linux/drivers/hv
Vitaly Kuznetsov 4e4bd36f97 Drivers: hv: balloon: check if ha_region_mutex was acquired in MEM_CANCEL_ONLINE case
Memory notifiers are being executed in a sequential order and when one of
them fails returning something different from NOTIFY_OK the remainder of
the notification chain is not being executed. When a memory block is being
onlined in online_pages() we do memory_notify(MEM_GOING_ONLINE, ) and if
one of the notifiers in the chain fails we end up doing
memory_notify(MEM_CANCEL_ONLINE, ) so it is possible for a notifier to see
MEM_CANCEL_ONLINE without seeing the corresponding MEM_GOING_ONLINE event.
E.g. when CONFIG_KASAN is enabled the kasan_mem_notifier() is being used
to prevent memory hotplug, it returns NOTIFY_BAD for all MEM_GOING_ONLINE
events. As kasan_mem_notifier() comes before the hv_memory_notifier() in
the notification chain we don't see the MEM_GOING_ONLINE event and we do
not take the ha_region_mutex. We, however, see the MEM_CANCEL_ONLINE event
and unconditionally try to release the lock, the following is observed:

[  110.850927] =====================================
[  110.850927] [ BUG: bad unlock balance detected! ]
[  110.850927] 4.1.0-rc3_bugxxxxxxx_test_xxxx #595 Not tainted
[  110.850927] -------------------------------------
[  110.850927] systemd-udevd/920 is trying to release lock
(&dm_device.ha_region_mutex) at:
[  110.850927] [<ffffffff81acda0e>] mutex_unlock+0xe/0x10
[  110.850927] but there are no more locks to release!

At the same time we can have the ha_region_mutex taken when we get the
MEM_CANCEL_ONLINE event in case one of the memory notifiers after the
hv_memory_notifier() in the notification chain failed so we need to add
the mutex_is_locked() check. In case of MEM_ONLINE we are always supposed
to have the mutex locked.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2015-06-01 06:38:21 +09:00
..
channel_mgmt.c Drivers: hv: vmbus: distribute subchannels among all vcpus 2015-05-24 12:19:00 -07:00
channel.c Drivers: hv: vmbus: do cleanup on all vmbus_open() failure paths 2015-05-24 12:19:00 -07:00
connection.c Drivers: hv: vmbus:Update preferred vmbus protocol version to windows 10. 2015-06-01 06:38:21 +09:00
hv_balloon.c Drivers: hv: balloon: check if ha_region_mutex was acquired in MEM_CANCEL_ONLINE case 2015-06-01 06:38:21 +09:00
hv_fcopy.c Drivers: hv: utils: unify driver registration reporting 2015-05-24 12:17:42 -07:00
hv_kvp.c Drivers: hv: utils: unify driver registration reporting 2015-05-24 12:17:42 -07:00
hv_snapshot.c Drivers: hv: utils: unify driver registration reporting 2015-05-24 12:17:42 -07:00
hv_util.c Drivers: hv: util: On device remove, close the channel after de-initializing the service 2015-03-01 19:31:02 -08:00
hv_utils_transport.c Drivers: hv: util: introduce hv_utils_transport abstraction 2015-05-24 12:17:41 -07:00
hv_utils_transport.h Drivers: hv: util: introduce hv_utils_transport abstraction 2015-05-24 12:17:41 -07:00
hv.c Drivers: hv: vmbus: Teardown clockevent devices on module unload 2015-03-01 19:30:07 -08:00
hyperv_vmbus.h Drivers: hv: vmbus: Implement the protocol for tearing down vmbus state 2015-05-24 12:18:24 -07:00
Kconfig x86: Make Linux guest support optional 2013-03-04 13:14:25 -08:00
Makefile Drivers: hv: util: introduce hv_utils_transport abstraction 2015-05-24 12:17:41 -07:00
ring_buffer.c Drivers: hv: vmbus: Enable interrupt driven flow control 2014-09-23 23:31:22 -07:00
vmbus_drv.c Drivers: hv: vmbus: kill tasklets on module unload 2015-05-24 12:19:00 -07:00