• Boqun Feng's avatar
    kvm/x86: Handle async PF in RCU read-side critical sections · b862789a
    Boqun Feng authored
    Sasha Levin reported a WARNING:
    
    | WARNING: CPU: 0 PID: 6974 at kernel/rcu/tree_plugin.h:329
    | rcu_preempt_note_context_switch kernel/rcu/tree_plugin.h:329 [inline]
    | WARNING: CPU: 0 PID: 6974 at kernel/rcu/tree_plugin.h:329
    | rcu_note_context_switch+0x16c/0x2210 kernel/rcu/tree.c:458
    ...
    | CPU: 0 PID: 6974 Comm: syz-fuzzer Not tainted 4.13.0-next-20170908+ #246
    | Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
    | 1.10.1-1ubuntu1 04/01/2014
    | Call Trace:
    ...
    | RIP: 0010:rcu_preempt_note_context_switch kernel/rcu/tree_plugin.h:329 [inline]
    | RIP: 0010:rcu_note_context_switch+0x16c/0x2210 kernel/rcu/tree.c:458
    | RSP: 0018:ffff88003b2debc8 EFLAGS: 00010002
    | RAX: 0000000000000001 RBX: 1ffff1000765bd85 RCX: 0000000000000000
    | RDX: 1ffff100075d7882 RSI: ffffffffb5c7da20 RDI: ffff88003aebc410
    | RBP: ffff88003b2def30 R08: dffffc0000000000 R09: 0000000000000001
    | R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003b2def08
    | R13: 0000000000000000 R14: ffff88003aebc040 R15: ffff88003aebc040
    | __schedule+0x201/0x2240 kernel/sched/core.c:3292
    | schedule+0x113/0x460 kernel/sched/core.c:3421
    | kvm_async_pf_task_wait+0x43f/0x940 arch/x86/kernel/kvm.c:158
    | do_async_page_fault+0x72/0x90 arch/x86/kernel/kvm.c:271
    | async_page_fault+0x22/0x30 arch/x86/entry/entry_64.S:1069
    | RIP: 0010:format_decode+0x240/0x830 lib/vsprintf.c:1996
    | RSP: 0018:ffff88003b2df520 EFLAGS: 00010283
    | RAX: 000000000000003f RBX: ffffffffb5d1e141 RCX: ffff88003b2df670
    | RDX: 0000000000000001 RSI: dffffc0000000000 RDI: ffffffffb5d1e140
    | RBP: ffff88003b2df560 R08: dffffc0000000000 R09: 0000000000000000
    | R10: ffff88003b2df718 R11: 0000000000000000 R12: ffff88003b2df5d8
    | R13: 0000000000000064 R14: ffffffffb5d1e140 R15: 0000000000000000
    | vsnprintf+0x173/0x1700 lib/vsprintf.c:2136
    | sprintf+0xbe/0xf0 lib/vsprintf.c:2386
    | proc_self_get_link+0xfb/0x1c0 fs/proc/self.c:23
    | get_link fs/namei.c:1047 [inline]
    | link_path_walk+0x1041/0x1490 fs/namei.c:2127
    ...
    
    This happened when the host hit a page fault, and delivered it as in an
    async page fault, while the guest was in an RCU read-side critical
    section.  The guest then tries to reschedule in kvm_async_pf_task_wait(),
    but rcu_preempt_note_context_switch() would treat the reschedule as a
    sleep in RCU read-side critical section, which is not allowed (even in
    preemptible RCU).  Thus the WARN.
    
    To cure this, make kvm_async_pf_task_wait() go to the halt path if the
    PF happens in a RCU read-side critical section.
    Reported-by: 's avatarSasha Levin <levinsasha928@gmail.com>
    Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: stable@vger.kernel.org
    Signed-off-by: 's avatarBoqun Feng <boqun.feng@gmail.com>
    Signed-off-by: 's avatarPaolo Bonzini <pbonzini@redhat.com>
    b862789a
Name
Last commit
Last update
Documentation Loading commit data...
arch Loading commit data...
block Loading commit data...
certs Loading commit data...
crypto Loading commit data...
drivers Loading commit data...
firmware Loading commit data...
fs Loading commit data...
include Loading commit data...
init Loading commit data...
ipc Loading commit data...
kernel Loading commit data...
lib Loading commit data...
mm Loading commit data...
net Loading commit data...
samples Loading commit data...
scripts Loading commit data...
security Loading commit data...
sound Loading commit data...
tools Loading commit data...
usr Loading commit data...
virt Loading commit data...
.cocciconfig Loading commit data...
.get_maintainer.ignore Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
COPYING Loading commit data...
CREDITS Loading commit data...
Kbuild Loading commit data...
Kconfig Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
README Loading commit data...