From: Steven Rostedt <rostedt@goodmis.org>
To: Yu Kuai <yukuai1@huaweicloud.com>
Cc: Edward Adam Davis <eadavis@qq.com>,
syzbot+ed812ed461471ab17a0c@syzkaller.appspotmail.com,
akpm@linux-foundation.org, axboe@kernel.dk, dvyukov@google.com,
linux-block@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-trace-kernel@vger.kernel.org, mhiramat@kernel.org,
pengfei.xu@intel.com, syzkaller-bugs@googlegroups.com,
"yukuai (C)" <yukuai3@huawei.com>
Subject: Re: [PATCH next] trace/blktrace: fix task hung in blk_trace_ioctl
Date: Sat, 2 Dec 2023 17:07:43 -0500 [thread overview]
Message-ID: <20231202170743.7557e7b5@rorschach.local.home> (raw)
In-Reply-To: <5116cbb4-2c85-2459-5499-56c95bb42d16@huaweicloud.com>
On Sat, 2 Dec 2023 17:19:25 +0800
Yu Kuai <yukuai1@huaweicloud.com> wrote:
> Hi,
>
> 在 2023/12/02 17:01, Edward Adam Davis 写道:
> > The reproducer involves running test programs on multiple processors separately,
> > in order to enter blkdev_ioctl() and ultimately reach blk_trace_ioctl() through
> > two different paths, triggering an AA deadlock.
> >
> > CPU0 CPU1
> > --- ---
> > mutex_lock(&q->debugfs_mutex) mutex_lock(&q->debugfs_mutex)
> > mutex_lock(&q->debugfs_mutex) mutex_lock(&q->debugfs_mutex)
> >
> >
> > The first path:
> > blkdev_ioctl()->
> > blk_trace_ioctl()->
> > mutex_lock(&q->debugfs_mutex)
> >
> > The second path:
> > blkdev_ioctl()->
> > blkdev_common_ioctl()->
> > blk_trace_ioctl()->
> > mutex_lock(&q->debugfs_mutex)
> I still don't understand how this AA deadlock is triggered, does the
> 'debugfs_mutex' already held before calling blk_trace_ioctl()?
Right, I don't see where the mutex is taken twice. You don't need two
paths for an AA lock, you only need one.
>
> >
> > The solution I have proposed is to exit blk_trace_ioctl() to avoid AA locks if
> > a task has already obtained debugfs_mutex.
> >
> > Fixes: 0d345996e4cb ("x86/kernel: increase kcov coverage under arch/x86/kernel folder")
How does it fix the above? I don't see how the above is even related to this.
-- Steve
> > Reported-and-tested-by: syzbot+ed812ed461471ab17a0c@syzkaller.appspotmail.com
> > Signed-off-by: Edward Adam Davis <eadavis@qq.com>
> > ---
> > kernel/trace/blktrace.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/kernel/trace/blktrace.c b/kernel/trace/blktrace.c
next prev parent reply other threads:[~2023-12-02 22:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-30 21:17 [syzbot] [block?] [trace?] INFO: task hung in blk_trace_ioctl (4) syzbot
2023-12-01 8:29 ` Pengfei Xu
2023-12-02 9:01 ` [PATCH next] trace/blktrace: fix task hung in blk_trace_ioctl Edward Adam Davis
2023-12-02 9:19 ` Yu Kuai
2023-12-02 22:07 ` Steven Rostedt [this message]
2023-12-03 11:45 ` Pengfei Xu
2024-10-11 19:20 ` [syzbot] [block?] [trace?] INFO: task hung in blk_trace_ioctl (4) Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231202170743.7557e7b5@rorschach.local.home \
--to=rostedt@goodmis.org \
--cc=akpm@linux-foundation.org \
--cc=axboe@kernel.dk \
--cc=dvyukov@google.com \
--cc=eadavis@qq.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mhiramat@kernel.org \
--cc=pengfei.xu@intel.com \
--cc=syzbot+ed812ed461471ab17a0c@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=yukuai1@huaweicloud.com \
--cc=yukuai3@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).