Add memory barrier when waiting on futex

From: Ma, Xindong
Date: Mon Nov 25 2013 - 08:15:37 EST

Next message: Luis Henriques: "[PATCH 3.5 57/78] ASoC: ak4642: prevent un-necessary changes to SG_SL1"
Previous message: Luis Henriques: "[PATCH 3.5 59/78] powerpc/powernv: Add PE to its own PELTV"
Next in thread: gregkh@xxxxxxxxxxxxxxxxxxx: "Re: Add memory barrier when waiting on futex"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We encountered following panic several times:
[ 74.671982] BUG: unable to handle kernel NULL pointer dereference at 00000008
[ 74.672101] IP: [<c129bb27>] wake_futex+0x47/0x80
[ 74.672185] *pdpt = 0000000010108001 *pde = 0000000000000000
[ 74.672278] Oops: 0002 [#1] PREEMPT SMP
[ 74.672403] Modules linked in: atomisp_css2400b0_v2 atomisp_css2400_v2 dfrgx bcm_bt_lpm videobuf_vmalloc videobuf_core hdmi_audio tngdisp bcm4335 kct_daemon(O) cfg80211
[ 74.672815] CPU: 0 PID: 1477 Comm: zygote Tainted: G W O 3.10.1-259934-g0bfb86e #1
[ 74.672855] Hardware name: Intel Corporation Merrifield/SALT BAY, BIOS 404 2013.10.09:15.29.48
[ 74.672894] task: d4c97220 ti: cfaa8000 task.ti: cfaa8000
[ 74.672933] EIP: 0060:[<c129bb27>] EFLAGS: 00210246 CPU: 0
[ 74.672975] EIP is at wake_futex+0x47/0x80
[ 74.673012] EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000
[ 74.673049] ESI: def4de5c EDI: ffffffff EBP: cfaa9eb4 ESP: cfaa9ea0
[ 74.673086] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 74.673123] CR0: 8005003b CR2: 00000008 CR3: 10109000 CR4: 001007f0
[ 74.673160] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 74.673196] DR6: ffff0ff0 DR7: 00000400
[ 74.673229] Stack:
[ 74.673260] 00000000 00000001 00000000 def4de5c c225eb50 cfaa9ee4 c129bc29 00000000
[ 74.673536] 00000000 7fffffff c225eb30 b4f38000 ec1a4b40 00000f90 7fffffff 00000001
[ 74.673814] b4f38f90 cfaa9f58 c129da0b ffffffff ffffffff cfaa9f10 c195d835 00000001
[ 74.674092] Call Trace:
[ 74.674144] [<c129bc29>] futex_wake+0xc9/0x110
[ 74.674195] [<c129da0b>] do_futex+0xeb/0x950
[ 74.674246] [<c195d835>] ? sub_preempt_count+0x55/0xe0
[ 74.674293] [<c1275aee>] ? wake_up_new_task+0xee/0x190
[ 74.674341] [<c195a31b>] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 74.674388] [<c1275aee>] ? wake_up_new_task+0xee/0x190
[ 74.674436] [<c1241afc>] ? do_fork+0xec/0x350
[ 74.674484] [<c129e30b>] SyS_futex+0x9b/0x140
[ 74.674533] [<c1312298>] ? SyS_mprotect+0x188/0x1e0
[ 74.674582] [<c195a718>] syscall_call+0x7/0xb

On smp systems, setting current task to q->task in queue_me() may
not visible immediately to another cpu, some times this will
cause panic in wake_futex(). Adding memory barrier to avoid this.

Signed-off-by: Leon Ma <xindong.ma@xxxxxxxxx>
Signed-off-by: xiaobing tu <xiaobing.tu@xxxxxxxxx>
---
kernel/futex.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/kernel/futex.c b/kernel/futex.c
index 80ba086..792cd41 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -1529,6 +1529,7 @@ static inline void queue_me(struct futex_q *q, struct futex_hash_bucket *hb)
plist_node_init(&q->list, prio);
plist_add(&q->list, &hb->chain);
q->task = current;
+ smp_mb();
spin_unlock(&hb->lock);
}

--
1.7.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Luis Henriques: "[PATCH 3.5 57/78] ASoC: ak4642: prevent un-necessary changes to SG_SL1"
Previous message: Luis Henriques: "[PATCH 3.5 59/78] powerpc/powernv: Add PE to its own PELTV"
Next in thread: gregkh@xxxxxxxxxxxxxxxxxxx: "Re: Add memory barrier when waiting on futex"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]