FSM Client and Server #331
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rogerq
pushed a commit
to rogerq/linux
that referenced
this pull request
Jan 9, 2017
… recovery
The keystone remoteproc driver performs an error recovery by scheduling
a workqueue from the keystone_remoteproc_exception_interrupt() handler
when using in-kernel remoteproc core loader/boot mechanism. This interrupt
is registered with IRQF_ONESHOT at the moment, and it results in a
"scheduling while atomic" BUG when running on RT-Linux. Oneshot interrupts
keep the irq line masked until the threaded handler has finished, and
the workqueue scheduling uses spinlocks for synchronization which get
transformed to rt_mutexes on RT. So, fix this by not using IRQF_ONESHOT
while requesting the interrupt. This interrupt is processed by UIO
framework when using the userspace based load/boot mechanism, and
doesn't need any changes in that path.
remoteproc0: crash detected in 10800000.dsp0: type device exception
BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:931
in_atomic(): 1, irqs_disabled(): 128, pid: 53, name: irq/66-soc:keys
1 lock held by irq/66-soc:keys/53:
#0: (&kirq->wa_lock){......}, at: [<c031773c>] keystone_irq_handler+0xec/0x240
irq event stamp: 170018
hardirqs last enabled at (170017): [<c06b2920>] _raw_spin_unlock_irqrestore+0x78/0x80
hardirqs last disabled at (170018): [<c06b2734>] _raw_spin_lock_irqsave+0x1c/0x58
softirqs last enabled at (0): [<c0023664>] copy_process+0x2bc/0x1678
softirqs last disabled at (0): [< (null)>] (null)
Preemption disabled at:[< (null)>] (null)
CPU: 0 PID: 53 Comm: irq/66-soc:keys Tainted: G W 4.4.36-rt43-03400-gba94d7c1a7fa torvalds#331
Hardware name: Keystone
[<c0017568>] (unwind_backtrace) from [<c00139e0>] (show_stack+0x10/0x14)
[<c00139e0>] (show_stack) from [<c02e4c00>] (dump_stack+0x98/0xc4)
[<c02e4c00>] (dump_stack) from [<c06b2ca0>] (rt_spin_lock+0x24/0x5c)
[<c06b2ca0>] (rt_spin_lock) from [<c003b254>] (queue_work_on+0x60/0x194)
[<c003b254>] (queue_work_on) from [<bf04e488>] (keystone_rproc_exception_interrupt+0x10/0x18 [keystone_remoteproc])
[<bf04e488>] (keystone_rproc_exception_interrupt [keystone_remoteproc]) from [<c0081ff8>] (handle_irq_event_percpu+0x8c/0x178)
[<c0081ff8>] (handle_irq_event_percpu) from [<c008211c>] (handle_irq_event+0x38/0x5c)
[<c008211c>] (handle_irq_event) from [<c0085384>] (handle_level_irq+0xc4/0x168)
[<c0085384>] (handle_level_irq) from [<c0081654>] (generic_handle_irq+0x24/0x34)
[<c0081654>] (generic_handle_irq) from [<c0317748>] (keystone_irq_handler+0xf8/0x240)
[<c0317748>] (keystone_irq_handler) from [<c00830f8>] (irq_forced_thread_fn+0x20/0x74)
[<c00830f8>] (irq_forced_thread_fn) from [<c0083470>] (irq_thread+0x15c/0x230)
[<c0083470>] (irq_thread) from [<c0044898>] (kthread+0xf0/0x108)
[<c0044898>] (kthread) from [<c00102d0>] (ret_from_fork+0x14/0x24)
remoteproc0: handling crash #1 in 10800000.dsp0!!
remoteproc0: recovering 10800000.dsp0
remoteproc0: stopped remote processor 10800000.dsp0
remoteproc0: powering up 10800000.dsp0
remoteproc0: Booting fw image keystone-dsp0-fw, size 3704928
remoteproc0: remote processor 10800000.dsp0 is now up
virtio_rpmsg_bus virtio0: rpmsg host is online
virtio_rpmsg_bus virtio0: creating channel rpmsg-proto addr 0x3d
remoteproc0: registered virtio0 (type 7)
Signed-off-by: Suman Anna <[email protected]>
laijs
added a commit
to laijs/linux
that referenced
this pull request
Feb 16, 2017
Fix torvalds#331 test_getdents64() doesn't test the return value of snprintf(), it ends up stackoverflow when it continues to do snprintf(). Signed-off-by: Lai Jiangshan <[email protected]>
tobetter
pushed a commit
to tobetter/linux
that referenced
this pull request
Dec 23, 2017
Netconsole support for XU4's network card
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Nov 10, 2019
Inside print_request(), we query the context/timeline name. Nothing immediately protects the context from being freed if the request is complete -- we rely on serialisation by the caller to keep the name valid until they finish using it. Inside intel_engine_dump(), we generally only print the requsts in the execution queue protected by the engine->active.lock, but we also show the pending execlists ports which are not protected and so require an rcu_read_lock to keep the pointer valid. [ 1695.700883] BUG: KASAN: use-after-free in i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.700981] Read of size 8 at addr ffff8887344f4d50 by task gem_ctx_persist/2968 [ 1695.701068] [ 1695.701156] CPU: 1 PID: 2968 Comm: gem_ctx_persist Tainted: G U 5.4.0-rc6+ torvalds#331 [ 1695.701246] Hardware name: Intel Corporation NUC7i5BNK/NUC7i5BNB, BIOS BNKBL357.86A.0052.2017.0918.1346 09/18/2017 [ 1695.701334] Call Trace: [ 1695.701424] dump_stack+0x5b/0x90 [ 1695.701870] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.701964] print_address_description.constprop.7+0x36/0x50 [ 1695.702408] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.702856] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.702947] __kasan_report.cold.10+0x1a/0x3a [ 1695.703390] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.703836] i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.704241] print_request+0x82/0x2e0 [i915] [ 1695.704638] ? fwtable_read32+0x133/0x360 [i915] [ 1695.705042] ? write_timestamp+0x110/0x110 [i915] [ 1695.705133] ? _raw_spin_lock_irqsave+0x79/0xc0 [ 1695.705221] ? refcount_inc_not_zero_checked+0x91/0x110 [ 1695.705306] ? refcount_dec_and_mutex_lock+0x50/0x50 [ 1695.705709] ? intel_engine_find_active_request+0x202/0x230 [i915] [ 1695.706115] intel_engine_dump+0x2c9/0x900 [i915] Fixes: c36eebd ("drm/i915/gt: execlists->active is serialised by the tasklet") Signed-off-by: Chris Wilson <[email protected]> Cc: Mika Kuoppala <[email protected]> Cc: Tvrtko Ursulin <[email protected]>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Nov 12, 2019
Inside print_request(), we query the context/timeline name. Nothing immediately protects the context from being freed if the request is complete -- we rely on serialisation by the caller to keep the name valid until they finish using it. Inside intel_engine_dump(), we generally only print the requests in the execution queue protected by the engine->active.lock, but we also show the pending execlists ports which are not protected and so require a rcu_read_lock to keep the pointer valid. [ 1695.700883] BUG: KASAN: use-after-free in i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.700981] Read of size 8 at addr ffff8887344f4d50 by task gem_ctx_persist/2968 [ 1695.701068] [ 1695.701156] CPU: 1 PID: 2968 Comm: gem_ctx_persist Tainted: G U 5.4.0-rc6+ torvalds#331 [ 1695.701246] Hardware name: Intel Corporation NUC7i5BNK/NUC7i5BNB, BIOS BNKBL357.86A.0052.2017.0918.1346 09/18/2017 [ 1695.701334] Call Trace: [ 1695.701424] dump_stack+0x5b/0x90 [ 1695.701870] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.701964] print_address_description.constprop.7+0x36/0x50 [ 1695.702408] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.702856] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.702947] __kasan_report.cold.10+0x1a/0x3a [ 1695.703390] ? i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.703836] i915_fence_get_timeline_name+0x53/0x90 [i915] [ 1695.704241] print_request+0x82/0x2e0 [i915] [ 1695.704638] ? fwtable_read32+0x133/0x360 [i915] [ 1695.705042] ? write_timestamp+0x110/0x110 [i915] [ 1695.705133] ? _raw_spin_lock_irqsave+0x79/0xc0 [ 1695.705221] ? refcount_inc_not_zero_checked+0x91/0x110 [ 1695.705306] ? refcount_dec_and_mutex_lock+0x50/0x50 [ 1695.705709] ? intel_engine_find_active_request+0x202/0x230 [i915] [ 1695.706115] intel_engine_dump+0x2c9/0x900 [i915] Fixes: c36eebd ("drm/i915/gt: execlists->active is serialised by the tasklet") Signed-off-by: Chris Wilson <[email protected]> Cc: Mika Kuoppala <[email protected]> Cc: Tvrtko Ursulin <[email protected]> Reviewed-by: Mika Kuoppala <[email protected]> Link: https://patchwork.freedesktop.org/patch/msgid/[email protected] (cherry picked from commit fecffa4) Signed-off-by: Joonas Lahtinen <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
FSM Subsystem for linux kernel.
http://fsmos.ru/en