernel.org/tip/25f71d1c3e98ef0e52371746220d66458eac75bc
Author: Yang Yang <yang.yang29@zte.com.cn>
AuthorDate: Fri, 30 Dec 2016 16:17:55 +0800
Committer: Thomas Gleixner <tglx@linutronix.de>
CommitDate: Mon, 13 Feb 2017 16:12:22 +0100
futex: Move futex_init() to core_initcall
The UEVENT user mode helper is enabled before the initcalls are executed
and is available when the root filesystem has been mounted.
The user mode helper is triggered by device init calls and the executable
might use the futex syscall.
futex_init() is marked __initcall which maps to device_initcall, but there
is no guarantee that futex_init() is invoked _before_ the first device init
call which triggers the UEVENT user mode helper.
If the user mode helper uses the futex syscall before futex_init() then the
syscall crashes with a NULL pointer dereference because the futex subsystem
has not been initialized yet.
Move futex_init() to core_initcall so futexes are initialized before the
root filesystem is mounted and the usermode helper becomes available.
[ tglx: Rewrote changelog ]
Signed-off-by: Yang Yang <yang.yang29@zte.com.cn>
Cc: jiang.biao2@zte.com.cn
Cc: jiang.zhengxiong@zte.com.cn
Cc: zhong.weidong@zte.com.cn
Cc: deng.huali@zte.com.cn
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/1483085875-6130-1-git-send-email-yang.yang29@zte.com.cn
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
kernel/futex.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/futex.c b/kernel/futex.c
index 0842c8ca..cdf3650 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -3323,4 +3323,4 @@ static int __init futex_init(void)
return 0;
}
-__initcall(futex_init);
+core_initcall(futex_init);
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-02-13 15:18 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-12-30 8:17 futex: Ahead futex_init from __initcall to core_initcall Yang Yang
2017-02-13 15:16 ` [tip:locking/urgent] futex: Move futex_init() " tip-bot for Yang Yang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.