Re: [Bugfix 4/5] x86/irq: Fix a race condition between vector assigning and cleanup
From: Thomas Gleixner
Date: Tue Dec 08 2015 - 16:32:12 EST
On Mon, 7 Dec 2015, Joe Lawrence wrote:
> On 12/01/2015 05:46 PM, Joe Lawrence wrote:
> > On 11/30/2015 03:09 AM, Jiang Liu wrote:
> > > Joe Lawrence <joe.lawrence@xxxxxxxxxxx> reported an use after release
> > > issue related to x86 IRQ management code. Please refer to following
> > > link for more information:
> > > https://www.mail-archive.com/linux-kernel@xxxxxxxxxxxxxxx/msg1026840.html
> > >
> > > Thomas pointed out that it's caused by a race condition between
> > > __assign_irq_vector() and __send_cleanup_vector(). Based on Thomas'
> > > draft patch, we solve this race condition by:
> > > 1) Use move_in_progress to signal that an IRQ cleanup IPI is needed
> > > 2) Use old_domain to save old CPU mask for IRQ cleanup
> > > 3) Use vector to protect move_in_progress and old_domain
> > >
> > > This bugfix patch also helps to get rid of that atomic allocation in
> > > __send_cleanup_vector().
> > >
> > > Signed-off-by: Jiang Liu <jiang.liu@xxxxxxxxxxxxxxx>
> > > ---
> >
> > [ ... snip ... ]
> >
> > Jiang, Thomas,
> >
> > Last night I ran with Jiang's five-patch-set on top of 4.3. Tests
> > started with regular sysfs device removal of mpt HBAs, then later I
> > added disk stress (the disks are software RAID1 across the HBAs) .. no
> > issues.
> >
> > I'll kick off some tougher surprise device removal tests tonight to
> > further kick the tires.
>
> Testing looked good. Feel to add a Tested-by and/or Reported-by.
Ok. Great. I'll pick that lot up and tag it for stable.
Thanks,
tglx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/