From: Sergey Senozhatsky <senozhatsky@chromium.org>
To: Petr Mladek <pmladek@suse.com>,
John Ogness <john.ogness@linutronix.de>,
Catalin Marinas <catalin.marinas@arm.com>
Cc: Steven Rostedt <rostedt@goodmis.org>,
Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
linux-serial@vger.kernel.org
Subject: [next-20240925] possible circular locking: uart vs kmemleak
Date: Thu, 26 Sep 2024 13:07:15 +0900 [thread overview]
Message-ID: <20240926040715.GC11458@google.com> (raw)
Greetings,
Ran into the following issue today. It's sort of interesting, not sure
what even to do about it. The
uart -> tty -> mm /* kmalloc -> kmemleak */
chain looks problematic, it certainly overlaps with
mm -> printk -> uart /* which can kmalloc and re-enter mm -> kmemleak? */
chain.
[ 40.056844] ======================================================
[ 40.056845] WARNING: possible circular locking dependency detected
[ 40.056847] 6.11.0-next-20240925+ #729 Tainted: G W N
[ 40.056849] ------------------------------------------------------
[ 40.056850] modprobe/431 is trying to acquire lock:
[ 40.056851] ffffffff83cef3e0 (console_owner){-...}-{0:0}, at: console_flush_all+0xd9/0x9d0
[ 40.056859]
[ 40.056859] but task is already holding lock:
[ 40.056859] ffffffff83ed97d8 (kmemleak_lock){-.-.}-{2:2}, at: kmemleak_free+0x2e/0x70
[ 40.056866]
[ 40.056866] which lock already depends on the new lock.
[ 40.056866]
[ 40.056867]
[ 40.056867] the existing dependency chain (in reverse order) is:
[ 40.056868]
[ 40.056868] -> #2 (kmemleak_lock){-.-.}-{2:2}:
[ 40.056872] _raw_spin_lock_irqsave+0x76/0xb0
[ 40.056876] __create_object+0x3a/0x110
[ 40.056878] __kmalloc_noprof+0x1ff/0x390
[ 40.056882] __tty_buffer_request_room+0x18b/0x4e0
[ 40.056887] __tty_insert_flip_string_flags+0x8b/0x3c0
[ 40.056889] uart_insert_char+0x211/0x7f0
[ 40.056893] serial8250_handle_irq+0x34a/0xb10
[ 40.056897] serial8250_default_handle_irq+0xaa/0x170
[ 40.056900] serial8250_interrupt+0xa7/0x130
[ 40.056902] __handle_irq_event_percpu+0x1e1/0x680
[ 40.056904] handle_irq_event+0x87/0x1c0
[ 40.056906] handle_edge_irq+0x201/0x9b0
[ 40.056910] __common_interrupt+0xb4/0x120
[ 40.056914] common_interrupt+0x78/0x90
[ 40.056917] asm_common_interrupt+0x22/0x40
[ 40.056921] default_idle+0xb/0x10
[ 40.056924] default_idle_call+0x6e/0xa0
[ 40.056927] do_idle+0x172/0x3c0
[ 40.056930] cpu_startup_entry+0x45/0x60
[ 40.056932] start_secondary+0x12b/0x130
[ 40.056935] common_startup_64+0x12c/0x137
[ 40.056938]
[ 40.056938] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 40.056942] _raw_spin_lock_irqsave+0x76/0xb0
[ 40.056945] serial8250_console_write+0xf5/0x1b10
[ 40.056947] console_flush_all+0x4fd/0x9d0
[ 40.056949] console_unlock+0x99/0x230
[ 40.056952] vprintk_emit+0x3b6/0x650
[ 40.056955] _printk+0x59/0x7b
[ 40.056958] register_console+0x7fb/0xb40
[ 40.056960] univ8250_console_init+0x3b/0x6b
[ 40.056965] console_init+0x11a/0x3bb
[ 40.056970] start_kernel+0x22a/0x39b
[ 40.056975] x86_64_start_reservations+0x26/0x2b
[ 40.056979] copy_bootdata+0x0/0xb0
[ 40.056981] common_startup_64+0x12c/0x137
[ 40.056983]
[ 40.056983] -> #0 (console_owner){-...}-{0:0}:
[ 40.056986] __lock_acquire+0x3790/0x7830
[ 40.056992] lock_acquire+0x140/0x3b0
[ 40.056994] console_flush_all+0x482/0x9d0
[ 40.056996] console_unlock+0x99/0x230
[ 40.056999] vprintk_emit+0x3b6/0x650
[ 40.057001] _printk+0x59/0x7b
[ 40.057003] __find_and_remove_object+0x106/0x120
[ 40.057005] kmemleak_free+0x3d/0x70
[ 40.057007] free_large_kmalloc+0x4d/0xb0
[ 40.057009] init_module+0x12/0xffb [zram]
[ 40.057016] do_one_initcall+0x130/0x450
[ 40.057018] do_init_module+0x36a/0x890
[ 40.057021] __se_sys_finit_module+0x513/0x7e0
[ 40.057022] do_syscall_64+0x71/0x110
[ 40.057024] entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 40.057027]
[ 40.057027] other info that might help us debug this:
[ 40.057027]
[ 40.057028] Chain exists of:
[ 40.057028] console_owner --> &port_lock_key --> kmemleak_lock
[ 40.057028]
[ 40.057032] Possible unsafe locking scenario:
[ 40.057032]
[ 40.057033] CPU0 CPU1
[ 40.057033] ---- ----
[ 40.057034] lock(kmemleak_lock);
[ 40.057035] lock(&port_lock_key);
[ 40.057037] lock(kmemleak_lock);
[ 40.057039] lock(console_owner);
[ 40.057040]
[ 40.057040] *** DEADLOCK ***
[ 40.057040]
[ 40.057041] 3 locks held by modprobe/431:
[ 40.057043] #0: ffffffff83ed97d8 (kmemleak_lock){-.-.}-{2:2}, at: kmemleak_free+0x2e/0x70
[ 40.057048] #1: ffffffff83cef440 (console_lock){+.+.}-{0:0}, at: _printk+0x59/0x7b
[ 40.057053] #2: ffffffff83cef050 (console_srcu){....}-{0:0}, at: console_flush_all+0xd9/0x9d0
[ 40.057057]
[ 40.057057] stack backtrace:
[ 40.057059] CPU: 11 UID: 0 PID: 431 Comm: modprobe Tainted: G W N 6.11.0-next-20240925+ #729
[ 40.057063] Tainted: [W]=WARN, [N]=TEST
[ 40.057065] Call Trace:
[ 40.057066] <TASK>
[ 40.057067] dump_stack_lvl+0xa3/0xeb
[ 40.057071] print_circular_bug+0x136/0x1b0
[ 40.057074] check_noncircular+0x26a/0x370
[ 40.057078] __lock_acquire+0x3790/0x7830
[ 40.057085] lock_acquire+0x140/0x3b0
[ 40.057087] ? console_flush_all+0xd9/0x9d0
[ 40.057090] ? console_flush_all+0xd9/0x9d0
[ 40.057092] console_flush_all+0x482/0x9d0
[ 40.057094] ? console_flush_all+0xd9/0x9d0
[ 40.057096] ? console_flush_all+0xd9/0x9d0
[ 40.057100] console_unlock+0x99/0x230
[ 40.057103] vprintk_emit+0x3b6/0x650
[ 40.057107] _printk+0x59/0x7b
[ 40.057110] __find_and_remove_object+0x106/0x120
[ 40.057113] kmemleak_free+0x3d/0x70
[ 40.057115] free_large_kmalloc+0x4d/0xb0
[ 40.057118] init_module+0x12/0xffb [zram]
[ 40.057125] do_one_initcall+0x130/0x450
[ 40.057127] ? __cfi_init_module+0x5/0x5 [zram]
[ 40.057133] ? stack_depot_save_flags+0x25/0x700
[ 40.057136] ? stack_trace_save+0xb3/0x150
[ 40.057140] ? kasan_save_track+0x3c/0x60
[ 40.057143] ? kasan_save_track+0x2b/0x60
[ 40.057145] ? __kasan_kmalloc+0x6e/0x80
[ 40.057147] ? do_init_module+0x16e/0x890
[ 40.057149] ? __se_sys_finit_module+0x513/0x7e0
[ 40.057151] ? do_syscall_64+0x71/0x110
[ 40.057156] ? entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 40.057160] ? stack_depot_save_flags+0x25/0x700
[ 40.057162] ? stack_trace_save+0xb3/0x150
[ 40.057165] ? __create_object+0x62/0x110
[ 40.057168] ? do_raw_spin_unlock+0x5a/0x950
[ 40.057170] ? __create_object+0x62/0x110
[ 40.057173] ? _raw_spin_unlock_irqrestore+0x31/0x40
[ 40.057176] ? __create_object+0x62/0x110
[ 40.057179] ? kasan_unpoison+0x49/0x70
[ 40.057182] ? __asan_register_globals+0x54/0x70
[ 40.057184] do_init_module+0x36a/0x890
[ 40.057189] __se_sys_finit_module+0x513/0x7e0
[ 40.057195] do_syscall_64+0x71/0x110
[ 40.057197] entry_SYSCALL_64_after_hwframe+0x4b/0x53
next reply other threads:[~2024-09-26 4:07 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-26 4:07 Sergey Senozhatsky [this message]
2024-09-26 13:32 ` [next-20240925] possible circular locking: uart vs kmemleak Petr Mladek
2024-09-26 14:41 ` Sergey Senozhatsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240926040715.GC11458@google.com \
--to=senozhatsky@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=catalin.marinas@arm.com \
--cc=john.ogness@linutronix.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-serial@vger.kernel.org \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.