# git rev-parse -q --verify ad7b4e8022b9864c075fe71e1328b1d25cad82f6^{commit} ad7b4e8022b9864c075fe71e1328b1d25cad82f6 already have revision, skipping fetch # git checkout -q -f -B kisskb ad7b4e8022b9864c075fe71e1328b1d25cad82f6 # git clean -qxdf # < git log -1 # commit ad7b4e8022b9864c075fe71e1328b1d25cad82f6 # Author: Frederic Barrat # Date: Tue Apr 3 15:54:02 2018 +0200 # # cxl: Fix possible deadlock when processing page faults from cxllib # # cxllib_handle_fault() is called by an external driver when it needs to # have the host resolve page faults for a buffer. The buffer can cover # several pages and VMAs. The function iterates over all the pages used # by the buffer, based on the page size of the VMA. # # To ensure some stability while processing the faults, the thread T1 # grabs the mm->mmap_sem semaphore with read access (R1). However, when # processing a page fault for a single page, one of the underlying # functions, copro_handle_mm_fault(), also grabs the same semaphore with # read access (R2). So the thread T1 takes the semaphore twice. # # If another thread T2 tries to access the semaphore in write mode W1 # (say, because it wants to allocate memory and calls 'brk'), then that # thread T2 will have to wait because there's a reader (R1). If the # thread T1 is processing a new page at that time, it won't get an # automatic grant at R2, because there's now a writer thread # waiting (T2). And we have a deadlock. # # The timeline is: # 1. thread T1 owns the semaphore with read access R1 # 2. thread T2 requests write access W1 and waits # 3. thread T1 requests read access R2 and waits # # The fix is for the thread T1 to release the semaphore R1 once it got # the information it needs from the current VMA. The address space/VMAs # could evolve while T1 iterates over the full buffer, but in the # unlikely case where T1 misses a page, the external driver will raise a # new page fault when retrying the memory access. # # Fixes: 3ced8d730063 ("cxl: Export library to support IBM XSL") # Cc: stable@vger.kernel.org # 4.13+ # Signed-off-by: Frederic Barrat # Signed-off-by: Michael Ellerman # < /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-gcc --version # < git log --format=%s --max-count=1 ad7b4e8022b9864c075fe71e1328b1d25cad82f6 # < make -s -j 48 ARCH=powerpc O=/kisskb/build/powerpc-next_allmodconfig+64K_PAGES_powerpc CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- allmodconfig # Added to kconfig CONFIG_BUILD_DOCSRC=n # Added to kconfig CONFIG_MODULE_SIG=n # Added to kconfig CONFIG_SAMPLES=n # Added to kconfig CONFIG_PPC_4K_PAGES=n # Added to kconfig CONFIG_PPC_64K_PAGES=y # yes \n | make -s -j 48 ARCH=powerpc O=/kisskb/build/powerpc-next_allmodconfig+64K_PAGES_powerpc CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- oldconfig yes: standard output: Broken pipe yes: write error # make -s -j 48 ARCH=powerpc O=/kisskb/build/powerpc-next_allmodconfig+64K_PAGES_powerpc CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- /kisskb/src/mm/swap_state.c: In function '__add_to_swap_cache': /kisskb/src/mm/swap_state.c:135:5: warning: 'error' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/mm/hugetlb.c: In function 'alloc_pool_huge_page': /kisskb/src/mm/hugetlb.c:1439:5: warning: 'page' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/auxdisplay/img-ascii-lcd.c: In function 'malta_update': /kisskb/src/drivers/auxdisplay/img-ascii-lcd.c:109:5: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/auxdisplay/img-ascii-lcd.c: In function 'sead3_update': /kisskb/src/drivers/auxdisplay/img-ascii-lcd.c:207:5: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/kernel/cgroup/cgroup-v1.c: In function 'cgroup1_mount': /kisskb/src/kernel/cgroup/cgroup-v1.c:1268:20: warning: 'root' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/ata/ahci_qoriq.c: In function 'ahci_qoriq_hardreset': /kisskb/src/arch/powerpc/include/asm/io-defs.h:12:1: warning: 'px_is' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/ata/ahci_qoriq.c:86:14: note: 'px_is' was declared here /kisskb/src/arch/powerpc/include/asm/io-defs.h:12:1: warning: 'px_cmd' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/ata/ahci_qoriq.c:86:6: note: 'px_cmd' was declared here /kisskb/src/kernel/printk/printk.c: In function 'devkmsg_sysctl_set_loglvl': /kisskb/src/kernel/printk/printk.c:183:16: warning: 'old' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/sound/hda/hdac_regmap.c: In function 'hda_reg_write': /kisskb/src/sound/hda/hdac_regmap.c:282:16: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/f2fs/file.c: In function 'f2fs_precache_extents': /kisskb/src/fs/f2fs/file.c:2786:6: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/sound/soc/codecs/arizona.c: In function 'arizona_hw_params': /kisskb/src/sound/soc/codecs/arizona.c:1889:3: warning: 'aif_rx_state' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/sound/soc/codecs/arizona.c:1886:3: warning: 'aif_tx_state' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/net/bridge/br_netlink.c: In function 'br_process_vlan_info': /kisskb/src/net/bridge/br_netlink.c:577:10: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/sound/soc/codecs/da7219-aad.c: In function 'da7219_aad_hptest_work': /kisskb/src/sound/soc/codecs/da7219-aad.c:318:17: warning: 'pll_ctrl' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/sound/soc/codecs/rt5665.c: In function 'rt5665_i2s_pin_event': /kisskb/src/sound/soc/codecs/rt5665.c:2666:23: warning: 'val2' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/sound/soc/codecs/rt5665.c:2663:23: warning: 'val1' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/nfsd/nfs4xdr.c: In function 'nfsd4_encode_components_esc': /kisskb/src/fs/nfsd/nfs4xdr.c:2043:9: warning: 'str' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/dma-buf/reservation.c: In function 'reservation_object_add_shared_replace': /kisskb/src/drivers/dma-buf/reservation.c:207:2: warning: 'k' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/dma-buf/reservation.c:210:7: warning: 'i' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/btrfs/ref-verify.c: In function 'process_extent_item.isra.0': /kisskb/src/fs/btrfs/ref-verify.c:516:2: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/btrfs/ref-verify.c: In function 'process_leaf': /kisskb/src/fs/btrfs/ref-verify.c:568:2: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/input/joystick/analog.c:176:2: warning: #warning Precise timer not defined for this architecture. [-Wcpp] /kisskb/src/drivers/iommu/io-pgtable-arm-v7s.c: In function '__arm_v7s_map.constprop.5': /kisskb/src/drivers/iommu/io-pgtable-arm-v7s.c:433:7: warning: 'cptep' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/net/mac80211/mlme.c: In function 'ieee80211_handle_pwr_constr.isra.12': /kisskb/src/net/mac80211/mlme.c:1350:3: warning: 'pwr_level_cisco' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/input/rmi4/rmi_f11.c: In function 'rmi_f11_finger_handler': /kisskb/src/drivers/input/rmi4/rmi_f11.c:631:3: warning: 'abs_fingers' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/gpu/drm/nouveau/nvkm/subdev/top/gk104.c: In function 'gk104_top_oneinit': /kisskb/src/drivers/gpu/drm/nouveau/nvkm/subdev/top/gk104.c:101:1: warning: 'inst' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/gpu/drm/nouveau/nvkm/subdev/top/gk104.c:101:1: warning: 'type' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/gpu/drm/nouveau/nv50_display.c: In function 'nv50_head_lut_load': /kisskb/src/arch/powerpc/include/asm/io.h:178:1: warning: 'b' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/gpu/drm/nouveau/nv50_display.c:1813:18: note: 'b' was declared here /kisskb/src/arch/powerpc/include/asm/io.h:178:1: warning: 'g' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/gpu/drm/nouveau/nv50_display.c:1813:15: note: 'g' was declared here /kisskb/src/arch/powerpc/include/asm/io.h:178:1: warning: 'r' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/gpu/drm/nouveau/nv50_display.c:1813:12: note: 'r' was declared here /kisskb/src/drivers/net/tun.c: In function 'tun_get_user': /kisskb/src/drivers/net/tun.c:1816:30: warning: 'copylen' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/tun.c:1726:46: warning: 'linear' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/tty/serial/8250/8250_core.c: In function 'serial_unlink_irq_chain': /kisskb/src/drivers/tty/serial/8250/8250_core.c:251:18: warning: 'i' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c: In function 'ibmvscsis_rdma': /kisskb/src/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c:3323:18: warning: 'server_ioba' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c:3317:18: warning: 'client_ioba' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/media/usb/dvb-usb/pctv452e.c: In function 'pctv452e_frontend_attach': /kisskb/src/drivers/media/usb/dvb-usb/pctv452e.c:922:2: warning: value computed is not used [-Wunused-value] /kisskb/src/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c: In function 'update_root_ft_create': /kisskb/src/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c:867:5: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/wireless/broadcom/b43/phy_n.c: In function 'b43_nphy_rf_ctl_override_rev7': /kisskb/src/drivers/net/wireless/broadcom/b43/phy_n.c:202:21: warning: 'val_addr' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c: In function 'rtl8723a_phy_lc_calibrate': /kisskb/src/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c:3481:23: warning: 'rf_amode' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/staging/lustre/lustre/ptlrpc/nrs.c: In function 'ptlrpc_nrs_policy_register.constprop.1': /kisskb/src/include/linux/string.h:266:29: warning: array subscript is above array bounds [-Warray-bounds] WARNING: vmlinux.o(.text+0x36b1b8): Section mismatch in reference from the function .devm_memremap_pages() to the function .meminit.text:.arch_add_memory() The function .devm_memremap_pages() references the function __meminit .arch_add_memory(). This is often because .devm_memremap_pages lacks a __meminit annotation or the annotation of .arch_add_memory is wrong. WARNING: vmlinux.o(.text+0x36ba14): Section mismatch in reference from the function .devm_memremap_pages_release() to the function .meminit.text:.arch_remove_memory() The function .devm_memremap_pages_release() references the function __meminit .arch_remove_memory(). This is often because .devm_memremap_pages_release lacks a __meminit annotation or the annotation of .arch_remove_memory is wrong. WARNING: vmlinux.o(.text+0x487acc): Section mismatch in reference from the function .hmm_devmem_release() to the function .meminit.text:.arch_remove_memory() The function .hmm_devmem_release() references the function __meminit .arch_remove_memory(). This is often because .hmm_devmem_release lacks a __meminit annotation or the annotation of .arch_remove_memory is wrong. WARNING: vmlinux.o(.text+0x487f50): Section mismatch in reference from the function .hmm_devmem_pages_create() to the function .meminit.text:.arch_add_memory() The function .hmm_devmem_pages_create() references the function __meminit .arch_add_memory(). This is often because .hmm_devmem_pages_create lacks a __meminit annotation or the annotation of .arch_add_memory is wrong. WARNING: vmlinux.o(.text.unlikely+0x304): Section mismatch in reference from the function .init_fallback_flush() to the function .init.text:.ppc64_bolted_size() The function .init_fallback_flush() references the function __init .ppc64_bolted_size(). This is often because .init_fallback_flush lacks a __init annotation or the annotation of .ppc64_bolted_size is wrong. WARNING: vmlinux.o(.text.unlikely+0x330): Section mismatch in reference from the function .init_fallback_flush() to the function .init.text:.memblock_alloc_base() The function .init_fallback_flush() references the function __init .memblock_alloc_base(). This is often because .init_fallback_flush lacks a __init annotation or the annotation of .memblock_alloc_base is wrong. WARNING: vmlinux.o(.text.unlikely+0x26e0): Section mismatch in reference from the function .remove_pmd_table() to the function .meminit.text:.split_kernel_mapping() The function .remove_pmd_table() references the function __meminit .split_kernel_mapping(). This is often because .remove_pmd_table lacks a __meminit annotation or the annotation of .split_kernel_mapping is wrong. WARNING: vmlinux.o(.text.unlikely+0x2934): Section mismatch in reference from the function .remove_pud_table() to the function .meminit.text:.split_kernel_mapping() The function .remove_pud_table() references the function __meminit .split_kernel_mapping(). This is often because .remove_pud_table lacks a __meminit annotation or the annotation of .split_kernel_mapping is wrong. WARNING: drivers/hwmon/ibmpowernv.o(.text+0xa3c): Section mismatch in reference from the function .create_device_attrs() to the function .init.text:.make_sensor_label() The function .create_device_attrs() references the function __init .make_sensor_label(). This is often because .create_device_attrs lacks a __init annotation or the annotation of .make_sensor_label is wrong. /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-ld: drivers/misc/lkdtm.o: .opd is not a regular array of opd entries Completed OK # rm -rf /kisskb/build/powerpc-next_allmodconfig+64K_PAGES_powerpc # Build took: 0:11:11.974744