leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
16e19e1122
linux/drivers/dma
History
Dave Jiang 16e19e1122 dmaengine: idxd: Fix list corruption in description completion 
Sanjay reported the following kernel splat after running dmatest for stress
testing. The current code is giving up the spinlock in the middle of
a completion list walk, and that opens up opportunity for list corruption
if another thread touches the list at the same time. In order to make sure
the list is always protected, the hardware completed descriptors will be
put on a local list to be completed with callbacks from the outside of
the list lock.

kernel: general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] SMP NOPTI
kernel: CPU: 62 PID: 1814 Comm: irq/89-idxd-por Tainted: G        W         5.10.0-intel-next_10_16+ #1
kernel: Hardware name: Intel Corporation ArcherCity/ArcherCity, BIOS EGSDCRB1.SBT.4915.D02.2012070418 12/07/2020
kernel: RIP: 0010:irq_process_work_list+0xcd/0x170 [idxd]
kernel: Code: e8 18 65 5c d3 8b 45 d4 85 c0 75 b3 4c 89 f7 e8 b9 fe ff ff 84 c0 74 bf 4c 89 e7 e8 dd 6b 5c d3 49 8b 3f 49 8b 4f 08 48 89 c6 <48> 89 4f 08 48 89 39 4c 89 e7 48 b9 00 01 00 00 00 00 ad de 49 89
kernel: RSP: 0018:ff256768c4353df8 EFLAGS: 00010046
kernel: RAX: 0000000000000202 RBX: dead000000000100 RCX: dead000000000122
kernel: RDX: 0000000000000001 RSI: 0000000000000202 RDI: dead000000000100
kernel: RBP: ff256768c4353e40 R08: 0000000000000001 R09: 0000000000000000
kernel: R10: 0000000000000000 R11: 00000000ffffffff R12: ff1fdf9fd06b3e48
kernel: R13: 0000000000000005 R14: ff1fdf9fc4275980 R15: ff1fdf9fc4275a00
kernel: FS:  0000000000000000(0000) GS:ff1fdfa32f880000(0000) knlGS:0000000000000000
kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
kernel: CR2: 00007f87f24012a0 CR3: 000000010f630004 CR4: 0000000003771ee0
kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
kernel: DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
kernel: PKRU: 55555554
kernel: Call Trace:
kernel: ? irq_thread+0xa9/0x1b0
kernel: idxd_wq_thread+0x34/0x90 [idxd]
kernel: irq_thread_fn+0x24/0x60
kernel: irq_thread+0x10f/0x1b0
kernel: ? irq_forced_thread_fn+0x80/0x80
kernel: ? wake_threads_waitq+0x30/0x30
kernel: ? irq_thread_check_affinity+0xe0/0xe0
kernel: kthread+0x142/0x160
kernel: ? kthread_park+0x90/0x90
kernel: ret_from_fork+0x1f/0x30
kernel: Modules linked in: idxd_ktest dmatest intel_rapl_msr idxd_mdev iTCO_wdt vfio_pci vfio_virqfd iTCO_vendor_support intel_rapl_common i10nm_edac nfit x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper rapl msr pcspkr snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg ofpart snd_hda_codec snd_hda_core snd_hwdep cmdlinepart snd_seq snd_seq_device idxd snd_pcm intel_spi_pci intel_spi snd_timer spi_nor input_leds joydev snd i2c_i801 mtd soundcore i2c_smbus mei_me mei i2c_ismt ipmi_ssif acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler mac_hid sunrpc nls_iso8859_1 sch_fq_codel ip_tables x_tables xfs libcrc32c ast drm_vram_helper drm_ttm_helper ttm igc wmi pinctrl_sunrisepoint hid_generic usbmouse usbkbd usbhid hid
kernel: ---[ end trace cd5ca950ef0db25f ]---

Reported-by: Sanjay Kumar <sanjay.k.kumar@intel.com>
Signed-off-by: Dave Jiang <dave.jiang@intel.com>
Tested-by: Sanjay Kumar <sanjay.k.kumar@intel.com>
Fixes: e4f4d8cdeb ("dmaengine: idxd: Clean up descriptors with fault error")
Link: https://lore.kernel.org/r/161074757267.2183951.17912830858060607266.stgit@djiang5-desk3.ch.intel.com
Signed-off-by: Vinod Koul <vkoul@kernel.org>
2021-01-17 12:19:25 +05:30
..
bestcomm treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
dw dmaengine: dw: Enable runtime PM 2020-11-09 17:19:20 +05:30
dw-axi-dmac dmaengine: dw-axi-dmac: drop of_match_ptr from of_device_id table 2020-11-24 23:02:20 +05:30
dw-edma dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk() 2020-12-29 10:08:00 +05:30
fsl-dpaa2-qdma dmaengine: fsl-dpaa2-qdma: remove set but not used variable 'dpaa2_qdma' 2020-03-06 19:04:55 +05:30
hsu dmaengine updates for v5.3-rc1 2019-07-17 09:55:43 -07:00
idxd dmaengine: idxd: Fix list corruption in description completion 2021-01-17 12:19:25 +05:30
ioat dmaengine: ioatdma: remove unused function missed during dma_v2 removal 2020-11-16 22:42:28 +05:30
ipu dmaengine: ipu_idmac: remove redundant irqsave and restore in hardIRQ 2020-11-09 17:25:53 +05:30
mediatek dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function 2020-12-29 10:07:59 +05:30
ppc4xx dmaengine: ppc4xx: remove xor_hw_desc assignment without reading 2020-10-30 14:10:27 +05:30
qcom dmaengine: qcom: fix gpi undefined behavior 2021-01-04 18:08:36 +05:30
sf-pdma dmaengine: sf: drop of_match_ptr from of_device_id table 2020-11-24 23:02:20 +05:30
sh dmaengine: rcar-dmac: drop double zeroing 2020-10-05 10:18:08 +05:30
ti dmaengine: ti: k3-udma: Fix pktdma rchan TPL level setup 2020-12-29 10:07:59 +05:30
xilinx dmaengine: xilinx_dma: fix mixed_enum_type coverity warning 2021-01-04 18:12:39 +05:30
acpi-dma.c dmaengine: acpi: Put the CSRT table after using it 2020-08-17 10:21:37 +05:30
altera-msgdma.c dmaengine: altera-msgdma: fix kernel-doc style for tasklet 2020-10-08 15:18:37 +05:30
amba-pl08x.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
at_hdmac_regs.h dmaengine: at_hdmac: Replace zero-length array with flexible-array 2020-05-13 20:25:16 +05:30
at_hdmac.c dmaengine: at_hdmac: convert tasklets to use new tasklet_setup() API 2020-09-18 12:18:11 +05:30
at_xdmac.c dmaengine: at_xdmac: add AXI priority support and recommended settings 2020-10-30 14:10:27 +05:30
bcm2835-dma.c dmaengine: bcm2835: Drop local dma_parms 2020-09-11 17:42:12 +05:30
bcm-sba-raid.c dmaengine: bcm-sba-raid: Replace zero-length array with flexible-array member 2020-02-13 20:15:35 +05:30
coh901318_lli.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 2019-05-30 11:29:22 -07:00
coh901318.c dmaengine: coh901318: convert tasklets to use new tasklet_setup() API 2020-09-18 12:18:11 +05:30
coh901318.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 2019-05-30 11:29:22 -07:00
dma-axi-dmac.c dmaengine: axi-dmac: Drop local dma_parms 2020-09-11 17:42:12 +05:30
dma-jz4780.c dmaengine: jz4780: drop of_match_ptr from of_device_id table 2020-11-24 23:02:20 +05:30
dmaengine.c dmaengine: fix error codes in channel_register() 2020-11-18 17:51:51 +05:30
dmaengine.h dmaengine: Create debug directories for DMA devices 2020-03-11 14:56:14 +05:30
dmatest.c dmaengine: dmatest: Use dmaengine_get_dma_device 2020-12-11 21:20:08 +05:30
ep93xx_dma.c dmaengine: ep93xx: convert tasklets to use new tasklet_setup() API 2020-09-18 12:18:11 +05:30
fsl_raid.c dmaengine: fsl: remove bad channel update 2020-10-05 09:59:17 +05:30
fsl_raid.h
fsl-edma-common.c dmaengine: fsl-edma: fix wrong tcd endianness for big-endian cpu 2020-07-06 14:49:22 +05:30
fsl-edma-common.h dmaengine: fsl-edma-common: correct DSIZE_32BYTE 2020-07-06 10:24:49 +05:30
fsl-edma.c dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler 2020-06-24 13:05:01 +05:30
fsl-qdma.c dmaengine: Extend NXP QDMA driver to check transmission errors 2020-07-17 11:50:03 +05:30
fsldma.c dmaengine: fsl: convert tasklets to use new tasklet_setup() API 2020-09-18 12:21:07 +05:30
fsldma.h fsldma: fix very broken 32-bit ppc ioread64 functionality 2020-08-29 13:50:56 -07:00
hisi_dma.c dmaengine: hisi_dma: remove redundant irqsave and irqrestore in hardIRQ 2020-11-09 17:25:54 +05:30
idma64.c dmaengine: idma64: Switch to use __maybe_unused instead of ifdeffery 2020-11-09 17:21:05 +05:30
idma64.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
img-mdc-dma.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 422 2019-06-05 17:37:15 +02:00
imx-dma.c dmaengine: imx-dma: Remove unused .id_table 2020-11-24 22:55:07 +05:30
imx-sdma.c dmaengine: imx-sdma: Remove unused .id_table support 2020-11-18 17:50:27 +05:30
iop-adma.c Merge branch 'topic/tasklet' into next 2020-10-01 10:18:59 +05:30
iop-adma.h treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
k3dma.c dmaengine: k3dma: remove redundant irqsave and irqrestore in hardIRQ 2020-11-09 17:25:54 +05:30
Kconfig dmaengine updates for v5.11-rc1 2020-12-17 12:52:23 -08:00
lpc18xx-dmamux.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
Makefile misc: mic: remove the MIC drivers 2020-10-28 19:12:03 +01:00
mcf-edma.c dmaengine: mcf-edma: Fix NULL pointer exception in mcf_edma_tx_handler 2020-06-24 13:06:15 +05:30
milbeaut-hdmac.c dmaengine: Replace zero-length array with flexible-array 2020-06-15 23:08:30 -05:00
milbeaut-xdmac.c dmaengine: milbeaut-xdmac: Fix a resource leak in the error handling path of the probe function 2020-12-29 10:08:00 +05:30
mmp_pdma.c dmaengine: mmp: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:06 +05:30
mmp_tdma.c dmaengine: mmp: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:06 +05:30
moxart-dma.c dmaengine: moxart-dma: remove redundant irqsave and irqrestore in hardIRQ 2020-11-09 17:25:54 +05:30
mpc512x_dma.c dmaengine: mpc512x: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:06 +05:30
mv_xor_v2.c dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() 2020-11-24 22:55:15 +05:30
mv_xor.c dmaengine: mv_xor: drop of_match_ptr from of_device_id table 2020-11-24 23:02:20 +05:30
mv_xor.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
mxs-dma.c dmaengine: mxs-dma: Remove the unused .id_table 2020-11-24 22:55:15 +05:30
nbpfaxi.c dmaengine: nbpfaxi: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:06 +05:30
of-dma.c dmaengine: of-dma: Add support for optional router configuration callback 2020-12-11 21:20:08 +05:30
owl-dma.c dmaengine: owl-dma: fix kernel-doc style for enum 2020-10-08 15:18:48 +05:30
pch_dma.c dmaengine: pch_dma: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:06 +05:30
pl330.c dmaengine updates for v5.11-rc1 2020-12-17 12:52:23 -08:00
plx_dma.c dmaengine: plx_dma: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
pxa_dma.c dmaengine: pxa_dma: remove redundant irqsave and irqrestore in hardIRQ 2020-11-09 17:25:54 +05:30
s3c24xx-dma.c dmaengine: s3c24xx-dma: fix spelling mistake "to" -> "too" 2020-01-23 17:03:25 +05:30
sa11x0-dma.c dmaengine: sa11x0: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
sirf-dma.c dmaengine: sirf-dma: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
sprd-dma.c dmaengine: sprd: Set request pending flag when DMA controller is active 2020-03-23 11:38:24 +05:30
st_fdma.c iov_iter: Move unnecessary inclusion of crypto/hash.h 2020-06-30 09:34:23 -04:00
st_fdma.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ste_dma40_ll.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 2019-05-30 11:29:22 -07:00
ste_dma40_ll.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 2019-05-30 11:29:22 -07:00
ste_dma40.c dmaengine: ste_dma40: remove redundant irqsave and irqrestore in hardIRQ 2020-11-09 17:25:54 +05:30
stm32-dma.c dmaengine: stm32-dma: take address into account when computing max width 2020-12-11 21:13:08 +05:30
stm32-dmamux.c dmaengine: stm32: mark of_device_id table as maybe unused 2020-11-24 23:02:20 +05:30
stm32-mdma.c dmaengine: stm32-mdma: fix STM32_MDMA_VERY_HIGH_PRIORITY value 2021-01-04 21:27:45 +05:30
sun4i-dma.c dmaengine: sun4i-dma: Demote obvious misuse of kerneldoc to standard comment blocks 2020-07-15 17:50:47 +05:30
sun6i-dma.c dmaengine: sun6i: Add support for A100 DMA 2020-11-18 16:28:49 +05:30
tegra20-apb-dma.c dmaengine: tegra20: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
tegra210-adma.c dmaengine: tegra210-adma: remove redundant irqsave and irqrestore in hardIRQ 2020-11-09 17:25:54 +05:30
timb_dma.c dmaengine: timb_dma: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
TODO
txx9dmac.c dmaengine: txx9dmac: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
txx9dmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
uniphier-mdmac.c dmaengine: uniphier-mdmac: replace zero-length array with flexible-array member 2020-02-13 20:15:57 +05:30
uniphier-xdmac.c iov_iter: Move unnecessary inclusion of crypto/hash.h 2020-06-30 09:34:23 -04:00
virt-dma.c dmaengine: virt-dma: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
virt-dma.h dmaengine: virt-dma: Add missing locking around list operations 2019-12-26 10:04:18 +05:30
xgene-dma.c dmaengine: xgene: convert tasklets to use new tasklet_setup() API 2020-09-18 12:19:07 +05:30
zx_dma.c dmaengine: zx: remove redundant irqsave in hardIRQ 2020-09-18 12:30:50 +05:30