[tip:x86/fpu] x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state()

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: tip-bot for Suresh Siddha <suresh.b.siddha@intel.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@kernel.org,
	torvalds@linux-foundation.org, suresh.b.siddha@intel.com,
	oleg@redhat.com, tglx@linutronix.de, hpa@linux.intel.com
Subject: [tip:x86/fpu] x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state()
Date: Wed, 16 May 2012 17:18:26 -0700	[thread overview]
Message-ID: <tip-d75f1b391f5ef73016d14bc6f7e4725820ebaa5b@git.kernel.org> (raw)
In-Reply-To: <1336692811-30576-3-git-send-email-suresh.b.siddha@intel.com>

Commit-ID:  d75f1b391f5ef73016d14bc6f7e4725820ebaa5b
Gitweb:     http://git.kernel.org/tip/d75f1b391f5ef73016d14bc6f7e4725820ebaa5b
Author:     Suresh Siddha <suresh.b.siddha@intel.com>
AuthorDate: Wed, 16 May 2012 15:03:53 -0700
Committer:  H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Wed, 16 May 2012 15:17:17 -0700

x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state()

Code paths like fork(), exit() and signal handling flush the fpu
state explicitly to the structures in memory.

BUG_ON() in __sanitize_i387_state() is checking that the fpu state
is not live any more. But for preempt kernels, task can be scheduled
out and in at any place and the preload_fpu logic during context switch
can make the fpu registers live again.

For example, consider a 64-bit Task which uses fpu frequently and as such
you will find its fpu_counter mostly non-zero. During its time slice, kernel
used fpu by doing kernel_fpu_begin/kernel_fpu_end(). After this, in the same
scheduling slice, task-A got a signal to handle. Then during the signal
setup path we got preempted when we are just before the sanitize_i387_state()
in arch/x86/kernel/xsave.c:save_i387_xstate(). And when we come back we
will have the fpu registers live that can hit the bug_on.

Similarly during core dump, other threads can context-switch in and out
(because of spurious wakeups while waiting for the coredump to finish in
 kernel/exit.c:exit_mm()) and the main thread dumping core can run into this
bug when it finds some other thread with its fpu registers live on some other cpu.

So remove the paranoid check for now, even though it caught a bug in the
multi-threaded core dump case (fixed in the previous patch).

Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com>
Link: http://lkml.kernel.org/r/1336692811-30576-3-git-send-email-suresh.b.siddha@intel.com
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
---
 arch/x86/kernel/xsave.c |    2 --
 1 files changed, 0 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c
index e62728e..bd18149 100644
--- a/arch/x86/kernel/xsave.c
+++ b/arch/x86/kernel/xsave.c
@@ -48,8 +48,6 @@ void __sanitize_i387_state(struct task_struct *tsk)
 	if (!fx)
 		return;

-	BUG_ON(__thread_has_fpu(tsk));
-
 	xstate_bv = tsk->thread.fpu.state->xsave.xsave_hdr.xstate_bv;

 	/*

next prev parent reply	other threads:[~2012-05-17  0:18 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-05-07 19:07 [PATCH 1/2] coredump: flush the fpu exit state for proper multi-threaded core dump Suresh Siddha
2012-05-07 19:07 ` [PATCH 2/2] x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state() Suresh Siddha
2012-05-07 19:15 ` [PATCH 1/2] coredump: flush the fpu exit state for proper multi-threaded core dump Linus Torvalds
2012-05-07 20:09   ` Suresh Siddha
2012-05-08 23:18     ` Suresh Siddha
2012-05-08 23:18       ` [PATCH 1/3] " Suresh Siddha
2012-05-09 21:05         ` Oleg Nesterov
2012-05-09 21:32           ` Suresh Siddha
2012-05-10 16:55             ` Oleg Nesterov
2012-05-10 17:04               ` Linus Torvalds
2012-05-10 23:33                 ` [PATCH v2 1/4] fork: move the real prepare_to_copy() users to arch_dup_task_struct() Suresh Siddha
2012-05-10 23:33                   ` [PATCH v2 2/4] coredump: ensure the fpu state is flushed for proper multi-threaded core dump Suresh Siddha
2012-05-11 16:51                     ` Oleg Nesterov
2012-05-11 19:05                       ` Suresh Siddha
2012-05-13 16:11                         ` Oleg Nesterov
2012-05-15 18:03                           ` Suresh Siddha
2012-05-15 18:55                             ` Oleg Nesterov
2012-05-17  0:17                     ` [tip:x86/fpu] " tip-bot for Suresh Siddha
2012-05-10 23:33                   ` [PATCH v2 3/4] x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state() Suresh Siddha
2012-05-17  0:18                     ` tip-bot for Suresh Siddha [this message]
2012-05-10 23:33                   ` [PATCH v2 4/4] x86, fpu: drop the fpu state during thread exit Suresh Siddha
2012-05-17  0:19                     ` [tip:x86/fpu] " tip-bot for Suresh Siddha
2012-05-11  0:17                   ` [PATCH v2 1/4] fork: move the real prepare_to_copy() users to arch_dup_task_struct() Benjamin Herrenschmidt
2012-05-17  0:16                   ` [tip:x86/fpu] " tip-bot for Suresh Siddha
2012-05-10 23:48                 ` [PATCH 1/3] coredump: flush the fpu exit state for proper multi-threaded core dump Suresh Siddha
2012-05-08 23:18       ` [PATCH 2/3] x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state() Suresh Siddha
2012-05-09 20:30         ` Oleg Nesterov
2012-05-09 21:18           ` Suresh Siddha
2012-05-10 16:36             ` Oleg Nesterov
2012-05-08 23:18       ` [PATCH 3/3] x86, fpu: clear the fpu state during thread exit Suresh Siddha

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e62728e dfblob:bd18149 )
 OR (
bs:"[tip:x86/fpu] x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=tip-d75f1b391f5ef73016d14bc6f7e4725820ebaa5b@git.kernel.org \
    --to=suresh.b.siddha@intel.com \
    --cc=hpa@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-tip-commits@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=oleg@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).