Re: drivers/char/random.c line 728 BUG
From: Aaron Straus
Date: Thu Aug 28 2008 - 18:59:36 EST
Hi,
On Aug 26 03:59 PM, Aaron Straus wrote:
> kernel BUG at drivers/char/random.c:728!
OK so that's (outside spinlock):
BUG_ON(r->entropy_count > r->poolinfo->POOLBITS);
in credit_entropy_bits we do (inside spinlock):
r->entropy_count += nbits;
if (r->entropy_count < 0) {
DEBUG_ENT("negative entropy/overflow\n");
r->entropy_count = 0;
} else if (r->entropy_count > r->poolinfo->POOLBITS)
r->entropy_count = r->poolinfo->POOLBITS;
I wonder if we got unlucky and did the:
r->entropy_count += nbits
- overflowed the entropy_count THEN
- another thread hits the BUG before this thread reaches
r->entropy_count = r->poolinfo->POOLBITS;
--
I notice before this commit:
commit adc782dae6c4c0f6fb679a48a544cfbcd79ae3dc
Author: Matt Mackall <mpm@xxxxxxxxxxx>
Date: Tue Apr 29 01:03:07 2008 -0700
random: simplify and rename credit_entropy_store
The credit_entropy_store function looks like this:
spin_lock_irqsave(&r->lock, flags);
if (r->entropy_count + nbits < 0) {
DEBUG_ENT("negative entropy/overflow (%d+%d)\n",
r->entropy_count, nbits);
r->entropy_count = 0;
} else if (r->entropy_count + nbits > r->poolinfo->POOLBITS) {
r->entropy_count = r->poolinfo->POOLBITS;
} else {
r->entropy_count += nbits;
if (nbits)
DEBUG_ENT("added %d entropy credits to %s\n",
nbits, r->name);
}
Notice the old version is careful not to overflow r->entropy_count at
any point (even within the spinlock). So perhaps that's why we didn't
hit this BUG() in the past?
Thanks!
=a=
--
===================
Aaron Straus
aaron@xxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/