From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
To: Vivek Goyal <vgoyal@redhat.com>
Cc: Miles Lane <miles.lane@gmail.com>, Eric Paris <eparis@redhat.com>,
Lai Jiangshan <laijs@cn.fujitsu.com>, Ingo Molnar <mingo@elte.hu>,
Peter Zijlstra <peterz@infradead.org>,
LKML <linux-kernel@vger.kernel.org>,
nauman@google.com, eric.dumazet@gmail.com,
netdev@vger.kernel.org, Jens Axboe <jens.axboe@oracle.com>,
Gui Jianfeng <guijianfeng@cn.fujitsu.com>,
Li Zefan <lizf@cn.fujitsu.com>
Subject: Re: [PATCH] RCU: don't turn off lockdep when find suspicious rcu_dereference_check() usage
Date: Thu, 22 Apr 2010 09:01:44 -0700 [thread overview]
Message-ID: <20100422160144.GC2524@linux.vnet.ibm.com> (raw)
In-Reply-To: <20100422145640.GB3228@redhat.com>
On Thu, Apr 22, 2010 at 10:56:40AM -0400, Vivek Goyal wrote:
> On Wed, Apr 21, 2010 at 02:35:43PM -0700, Paul E. McKenney wrote:
>
> [..]
> > > [ 3.116754] [ INFO: suspicious rcu_dereference_check() usage. ]
> > > [ 3.116754] ---------------------------------------------------
> > > [ 3.116754] kernel/cgroup.c:4432 invoked rcu_dereference_check()
> > > without protection!
> > > [ 3.116754]
> > > [ 3.116754] other info that might help us debug this:
> > > [ 3.116754]
> > > [ 3.116754]
> > > [ 3.116754] rcu_scheduler_active = 1, debug_locks = 1
> > > [ 3.116754] 2 locks held by async/1/666:
> > > [ 3.116754] #0: (&shost->scan_mutex){+.+.+.}, at:
> > > [<ffffffff812df0a0>] __scsi_add_device+0x83/0xe4
> > > [ 3.116754] #1: (&(&blkcg->lock)->rlock){......}, at:
> > > [<ffffffff811f2e8d>] blkiocg_add_blkio_group+0x29/0x7f
> > > [ 3.116754]
> > > [ 3.116754] stack backtrace:
> > > [ 3.116754] Pid: 666, comm: async/1 Not tainted 2.6.34-rc5 #18
> > > [ 3.116754] Call Trace:
> > > [ 3.116754] [<ffffffff81067fc2>] lockdep_rcu_dereference+0x9d/0xa5
> > > [ 3.116754] [<ffffffff8107f9b1>] css_id+0x3f/0x51
> > > [ 3.116754] [<ffffffff811f2e9c>] blkiocg_add_blkio_group+0x38/0x7f
> > > [ 3.116754] [<ffffffff811f4e64>] cfq_init_queue+0xdf/0x2dc
> > > [ 3.116754] [<ffffffff811e3445>] elevator_init+0xba/0xf5
> > > [ 3.116754] [<ffffffff812dc02a>] ? scsi_request_fn+0x0/0x451
> > > [ 3.116754] [<ffffffff811e696b>] blk_init_queue_node+0x12f/0x135
> > > [ 3.116754] [<ffffffff811e697d>] blk_init_queue+0xc/0xe
> > > [ 3.116754] [<ffffffff812dc49c>] __scsi_alloc_queue+0x21/0x111
> > > [ 3.116754] [<ffffffff812dc5a4>] scsi_alloc_queue+0x18/0x64
> > > [ 3.116754] [<ffffffff812de5a0>] scsi_alloc_sdev+0x19e/0x256
> > > [ 3.116754] [<ffffffff812de73e>] scsi_probe_and_add_lun+0xe6/0x9c5
> > > [ 3.116754] [<ffffffff81068922>] ? trace_hardirqs_on_caller+0x114/0x13f
> > > [ 3.116754] [<ffffffff813ce0d6>] ? __mutex_lock_common+0x3e4/0x43a
> > > [ 3.116754] [<ffffffff812df0a0>] ? __scsi_add_device+0x83/0xe4
> > > [ 3.116754] [<ffffffff812d0a5c>] ? transport_setup_classdev+0x0/0x17
> > > [ 3.116754] [<ffffffff812df0a0>] ? __scsi_add_device+0x83/0xe4
> > > [ 3.116754] [<ffffffff812df0d5>] __scsi_add_device+0xb8/0xe4
> > > [ 3.116754] [<ffffffff812ea9c5>] ata_scsi_scan_host+0x74/0x16e
> > > [ 3.116754] [<ffffffff81057685>] ? autoremove_wake_function+0x0/0x34
> > > [ 3.116754] [<ffffffff812e8e64>] async_port_probe+0xab/0xb7
> > > [ 3.116754] [<ffffffff8105e1b5>] ? async_thread+0x0/0x1f4
> > > [ 3.116754] [<ffffffff8105e2ba>] async_thread+0x105/0x1f4
> > > [ 3.116754] [<ffffffff81033d79>] ? default_wake_function+0x0/0xf
> > > [ 3.116754] [<ffffffff8105e1b5>] ? async_thread+0x0/0x1f4
> > > [ 3.116754] [<ffffffff8105713e>] kthread+0x89/0x91
> > > [ 3.116754] [<ffffffff81068922>] ? trace_hardirqs_on_caller+0x114/0x13f
> > > [ 3.116754] [<ffffffff81003994>] kernel_thread_helper+0x4/0x10
> > > [ 3.116754] [<ffffffff813cfcc0>] ? restore_args+0x0/0x30
> > > [ 3.116754] [<ffffffff810570b5>] ? kthread+0x0/0x91
> > > [ 3.116754] [<ffffffff81003990>] ? kernel_thread_helper+0x0/0x10
> >
> > I cannot convince myself that the above access is safe. Vivek, Nauman,
> > thoughts?
>
> Hi Paul,
>
> blkiocg_add_blkio_group() is called from two paths.
>
> First one is following. This path should be safe as it takes rcu read
> lock.
>
> cfq_get_cfqg()
> rcu_read_lock()
> cfq_find_alloc_cfqg()
> blkiocg_add_blkio_group()
> rcu_read_unlock()
>
> Second one is as shown in above backtrace.
>
> cfq_init_queue()
> blkiocg_add_blkio_group().
>
> This path is called at request queue and cfq initialization time and
> we access only root cgroup (root blkio_cgroup). As root cgroup can't
> go away, do we have to protect that call also using rcu_read_lock()?
You are correct, if the root cgroup cannot go away and if we only access
the root cgroup, then rcu_read_lock() is not required.
> So I guess it is not unsafe but propably we need to fix the warning, I
> should wrap second call to blkiocg_add_blkio_group() with
> rcu_read_lock/unlock pair?
That would work very well!
Thanx, Paul
next prev parent reply other threads:[~2010-04-22 16:02 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-08 1:26 INFO: suspicious rcu_dereference_check() usage - include/linux/cgroup.h:492 invoked rcu_dereference_check() without protection! Miles Lane
2010-03-11 3:28 ` Paul E. McKenney
2010-04-12 18:44 ` Eric Paris
2010-04-12 18:47 ` Peter Zijlstra
2010-04-14 10:47 ` Peter Zijlstra
2010-04-15 15:47 ` Paul E. McKenney
2010-04-19 3:45 ` Lai Jiangshan
2010-04-19 18:26 ` Eric Paris
2010-04-19 23:01 ` Paul E. McKenney
2010-04-20 1:25 ` Eric Paris
2010-04-20 3:04 ` Paul E. McKenney
2010-04-20 7:21 ` Peter Zijlstra
2010-04-20 8:23 ` [PATCH] RCU: don't turn off lockdep when find suspicious rcu_dereference_check() usage Lai Jiangshan
2010-04-20 8:36 ` Peter Zijlstra
2010-04-20 12:31 ` Eric Paris
2010-04-20 13:28 ` Paul E. McKenney
[not found] ` <j2ya44ae5cd1004200545q6be4ec82o18ae99d93e8c29c7@mail.gmail.com>
2010-04-20 13:52 ` Paul E. McKenney
2010-04-20 15:38 ` Miles Lane
2010-04-21 6:04 ` Borislav Petkov
2010-04-21 21:45 ` Paul E. McKenney
2010-04-21 21:35 ` Paul E. McKenney
2010-04-21 21:48 ` Paul E. McKenney
2010-04-21 21:57 ` Eric Dumazet
2010-04-21 22:14 ` Paul E. McKenney
2010-04-21 23:26 ` Eric W. Biederman
2010-04-22 14:56 ` Vivek Goyal
2010-04-22 16:01 ` Paul E. McKenney [this message]
2010-04-23 12:50 ` Miles Lane
2010-04-23 19:42 ` Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 01/12] rcu: Fix RCU lockdep splat in set_task_cpu on fork path Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 02/12] rcu: fix RCU lockdep splat on freezer_fork path Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 03/12] rcu: leave lockdep enabled after RCU lockdep splat Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 04/12] NFSv4: Fix the locking in nfs_inode_reclaim_delegation() Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 05/12] NFS: Fix RCU issues in the NFSv4 delegation code Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 06/12] KEYS: Fix an RCU warning Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 07/12] KEYS: Fix an RCU warning in the reading of user keys Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 08/12] cgroup: Fix an RCU warning in cgroup_path() Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 09/12] cgroup: Fix an RCU warning in alloc_css_id() Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 10/12] sched: Fix an RCU warning in print_task() Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 11/12] cgroup: Check task_lock in task_subsys_state() Paul E. McKenney
2010-04-23 19:43 ` [PATCH v2.6.34-rc5 12/12] memcg: css_id() must be called under rcu_read_lock() Paul E. McKenney
2010-04-23 22:59 ` [PATCH] RCU: don't turn off lockdep when find suspicious rcu_dereference_check() usage Miles Lane
2010-04-24 5:35 ` Miles Lane
2010-04-25 2:36 ` Paul E. McKenney
2010-04-25 2:34 ` Paul E. McKenney
2010-04-25 7:45 ` Johannes Berg
2010-04-25 7:49 ` David Miller
2010-04-26 2:07 ` Paul E. McKenney
2010-04-25 15:49 ` Miles Lane
2010-04-25 20:20 ` Miles Lane
2010-04-26 16:09 ` Paul E. McKenney
2010-04-26 18:35 ` Eric W. Biederman
2010-04-27 4:27 ` Paul E. McKenney
2010-04-27 16:22 ` Paul E. McKenney
2010-04-27 16:33 ` Eric Dumazet
2010-04-27 17:58 ` Miles Lane
2010-04-27 23:31 ` Paul E. McKenney
2010-04-27 23:42 ` David Miller
2010-04-27 23:52 ` Paul E. McKenney
[not found] ` <p2ka44ae5cd1004281358n86ce29d2tbece16b2fb974dab@mail.gmail.com>
2010-04-28 21:37 ` Paul E. McKenney
2010-05-01 17:26 ` Miles Lane
2010-05-01 21:55 ` Paul E. McKenney
2010-05-02 2:00 ` Miles Lane
2010-05-02 4:11 ` Paul E. McKenney
2010-04-21 1:05 ` INFO: suspicious rcu_dereference_check() usage - include/linux/cgroup.h:492 invoked rcu_dereference_check() without protection! Li Zefan
2010-04-21 3:14 ` Paul E. McKenney
2010-04-14 16:03 ` Paul E. McKenney
-- strict thread matches above, loose matches on Subject: below --
2010-06-01 13:06 [PATCH] RCU: don't turn off lockdep when find suspicious rcu_dereference_check() usage Daniel J Blueman
2010-06-02 14:56 ` Paul E. McKenney
2010-06-02 15:24 ` Daniel J Blueman
2010-06-03 9:22 ` Li Zefan
2010-06-03 18:30 ` Paul E. McKenney
2010-06-04 2:44 ` Li Zefan
2010-06-04 4:10 ` Paul E. McKenney
2010-06-04 8:54 ` Daniel J Blueman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100422160144.GC2524@linux.vnet.ibm.com \
--to=paulmck@linux.vnet.ibm.com \
--cc=eparis@redhat.com \
--cc=eric.dumazet@gmail.com \
--cc=guijianfeng@cn.fujitsu.com \
--cc=jens.axboe@oracle.com \
--cc=laijs@cn.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lizf@cn.fujitsu.com \
--cc=miles.lane@gmail.com \
--cc=mingo@elte.hu \
--cc=nauman@google.com \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox