| From: Sebastian Andrzej Siewior <bigeasy@linutronix.de> |
| Date: Mon, 12 Dec 2016 16:14:18 +0100 |
| Subject: [PATCH] workqueue: use rcu_readlock() in put_pwq_unlocked() |
| |
| The RCU sched protection was changed to RCU only and so all IRQ-off and |
| preempt-off disabled region were changed to the relevant rcu-read-lock |
| primitives. One was missed and triggered: |
| |[ BUG: bad unlock balance detected! ] |
| |4.4.30-rt41 #51 Tainted: G W |
| |btattach/345 is trying to release lock ( |
| |Unable to handle kernel paging request at virtual address 6b6b6bbb |
| |Backtrace: |
| |[<c016b5a0>] (lock_release) from [<c0804844>] (rt_spin_unlock+0x20/0x30) |
| |[<c0804824>] (rt_spin_unlock) from [<c0138954>] (put_pwq_unlocked+0xa4/0x118) |
| |[<c01388b0>] (put_pwq_unlocked) from [<c0138b2c>] (destroy_workqueue+0x164/0x1b0) |
| |[<c01389c8>] (destroy_workqueue) from [<c078e1ac>] (hci_unregister_dev+0x120/0x21c) |
| |[<c078e08c>] (hci_unregister_dev) from [<c054f658>] (hci_uart_tty_close+0x90/0xbc) |
| |[<c054f5c8>] (hci_uart_tty_close) from [<c03a2be8>] (tty_ldisc_close+0x50/0x58) |
| |[<c03a2b98>] (tty_ldisc_close) from [<c03a2cb4>] (tty_ldisc_kill+0x18/0x78) |
| |[<c03a2c9c>] (tty_ldisc_kill) from [<c03a3528>] (tty_ldisc_release+0x100/0x134) |
| |[<c03a3428>] (tty_ldisc_release) from [<c039cd68>] (tty_release+0x3bc/0x460) |
| |[<c039c9ac>] (tty_release) from [<c020cc08>] (__fput+0xe0/0x1b4) |
| |[<c020cb28>] (__fput) from [<c020cd3c>] (____fput+0x10/0x14) |
| |[<c020cd2c>] (____fput) from [<c013e0d4>] (task_work_run+0xa4/0xb8) |
| |[<c013e030>] (task_work_run) from [<c0121754>] (do_exit+0x40c/0x8b0) |
| |[<c0121348>] (do_exit) from [<c0122ff8>] (do_group_exit+0x54/0xc4) |
| |
| Cc: stable-rt@vger.kernel.org |
| Reported-by: John Keeping <john@metanate.com> |
| Tested-by: John Keeping <john@metanate.com> |
| Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> |
| --- |
| kernel/workqueue.c | 2 ++ |
| 1 file changed, 2 insertions(+) |
| |
| --- a/kernel/workqueue.c |
| +++ b/kernel/workqueue.c |
| @@ -1104,9 +1104,11 @@ static void put_pwq_unlocked(struct pool |
| * As both pwqs and pools are RCU protected, the |
| * following lock operations are safe. |
| */ |
| + rcu_read_lock(); |
| local_spin_lock_irq(pendingb_lock, &pwq->pool->lock); |
| put_pwq(pwq); |
| local_spin_unlock_irq(pendingb_lock, &pwq->pool->lock); |
| + rcu_read_unlock(); |
| } |
| } |
| |