Re: lockdep warning: console vs. mem hotplug
From: Sergey Senozhatsky
Date: Mon Jul 24 2017 - 09:32:20 EST
Hello,
On (07/24/17 14:46), Sebastian Ott wrote:
> [ 347.644660] ======================================================
> [ 347.644660] WARNING: possible circular locking dependency detected
> [ 347.644661] 4.13.0-rc2 #146 Not tainted
> [ 347.644661] ------------------------------------------------------
> [ 347.644662] sh/770 is trying to acquire lock:
> [ 347.644662] (&console_sch_key){-.-...}, at: [<0000000000763d80>] raw3215_write+0x58/0x208
> [ 347.644665] but task is already holding lock:
> [ 347.644665] (&(&zone->lock)->rlock){-.-...}, at: [<00000000002b693e>] __offline_isolated_pages+0x316/0x388
> [ 347.644668] which lock already depends on the new lock.
> [ 347.644669] the existing dependency chain (in reverse order) is:
> [ 347.644670] -> #4 (&(&zone->lock)->rlock){-.-...}:
> [ 347.644672] validate_chain.isra.10+0xb56/0xd88
> [ 347.644673] __lock_acquire+0x62c/0x850
> [ 347.644673] lock_acquire+0x254/0x2b8
> [ 347.644674] _raw_spin_lock_irqsave+0x70/0xb8
> [ 347.644674] get_page_from_freelist+0x446/0xf30
> [ 347.644675] __alloc_pages_nodemask+0x200/0x1568
> [ 347.644675] allocate_slab+0xf0/0x658
> [ 347.644676] new_slab+0x94/0xa8
> [ 347.644677] ___slab_alloc.constprop.23+0x55e/0x580
> [ 347.644677] __slab_alloc.isra.17.constprop.22+0x74/0xa8
> [ 347.644678] kmem_cache_alloc+0x13c/0x4b0
> [ 347.644678] __debug_object_init+0x5c/0x468
> [ 347.644679] hrtimer_init+0x42/0x1d8
> [ 347.644679] init_dl_task_timer+0x3a/0x58
> [ 347.644680] __sched_fork.isra.2+0x82/0xd8
> [ 347.644680] init_idle+0x7a/0x278
> [ 347.644681] fork_idle+0xa4/0xb8
> [ 347.644681] idle_threads_init+0x6a/0xd0
> [ 347.644682] smp_init+0x34/0x110
> [ 347.644682] kernel_init_freeable+0x166/0x2d8
> [ 347.644683] kernel_init+0x2a/0x148
> [ 347.644683] kernel_thread_starter+0x6/0xc
> [ 347.644684] kernel_thread_starter+0x0/0xc
>
> [ 347.644684] -> #3 (&rq->lock){-.-.-.}:
> [ 347.644686] validate_chain.isra.10+0xb56/0xd88
> [ 347.644687] __lock_acquire+0x62c/0x850
> [ 347.644687] lock_acquire+0x254/0x2b8
> [ 347.644688] _raw_spin_lock+0x60/0xa0
> [ 347.644688] task_fork_fair+0x6a/0x160
> [ 347.644689] sched_fork+0x13e/0x2a0
> [ 347.644689] copy_process+0x676/0x1ec0
> [ 347.644690] _do_fork+0xc2/0x6d0
> [ 347.644690] kernel_thread+0x4e/0x60
> [ 347.644691] rest_init+0x48/0x290
> [ 347.644691] start_kernel+0x470/0x480
> [ 347.644692] _stext+0x20/0x80
ok... this part is not exactly clear to me, but we've got
rq->lock -> &(&zone->lock)->rlock
dependency.
> [ 347.644693] -> #2 (&p->pi_lock){-.-.-.}:
> [ 347.644695] validate_chain.isra.10+0xb56/0xd88
> [ 347.644695] __lock_acquire+0x62c/0x850
> [ 347.644696] lock_acquire+0x254/0x2b8
> [ 347.644696] _raw_spin_lock_irqsave+0x70/0xb8
> [ 347.644697] try_to_wake_up+0x4a/0x600
> [ 347.644697] autoremove_wake_function+0x2e/0x88
> [ 347.644698] __wake_up_common+0x76/0xc0
> [ 347.644698] __wake_up+0x54/0x68
> [ 347.644699] ccw_device_verify_done+0xae/0x268
> [ 347.644700] ccw_request_handler+0x422/0x560
> [ 347.644700] do_cio_interrupt+0x224/0x2a0
> [ 347.644701] __handle_irq_event_percpu+0x1a6/0x440
> [ 347.644701] handle_irq_event_percpu+0x38/0x88
> [ 347.644702] handle_percpu_irq+0x84/0xb0
> [ 347.644702] generic_handle_irq+0x42/0x60
> [ 347.644703] do_IRQ+0x86/0xc8
> [ 347.644703] io_int_handler+0x104/0x2d4
> [ 347.644704] enabled_wait+0x72/0x140
> [ 347.644704] enabled_wait+0x5a/0x140
> [ 347.644705] arch_cpu_idle+0x32/0x50
> [ 347.644706] default_idle_call+0x52/0x68
> [ 347.644706] do_idle+0x118/0x170
> [ 347.644707] cpu_startup_entry+0x3e/0x48
> [ 347.644707] smp_start_secondary+0x112/0x120
> [ 347.644708] restart_int_handler+0x62/0x78
> [ 347.644708] (null)
>
> [ 347.644709] -> #1 (&priv->wait_q){-.....}:
> [ 347.644711] validate_chain.isra.10+0xb56/0xd88
> [ 347.644711] __lock_acquire+0x62c/0x850
> [ 347.644712] lock_acquire+0x254/0x2b8
> [ 347.644712] _raw_spin_lock_irqsave+0x70/0xb8
> [ 347.644713] __wake_up+0x3a/0x68
> [ 347.644713] ccw_device_recog_done+0x28e/0x2c8
> [ 347.644714] snsid_callback+0x324/0x390
> [ 347.644714] ccw_request_handler+0x480/0x560
> [ 347.644715] do_cio_interrupt+0x224/0x2a0
> [ 347.644715] __handle_irq_event_percpu+0x1a6/0x440
> [ 347.644715] handle_irq_event_percpu+0x38/0x88
> [ 347.644716] handle_percpu_irq+0x84/0xb0
> [ 347.644716] generic_handle_irq+0x42/0x60
> [ 347.644717] do_IRQ+0x86/0xc8
> [ 347.644717] io_int_handler+0x104/0x2d4
> [ 347.644718] _raw_spin_unlock_irq+0x4e/0x78
> [ 347.644718] _raw_spin_unlock_irq+0x4a/0x78
> [ 347.644719] ccw_device_enable_console+0xa0/0x188
> [ 347.644719] con3215_init+0x116/0x1b8
> [ 347.644720] console_init+0x40/0x60
> [ 347.644720] start_kernel+0x34c/0x480
> [ 347.644720] _stext+0x20/0x80
so do_IRQ()->do_cio_interrupt() does several things
1) it takes sch->lock // also knows as "console_sch_key"
2) calls sch->driver->irq(sch) under sch->lock
3) which invokes __wake_up()
3.1) which locks ->wait_q
3.2) which locks ->pi_lock
so we've got
console_sch_key -> priv->wait_q
console_sch_key -> rq->pi_lock
console_sch_key -> rq->lock
console_sch_key -> .... other scheduler/timekeeping/etc. locks
> [ 347.644721] -> #0 (&console_sch_key){-.-...}:
> [ 347.644723] check_prev_add+0x160/0x6e8
> [ 347.644723] validate_chain.isra.10+0xb56/0xd88
> [ 347.644723] __lock_acquire+0x62c/0x850
> [ 347.644724] lock_acquire+0x254/0x2b8
> [ 347.644724] _raw_spin_lock_irqsave+0x70/0xb8
> [ 347.644725] raw3215_write+0x58/0x208
> [ 347.644725] con3215_write+0x8e/0xf8
> [ 347.644725] console_unlock+0x4d8/0x6a8
> [ 347.644726] vprintk_emit+0x308/0x378
> [ 347.644726] vprintk_default+0x44/0x58
> [ 347.644727] printk+0x4e/0x60
> [ 347.644727] __offline_isolated_pages+0x16a/0x388
> [ 347.644728] offline_isolated_pages_cb+0x2e/0x40
> [ 347.644728] walk_system_ram_range+0x92/0xf0
> [ 347.644729] __offline_pages.constprop.6+0x6d2/0x910
> [ 347.644729] memory_subsys_offline+0x6c/0xa0
> [ 347.644730] device_offline+0x84/0xe0
> [ 347.644730] store_mem_state+0xfe/0x120
> [ 347.644731] kernfs_fop_write+0x132/0x208
> [ 347.644731] __vfs_write+0x36/0x158
> [ 347.644731] vfs_write+0xb8/0x1a0
> [ 347.644732] SyS_write+0x66/0xc0
> [ 347.644732] system_call+0xc4/0x298
here we've got
(&zone->lock)->rlock -> console_sch_key
due to pr_info("remove from free list %lx %d %lx\n",...) under
spin_lock_irqsave(&zone->lock, flags).
so it's
from #4 from #0 from #1
rq->lock -> (&zone->lock)->rlock -> console_sch_key -> rq->lock
need to think what the fix can be...
if anyone has any thoughts I'd be glad to hear.
> [ 347.644733] other info that might help us debug this:
> [ 347.644734] Chain exists of:
> [ 347.644734] &console_sch_key --> &rq->lock --> &(&zone->lock)->rlock
> [ 347.644736] Possible unsafe locking scenario:
> [ 347.644737] CPU0 CPU1
> [ 347.644738] ---- ----
> [ 347.644738] lock(&(&zone->lock)->rlock);
> [ 347.644739] lock(&rq->lock);
> [ 347.644740] lock(&(&zone->lock)->rlock);
> [ 347.644741] lock(&console_sch_key);
> [ 347.644742] *** DEADLOCK ***
> [ 347.644743] 9 locks held by sh/770:
> [ 347.644743] #0: (sb_writers#5){.+.+.+}, at: [<000000000035c64a>] vfs_write+0xa2/0x1a0
> [ 347.644745] #1: (&of->mutex){+.+.+.}, at: [<000000000040065a>] kernfs_fop_write+0x1b2/0x208
> [ 347.644747] #2: (s_active#46){.+.+.+}, at: [<0000000000400666>] kernfs_fop_write+0x1be/0x208
> [ 347.644749] #3: (device_hotplug_lock){+.+...}, at: [<00000000006b9d18>] lock_device_hotplug_sysfs+0x30/0x70
> [ 347.644750] #4: (cpu_hotplug_lock.rw_sem){++++++}, at: [<000000000033596a>] mem_hotplug_begin+0x2a/0x40
> [ 347.644752] #5: (mem_hotplug_lock.rw_sem){++++.+}, at: [<00000000001a5c78>] percpu_down_write+0x38/0x110
> [ 347.644754] #6: (&dev->mutex){......}, at: [<00000000006bb5ac>] device_offline+0x5c/0xe0
> [ 347.644756] #7: (&(&zone->lock)->rlock){-.-...}, at: [<00000000002b693e>] __offline_isolated_pages+0x316/0x388
> [ 347.644758] #8: (console_lock){+.+...}, at: [<00000000001c2a3c>] vprintk_emit+0x2fc/0x378
> [ 347.644760] stack backtrace:
> [ 347.644760] CPU: 2 PID: 770 Comm: sh Not tainted 4.13.0-rc2 #146
> [ 347.644761] Hardware name: IBM 2827 H66 706 (z/VM 6.3.0)
> [ 347.644761] Call Trace:
> [ 347.644761] ([<0000000000113a1a>] show_stack+0x8a/0xe0)
> [ 347.644762] [<00000000008fe4a6>] dump_stack+0x96/0xd8
> [ 347.644762] [<00000000001a95c4>] print_circular_bug+0x314/0x340
> [ 347.644763] [<00000000001aa548>] check_prev_add+0x160/0x6e8
> [ 347.644763] [<00000000001ab626>] validate_chain.isra.10+0xb56/0xd88
> [ 347.644764] [<00000000001ad024>] __lock_acquire+0x62c/0x850
> [ 347.644764] [<00000000001adbec>] lock_acquire+0x254/0x2b8
> [ 347.644765] [<000000000091e4a8>] _raw_spin_lock_irqsave+0x70/0xb8
> [ 347.644766] [<0000000000763d80>] raw3215_write+0x58/0x208
> [ 347.644766] [<000000000076416e>] con3215_write+0x8e/0xf8
> [ 347.644766] [<00000000001c2570>] console_unlock+0x4d8/0x6a8
> [ 347.644767] [<00000000001c2a48>] vprintk_emit+0x308/0x378
> [ 347.644767] [<00000000001c2c94>] vprintk_default+0x44/0x58
> [ 347.644768] [<00000000001c3c0e>] printk+0x4e/0x60
> [ 347.644768] [<00000000002b6792>] __offline_isolated_pages+0x16a/0x388
> [ 347.644769] [<0000000000335516>] offline_isolated_pages_cb+0x2e/0x40
> [ 347.644769] [<000000000014b092>] walk_system_ram_range+0x92/0xf0
> [ 347.644770] [<0000000000913cfa>] __offline_pages.constprop.6+0x6d2/0x910
> [ 347.644770] [<00000000006d8cf4>] memory_subsys_offline+0x6c/0xa0
> [ 347.644771] [<00000000006bb5d4>] device_offline+0x84/0xe0
> [ 347.644771] [<00000000006d93de>] store_mem_state+0xfe/0x120
> [ 347.644772] [<00000000004005da>] kernfs_fop_write+0x132/0x208
> [ 347.644773] [<000000000035b236>] __vfs_write+0x36/0x158
> [ 347.644773] [<000000000035c660>] vfs_write+0xb8/0x1a0
> [ 347.644774] [<000000000035dd96>] SyS_write+0x66/0xc0
> [ 347.644774] [<000000000091f59c>] system_call+0xc4/0x298
> [ 347.644774] INFO: lockdep is turned off.
-ss