Possible spinlock bug problem

Richard B. Johnson (root@chaos.analogic.com)
Tue, 4 Jan 2000 17:22:32 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian Hall: "Re: EXT3 Support"
Previous message: Chuck Lever: "Re: First draft list of 2.3.x "Things to fix""

I am trying to get Linux-2.3.35 running. As soon as my driver calls
poll_wait() I get the BUG from spinlock.h. No spinlocks were executed
(yet). The code never returns from poll_wait(). These drivers worked
to 2.3.15, then some kernel types were changed so I stopped changing
my code to match. Now I'm trying to get it to work with the newer
kernels.

Jan 4 15:06:40 chaos kernel: eip: c014a83b
Jan 4 15:06:40 chaos kernel: invalid operand: 0000
Jan 4 15:06:40 chaos kernel: CPU: 0
Jan 4 15:06:40 chaos kernel: EIP: 0010:[sd_mod:revalidate_scsidisk+-334295265/2736]
Jan 4 15:06:40 chaos kernel: EFLAGS: 00010086
Jan 4 15:06:40 chaos kernel: eax: 0000003f ebx: d2663010 ecx: 00000004 edx: c020c4f4
Jan 4 15:06:40 chaos kernel: esi: 00000286 edi: d2674000 ebp: d3b5c72c esp: d2675ee4
Jan 4 15:06:40 chaos kernel: ds: 0018 es: 0018 ss: 0018
Jan 4 15:06:40 chaos kernel: Process gpib_tester (pid: 138, stackpage=d2675000)
Jan 4 15:06:40 chaos kernel: Stack: 0000004e d2663000 d328ad80 00000000 d2675f14 d4045083 d328ad80 d3b5c72c
Jan 4 15:06:40 chaos kernel: d2663000 d328ad80 00000000 00000145 00000008 c014ad48 d328ad80 d2663000
Jan 4 15:06:40 chaos kernel: 00000001 00000004 d33f7558 00000000 00000000 01234567 d2674000 00000000
Jan 4 15:06:40 chaos kernel: Call Trace: [<d4045083>] [sd_mod:revalidate_scsidisk+-334294016/2736] [sd_mod:revalidate_scsidisk+-334292741/2736] [sd_mod:revalidate_scsidisk+-334558216/2736]
Jan 4 15:06:40 chaos kernel: Code: 0f 0b 83 c4 0c f0 0f ba 6d 00 00 0f 82 ed d5 08 00 85 ed 74

Trace: d4045083 <END_OF_CODE+8ff7/????>
Code: 00000000 Before first symbol 00000000 <_IP>: <===
Code: 00000000 Before first symbol 0: 0f 0b ud2a <===
Code: 00000002 Before first symbol 2: 83 c4 0c add $0xc,%esp
Code: 00000005 Before first symbol 5: f0 0f ba 6d 00 00 lock btsl $0x0,0x0(%ebp)
Code: 0000000b Before first symbol b: 0f 82 ed d5 08 00 jb 0008d5fe Before first symbol
Code: 00000011 Before first symbol 11: 85 ed test %ebp,%ebp
Code: 00000013 Before first symbol 13: 74 00 je 00000015 Before first symbol

3 warnings issued. Results may not be reliable.

Non pertainent stuff deleted from the source.

#define CLI spin_lock_irqsave(&info->device_lock, flags)
#define STI spin_unlock_irqrestore(&info->device_lock, flags)

typedef struct {
spinlock_t device_lock;
wait_queue_head_t wait;
} INFO;

static INFO *info;

static unsigned int device_poll(struct file *fp, poll_table *wait)
{
long flags;
unsigned int mask;
mask = 0;
printk("About to do poll_wait\n");

poll_wait(fp, &info->wait, wait); <================ Where it crashes.
printk("Returned from poll_wait\n");

printk("About to apply lock\n");
CLI;

int init_module(void)
{
if((info = (INFO *) kmalloc(sizeof(INFO), GFP_KERNEL)) == NULL)
{
printk(KERN_CRIT "Can't allocate memory for %s\n", devname);
return -ENOMEM;
}
init_waitqueue_head(&info->wait);
spin_lock_init(&info->device_lock);

In the previous kernels, I was able to get away with:

static volatile spinlock_t device_lock = SPIN_LOCK_UNLOCKED;

Now I get a compiler warning that 'volatile' is being discarded. Then,
on drivers that used spin-locks, I get the 'BUG' message because somebody
is overwriting my spin-locks. I had to move them out of static data
and allocate them dynamically. Then I was able to initialize with
spin_lock_init(). The corruption of my spin-locks occurred before
anything was executed, i.e., it could be detected in init_module().
If I initialized (even the static one) using spin_lock_init() it
would be okay thereafter. Incidentally, the spin-lock is being
overwritten with text, some stuff that normally is logged (printk stuff).

I grepped through the source looking for 'spinlock_t' and found a few
places where they were not initialized. I initialized those 7 in the
structure in fs/buffer.c and then the machine would not boot! It
could not read from initrd once the ram-disk was mounted. So there
is somebody who is counting on these locks being zero which may
point to some bug because they should have been {0, MAGIC}.

--- linux-2.3.35/fs/buffer.c.orig Tue Jan 4 15:11:55 2000
+++ linux-2.3.35/fs/buffer.c Tue Jan 4 15:19:47 2000
@@ -89,7 +89,13 @@
struct buffer_head *list;
spinlock_t lock;
};
-static struct bh_free_head free_list[NR_SIZES];
+static struct bh_free_head free_list[NR_SIZES]={ {NULL, SPIN_LOCK_UNLOCKED},
+ {NULL, SPIN_LOCK_UNLOCKED},
+ {NULL, SPIN_LOCK_UNLOCKED},
+ {NULL, SPIN_LOCK_UNLOCKED},
+ {NULL, SPIN_LOCK_UNLOCKED},
+ {NULL, SPIN_LOCK_UNLOCKED},
+ {NULL, SPIN_LOCK_UNLOCKED}};

kmem_cache_t *bh_cachep;

Anyway, 2.3.35 is now up.

Cheers,
Dick Johnson

Penguin : Linux version 2.3.35 on an i686 machine (400.59 BogoMips).

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Brian Hall: "Re: EXT3 Support"
Previous message: Chuck Lever: "Re: First draft list of 2.3.x "Things to fix""