Re: 2.6.17-rc5-mm3
From: Arjan van de Ven
Date: Mon Jun 05 2006 - 17:02:44 EST
On Mon, 2006-06-05 at 16:44 -0400, Dave Jones wrote:
> On Mon, Jun 05, 2006 at 04:09:47PM -0400, Dave Jones wrote:
>
> > > Try reverting debug-shared-irqs.patch, or disable the sound driver?
> > Will turn off the sound driver, and see what happens.
>
> Win! It now boots. I blew it up really easy with a socket-fuzzer though.
> (http://people.redhat.com/davej/sfuzz.c)
>
> [ 874.865028] ======================================
> [ 874.943738] [ BUG: bad unlock ordering detected! ]
> [ 875.002919] --------------------------------------
> [ 875.062134] sfuzz/23915 is trying to release lock (&sctp_port_alloc_lock) at:
> [ 875.149619] [<d128ed4e>] sctp_get_port_local+0xd0/0x285 [sctp]
> [ 875.222636] but the next lock to release is:
> [ 875.276019] (&sctp_port_hashtable[i].lock){-...}, at: [<d128ed0e>] sctp_get_port_local+0x90/0x285 [sctp]
> [ 875.393031]
this is "interesting" code to follow but it looks like a honest case of
deliberate out of order unlock
Signed-off-by: Arjan van de Ven <arjan@xxxxxxxxxxxxxxx>
---
net/sctp/socket.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: linux-2.6.17-rc5-mm3/net/sctp/socket.c
===================================================================
--- linux-2.6.17-rc5-mm3.orig/net/sctp/socket.c
+++ linux-2.6.17-rc5-mm3/net/sctp/socket.c
@@ -4597,7 +4597,7 @@ static long sctp_get_port_local(struct s
sctp_spin_unlock(&head->lock);
} while (--remaining > 0);
sctp_port_rover = rover;
- sctp_spin_unlock(&sctp_port_alloc_lock);
+ spin_unlock_non_nested(&sctp_port_alloc_lock);
/* Exhausted local port range during search? */
ret = 1;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/