diff options
| author | Michael Holzheu <holzheu@linux.vnet.ibm.com> | 2012-01-12 20:20:18 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-12 23:13:11 -0500 |
| commit | 93e13a360ba331915220f82f6e9543df961ffa1f (patch) | |
| tree | 470c120ee5d3de69f46e62ec85452bee14e8d67c /kernel/panic.c | |
| parent | bec013c40bc89671d8d457944fdf7d2b8e79d651 (diff) | |
kdump: fix crash_kexec()/smp_send_stop() race in panic()
When two CPUs call panic at the same time there is a possible race
condition that can stop kdump. The first CPU calls crash_kexec() and the
second CPU calls smp_send_stop() in panic() before crash_kexec() finished
on the first CPU. So the second CPU stops the first CPU and therefore
kdump fails:
1st CPU:
panic()->crash_kexec()->mutex_trylock(&kexec_mutex)-> do kdump
2nd CPU:
panic()->crash_kexec()->kexec_mutex already held by 1st CPU
->smp_send_stop()-> stop 1st CPU (stop kdump)
This patch fixes the problem by introducing a spinlock in panic that
allows only one CPU to process crash_kexec() and the subsequent panic
code.
All other CPUs call the weak function panic_smp_self_stop() that stops the
CPU itself. This function can be overloaded by architecture code. For
example "tile" can use their lower-power "nap" instruction for that.
Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Acked-by: Chris Metcalf <cmetcalf@tilera.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/panic.c')
| -rw-r--r-- | kernel/panic.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/kernel/panic.c b/kernel/panic.c index 6fd09ed6fd90..5dce5404eeef 100644 --- a/kernel/panic.c +++ b/kernel/panic.c | |||
| @@ -49,6 +49,15 @@ static long no_blink(int state) | |||
| 49 | long (*panic_blink)(int state); | 49 | long (*panic_blink)(int state); |
| 50 | EXPORT_SYMBOL(panic_blink); | 50 | EXPORT_SYMBOL(panic_blink); |
| 51 | 51 | ||
| 52 | /* | ||
| 53 | * Stop ourself in panic -- architecture code may override this | ||
| 54 | */ | ||
| 55 | void __weak panic_smp_self_stop(void) | ||
| 56 | { | ||
| 57 | while (1) | ||
| 58 | cpu_relax(); | ||
| 59 | } | ||
| 60 | |||
| 52 | /** | 61 | /** |
| 53 | * panic - halt the system | 62 | * panic - halt the system |
| 54 | * @fmt: The text string to print | 63 | * @fmt: The text string to print |
| @@ -59,6 +68,7 @@ EXPORT_SYMBOL(panic_blink); | |||
| 59 | */ | 68 | */ |
| 60 | void panic(const char *fmt, ...) | 69 | void panic(const char *fmt, ...) |
| 61 | { | 70 | { |
| 71 | static DEFINE_SPINLOCK(panic_lock); | ||
| 62 | static char buf[1024]; | 72 | static char buf[1024]; |
| 63 | va_list args; | 73 | va_list args; |
| 64 | long i, i_next = 0; | 74 | long i, i_next = 0; |
| @@ -68,8 +78,14 @@ void panic(const char *fmt, ...) | |||
| 68 | * It's possible to come here directly from a panic-assertion and | 78 | * It's possible to come here directly from a panic-assertion and |
| 69 | * not have preempt disabled. Some functions called from here want | 79 | * not have preempt disabled. Some functions called from here want |
| 70 | * preempt to be disabled. No point enabling it later though... | 80 | * preempt to be disabled. No point enabling it later though... |
| 81 | * | ||
| 82 | * Only one CPU is allowed to execute the panic code from here. For | ||
| 83 | * multiple parallel invocations of panic, all other CPUs either | ||
| 84 | * stop themself or will wait until they are stopped by the 1st CPU | ||
| 85 | * with smp_send_stop(). | ||
| 71 | */ | 86 | */ |
| 72 | preempt_disable(); | 87 | if (!spin_trylock(&panic_lock)) |
| 88 | panic_smp_self_stop(); | ||
| 73 | 89 | ||
| 74 | console_verbose(); | 90 | console_verbose(); |
| 75 | bust_spinlocks(1); | 91 | bust_spinlocks(1); |