Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp665619iob; Fri, 13 May 2022 09:46:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyjHBNaHVTVwBX7sAtpzvsE1eoXrSArbTzTybF8uaFIK3TkxBUvmra58kyikGyj+NJw4g9h X-Received: by 2002:a05:600c:4fd4:b0:394:8e96:6d3b with SMTP id o20-20020a05600c4fd400b003948e966d3bmr5402288wmq.180.1652460405805; Fri, 13 May 2022 09:46:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652460405; cv=none; d=google.com; s=arc-20160816; b=fNTf1Zsmxx/bQBZ6AsHpnELNHQ5shykNznWGEW5lw+mVpWq/hOJB+wOBbUGbxQdx2v VBsxmurrtcNUcUwh+rmrf7KIfhlBGbD42u0ZfiB3pYeJ+dEnjb/8exnqRnTeM/Wf7YBM Xu2KPHyWgJDQJYRcCbGSSf3AZvJ6pEAYfg5leOnKSMzMVjM5lIpyUDsTvTSGwbLD4Mgq CSS2vN+emQp1gPLLQvMQq49gHm9ItTDldwBBpDg0S+s0T4h9snrmxUMfNfJIKzFzhzyR E1+n29EFZCO9jnBhBTQWst7rgq2p8FK39x7TqDL4G9hR6eXNbRJSN67mO6c5dnnl2RwH /Jaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=FuS/ZgfSwC6kSt4qIvn3GFGZYvOzE0L2SWUhv9P3AZU=; b=u21jl/1O69NvXHtAQkw5t8QDtrDHIxIeq0T9GHbe3un1QcopkVjJKwbg4rMZnXTpgC baV/xhL7AW/AheHaiBlsBREh6GL7YneAT8i/MI4N7jmq7UdQSTaFXG4QNQWfW1TBr2RS H82tGHAyGI7NbLpfE8vjbFBaYLjF9MvPzJZM5/lR6fpD+78kynEvGtePyxCm3BvhJe4s zIQvaOC4VPYVSRT1oClyp1CrvAVW/4rawmzIhyW1NnwnKtBlFwAQJL5M84HL2znD4rr9 E9KUCQRALDQp15gaj7l2YlRRORY9YFZy249hYxapgj/sxoxTytSW7HHuRtbxtT0WSbVP KK8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=M6M2RBJZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h124-20020a1c2182000000b00393e844be0esi5324293wmh.36.2022.05.13.09.46.17; Fri, 13 May 2022 09:46:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=M6M2RBJZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348357AbiELOO3 (ORCPT + 99 others); Thu, 12 May 2022 10:14:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39576 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237439AbiELOO1 (ORCPT ); Thu, 12 May 2022 10:14:27 -0400 Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE09024EA02 for ; Thu, 12 May 2022 07:14:25 -0700 (PDT) Received: by mail-pl1-x62a.google.com with SMTP id d22so4981927plr.9 for ; Thu, 12 May 2022 07:14:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=FuS/ZgfSwC6kSt4qIvn3GFGZYvOzE0L2SWUhv9P3AZU=; b=M6M2RBJZBMGhUpzDnpJTlBCP/1NlQvrn3MAPUOVbiVmQVneFnd/IdoEzdV/Ts0RSxj /sMNT61JH0UKaA+qe6ctPJ4SYeNyiaohtE0dGIfHbZ9Cg5ca2eqNUmbZz7HXQ+yOYXac s3svq/Bs1P5B72M2f+ereQ2ezZKD/GmQtJCF5om56RdwpuDLSnPKo0YAQjctT2jvY3hu 6/1kyIzYSjUwU4AIX/to3PUXR7y2dyZxl9aSXjevImr/TLxfywO4feB34OtacCtXi4BG 3Tdimw90q5VqakA8Qk6STfelnaPYaADMlbY01UPuNf+ctPNFMAyviYjtp/cqIpQLwVN/ uW7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=FuS/ZgfSwC6kSt4qIvn3GFGZYvOzE0L2SWUhv9P3AZU=; b=HbeKIaME1w59P2vPKN4JJgtkJL1s2jTJ+ttHiLlyWKvpykgrH6Mkk5BH2u+B5Aop0o pH/3Zqe88pE/YHngYMniEpH/bOq978s2r+Ha+PbMxnwkMot70MoPxwVrLigP3Go8Qkke oCH6xBcDYLqBBMEreujoXKQu3pVFhwnC4tEY5Iy4z+vV780fz7Nfwam7x2a94j+3lqVQ nGxlXsX+ZcS1y/AWE5TKLyQfaKSjw0lW9dJOBGzCjGd/0MAjJKQAGi47ttWZUQeUoY25 hrdl9hDChLAxkCzHrHfooCvOwgHbOYVlRWEO6SV6ZUj4krdeADMn3pzQ6/yUmSIBNEp2 UcCQ== X-Gm-Message-State: AOAM532LHKG731P+yZGgS7ITai4Zee8ceWqCpPp/n2mhckDXPIKG9q7L bU2fLCLVThL6T6Dh+5UCf/Lq5w== X-Received: by 2002:a17:902:e149:b0:15e:bafb:8760 with SMTP id d9-20020a170902e14900b0015ebafb8760mr30657461pla.155.1652364865185; Thu, 12 May 2022 07:14:25 -0700 (PDT) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id b9-20020a170902a9c900b0015f186be48asm3980280plr.36.2022.05.12.07.14.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 May 2022 07:14:24 -0700 (PDT) Date: Thu, 12 May 2022 14:14:20 +0000 From: Sean Christopherson To: Thomas Gleixner Cc: Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , linux-kernel@vger.kernel.org, "Guilherme G . Piccoli" , Vitaly Kuznetsov , Paolo Bonzini Subject: Re: [PATCH 1/2] x86/crash: Disable virt in core NMI crash handler to avoid double list_add Message-ID: References: <20220511234332.3654455-1-seanjc@google.com> <20220511234332.3654455-2-seanjc@google.com> <87wnervxb7.ffs@tglx> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87wnervxb7.ffs@tglx> X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 12, 2022, Thomas Gleixner wrote: > Sean, > > On Wed, May 11 2022 at 23:43, Sean Christopherson wrote: > > @@ -840,6 +858,20 @@ void nmi_shootdown_cpus(nmi_shootdown_cb callback) > > unsigned long msecs; > > local_irq_disable(); > > > > + /* > > + * Invoking multiple callbacks is not currently supported, registering > > + * the NMI handler twice will cause a list_add() double add BUG(). > > + * The exception is the "nop" handler in the emergency reboot path, > > + * which can run after e.g. kdump's shootdown. Do nothing if the crash > > + * handler has already run, i.e. has already prepared other CPUs, the > > + * reboot path doesn't have any work of its to do, it just needs to > > + * ensure all CPUs have prepared for reboot. > > This is confusing at best. The double list add is just one part of the > problem, which would be trivial enough to fix. > > The real point is that after the first shoot down all other CPUs are > stuck in crash_nmi_callback() and won't respond to the second NMI. Well that's embarrasingly obvious in hindsight. > > So trying to run this twice is completely pointless and guaranteed to > run into the timeout. > > > + */ > > + if (shootdown_callback) { > > + WARN_ON_ONCE(callback != nmi_shootdown_nop); > > + return; > > Instead of playing games with the callback pointer, I prefer to make > this all explicit. Delta patch below. Much better. If you're planning on doing fixup, can you also include a comment tweak about why the callback is left set? If not, I'll do it in v2. A bit overkill, but it's another thing that for me was obvious only once I realized "why". Thanks! diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 4e3a839ae146..808d3e75fb2d 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -896,7 +896,11 @@ void nmi_shootdown_cpus(nmi_shootdown_cb callback) msecs--; } - /* Leave the nmi callback set */ + /* + * Leave the nmi callback set, shootdown is a one-time thing. Clearing + * the callback could result in a NULL pointer dereference if a CPU + * (finally) responds after the timeout expires. + */ } static inline void nmi_shootdown_cpus_on_restart(void)