From: Bjorn Helgaas <helgaas@kernel.org>
To: Keith Busch <keith.busch@intel.com>
Cc: linux-pci@vger.kernel.org, Bjorn Helgaas <bhelgaas@google.com>,
Jon Derrick <jonathan.derrick@intel.com>
Subject: Re: [PATCH 1/2] vmd: Fix infinite loop executing irq's
Date: Fri, 5 Aug 2016 12:03:02 -0500 [thread overview]
Message-ID: <20160805170302.GA432@localhost> (raw)
In-Reply-To: <1470348549-10855-1-git-send-email-keith.busch@intel.com>
Hi Keith,
On Thu, Aug 04, 2016 at 04:09:08PM -0600, Keith Busch wrote:
> We can't initialize the list head on deletion as this causes the node
> to point to itself, looping infinitely if the vmd IRQ handler happens
> to be servicing that node.
>
> The list initialization supposed to fix a bug from multiple calls to
> disable the same IRQ. We can fix this instead just checking if the
> previous pointer indicates it was already deleted.
>
> Signed-off-by: Keith Busch <keith.busch@intel.com>
> ---
> arch/x86/pci/vmd.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/pci/vmd.c b/arch/x86/pci/vmd.c
> index e88b417..2294907 100644
> --- a/arch/x86/pci/vmd.c
> +++ b/arch/x86/pci/vmd.c
> @@ -136,8 +136,8 @@ static void vmd_irq_disable(struct irq_data *data)
> data->chip->irq_mask(data);
>
> raw_spin_lock_irqsave(&list_lock, flags);
> - list_del_rcu(&vmdirq->node);
> - INIT_LIST_HEAD_RCU(&vmdirq->node);
> + if (vmdirq->node.prev != LIST_POISON2)
> + list_del_rcu(&vmdirq->node);
It doesn't seem quite right to test for LIST_POISON2. It seems like a
little too much knowledge of list internals. There are no other
similar tests in the kernel. Surely this isn't the only case where we
need to remove from a list that another thread might be traversing. I
would look for other similar situations and copy the way they handle
it.
I think I saw a Fixes: tag later, so I assume you'll pick that up for
v2. Should this also be tagged for stable? Are there any bug reports
we should reference?
> raw_spin_unlock_irqrestore(&list_lock, flags);
> }
>
next prev parent reply other threads:[~2016-08-05 17:03 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-04 22:09 [PATCH 1/2] vmd: Fix infinite loop executing irq's Keith Busch
2016-08-04 22:09 ` [PATCH 2/2] vmd: Synchronize with RCU freeing msi irq descs Keith Busch
2016-08-08 16:47 ` Jon Derrick
2016-08-29 16:07 ` Jon Derrick
2016-09-14 22:10 ` Bjorn Helgaas
2016-08-04 22:48 ` [PATCH 1/2] vmd: Fix infinite loop executing irq's Myron Stowe
2016-08-04 23:12 ` Derrick, Jonathan
2016-08-05 17:03 ` Bjorn Helgaas [this message]
2016-08-05 21:02 ` Keith Busch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160805170302.GA432@localhost \
--to=helgaas@kernel.org \
--cc=bhelgaas@google.com \
--cc=jonathan.derrick@intel.com \
--cc=keith.busch@intel.com \
--cc=linux-pci@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.