[PATCH] sched/core: Fix potential deadlock on rq lock

Linux kernel -stable discussions
 help / color / mirror / Atom feed

* [PATCH] sched/core: Fix potential deadlock on rq lock
@ 2025-09-11 12:42 Wang Tao
  2025-09-11 13:53 ` Peter Zijlstra
  0 siblings, 1 reply; 5+ messages in thread
From: Wang Tao @ 2025-09-11 12:42 UTC (permalink / raw)
  To: stable
  Cc: mingo, peterz, juri.lelli, vincent.guittot, dietmar.eggemann,
	rostedt, bsegall, mgorman, bristot, tglx, frederic, linux-kernel,
	tanghui20, zhangqiao22

When CPU 1 enters the nohz_full state, and the kworker on CPU 0 executes
the function sched_tick_remote, holding the lock on CPU1's rq
and triggering the warning WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3).
This leads to the process of printing the warning message, where the
console_sem semaphore is held. At this point, the print task on the
CPU1's rq cannot acquire the console_sem and joins the wait queue,
entering the UNINTERRUPTIBLE state. It waits for the console_sem to be
released and then wakes up. After the task on CPU 0 releases
the console_sem, it wakes up the waiting console_sem task.
In try_to_wake_up, it attempts to acquire the lock on CPU1's rq again,
resulting in a deadlock.

The triggering scenario is as follows:

CPU0								CPU1
sched_tick_remote
WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3)

report_bug							con_write
printk

console_unlock
								do_con_write
								console_lock
								down(&console_sem)
								list_add_tail(&waiter.list, &sem->wait_list);
up(&console_sem)
wake_up_q(&wake_q)
try_to_wake_up
__task_rq_lock
_raw_spin_lock

This patch fixes the issue by deffering all printk console printing
during the lock holding period.

Fixes: d84b31313ef8 ("sched/isolation: Offload residual 1Hz scheduler tick")
Signed-off-by: Wang Tao <wangtao554@huawei.com>
---
 kernel/sched/core.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index be00629f0ba4..8b2d5b5bfb93 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -5723,8 +5723,10 @@ static void sched_tick_remote(struct work_struct *work)
 				 * Make sure the next tick runs within a
 				 * reasonable amount of time.
 				 */
+				printk_deferred_enter();
 				u64 delta = rq_clock_task(rq) - curr->se.exec_start;
 				WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3);
+				printk_deferred_exit();
 			}
 			curr->sched_class->task_tick(rq, curr, 0);

-- 
2.34.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] sched/core: Fix potential deadlock on rq lock
  2025-09-11 12:42 [PATCH] sched/core: Fix potential deadlock on rq lock Wang Tao
@ 2025-09-11 13:53 ` Peter Zijlstra
  2025-09-11 15:02   ` Frederic Weisbecker
  0 siblings, 1 reply; 5+ messages in thread
From: Peter Zijlstra @ 2025-09-11 13:53 UTC (permalink / raw)
  To: Wang Tao
  Cc: stable, mingo, juri.lelli, vincent.guittot, dietmar.eggemann,
	rostedt, bsegall, mgorman, bristot, tglx, frederic, linux-kernel,
	tanghui20, zhangqiao22

On Thu, Sep 11, 2025 at 12:42:49PM +0000, Wang Tao wrote:
> When CPU 1 enters the nohz_full state, and the kworker on CPU 0 executes
> the function sched_tick_remote, holding the lock on CPU1's rq
> and triggering the warning WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3).
> This leads to the process of printing the warning message, where the
> console_sem semaphore is held. At this point, the print task on the
> CPU1's rq cannot acquire the console_sem and joins the wait queue,
> entering the UNINTERRUPTIBLE state. It waits for the console_sem to be
> released and then wakes up. After the task on CPU 0 releases
> the console_sem, it wakes up the waiting console_sem task.
> In try_to_wake_up, it attempts to acquire the lock on CPU1's rq again,
> resulting in a deadlock.
> 
> The triggering scenario is as follows:
> 
> CPU0								CPU1
> sched_tick_remote
> WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3)
> 
> report_bug							con_write
> printk
> 
> console_unlock
> 								do_con_write
> 								console_lock
> 								down(&console_sem)
> 								list_add_tail(&waiter.list, &sem->wait_list);
> up(&console_sem)
> wake_up_q(&wake_q)
> try_to_wake_up
> __task_rq_lock
> _raw_spin_lock
> 
> This patch fixes the issue by deffering all printk console printing
> during the lock holding period.
> 
> Fixes: d84b31313ef8 ("sched/isolation: Offload residual 1Hz scheduler tick")
> Signed-off-by: Wang Tao <wangtao554@huawei.com>

I fundamentally hate that deferred thing and consider it a printk bug.

But really, if you trip that WARN, fix it and the problem goes away.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] sched/core: Fix potential deadlock on rq lock
  2025-09-11 13:53 ` Peter Zijlstra
@ 2025-09-11 15:02   ` Frederic Weisbecker
  2025-09-11 15:14     ` Phil Auld
  0 siblings, 1 reply; 5+ messages in thread
From: Frederic Weisbecker @ 2025-09-11 15:02 UTC (permalink / raw)
  To: Peter Zijlstra
  Cc: Wang Tao, stable, mingo, juri.lelli, vincent.guittot,
	dietmar.eggemann, rostedt, bsegall, mgorman, bristot, tglx,
	linux-kernel, tanghui20, zhangqiao22

Le Thu, Sep 11, 2025 at 03:53:58PM +0200, Peter Zijlstra a écrit :
> On Thu, Sep 11, 2025 at 12:42:49PM +0000, Wang Tao wrote:
> > When CPU 1 enters the nohz_full state, and the kworker on CPU 0 executes
> > the function sched_tick_remote, holding the lock on CPU1's rq
> > and triggering the warning WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3).
> > This leads to the process of printing the warning message, where the
> > console_sem semaphore is held. At this point, the print task on the
> > CPU1's rq cannot acquire the console_sem and joins the wait queue,
> > entering the UNINTERRUPTIBLE state. It waits for the console_sem to be
> > released and then wakes up. After the task on CPU 0 releases
> > the console_sem, it wakes up the waiting console_sem task.
> > In try_to_wake_up, it attempts to acquire the lock on CPU1's rq again,
> > resulting in a deadlock.
> > 
> > The triggering scenario is as follows:
> > 
> > CPU0								CPU1
> > sched_tick_remote
> > WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3)
> > 
> > report_bug							con_write
> > printk
> > 
> > console_unlock
> > 								do_con_write
> > 								console_lock
> > 								down(&console_sem)
> > 								list_add_tail(&waiter.list, &sem->wait_list);
> > up(&console_sem)
> > wake_up_q(&wake_q)
> > try_to_wake_up
> > __task_rq_lock
> > _raw_spin_lock
> > 
> > This patch fixes the issue by deffering all printk console printing
> > during the lock holding period.
> > 
> > Fixes: d84b31313ef8 ("sched/isolation: Offload residual 1Hz scheduler tick")
> > Signed-off-by: Wang Tao <wangtao554@huawei.com>
> 
> I fundamentally hate that deferred thing and consider it a printk bug.
> 
> But really, if you trip that WARN, fix it and the problem goes away.

And probably it triggers a lot of false positives. An overloaded housekeeping
CPU can easily be off for 2 seconds. We should make it 30 seconds.

Thanks.

-- 
Frederic Weisbecker
SUSE Labs

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] sched/core: Fix potential deadlock on rq lock
  2025-09-11 15:02   ` Frederic Weisbecker
@ 2025-09-11 15:14     ` Phil Auld
  2025-09-11 15:38       ` Frederic Weisbecker
  0 siblings, 1 reply; 5+ messages in thread
From: Phil Auld @ 2025-09-11 15:14 UTC (permalink / raw)
  To: Frederic Weisbecker
  Cc: Peter Zijlstra, Wang Tao, stable, mingo, juri.lelli,
	vincent.guittot, dietmar.eggemann, rostedt, bsegall, mgorman,
	tglx, linux-kernel, tanghui20, zhangqiao22

On Thu, Sep 11, 2025 at 05:02:45PM +0200 Frederic Weisbecker wrote:
> Le Thu, Sep 11, 2025 at 03:53:58PM +0200, Peter Zijlstra a écrit :
> > On Thu, Sep 11, 2025 at 12:42:49PM +0000, Wang Tao wrote:
> > > When CPU 1 enters the nohz_full state, and the kworker on CPU 0 executes
> > > the function sched_tick_remote, holding the lock on CPU1's rq
> > > and triggering the warning WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3).
> > > This leads to the process of printing the warning message, where the
> > > console_sem semaphore is held. At this point, the print task on the
> > > CPU1's rq cannot acquire the console_sem and joins the wait queue,
> > > entering the UNINTERRUPTIBLE state. It waits for the console_sem to be
> > > released and then wakes up. After the task on CPU 0 releases
> > > the console_sem, it wakes up the waiting console_sem task.
> > > In try_to_wake_up, it attempts to acquire the lock on CPU1's rq again,
> > > resulting in a deadlock.
> > > 
> > > The triggering scenario is as follows:
> > > 
> > > CPU0								CPU1
> > > sched_tick_remote
> > > WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3)
> > > 
> > > report_bug							con_write
> > > printk
> > > 
> > > console_unlock
> > > 								do_con_write
> > > 								console_lock
> > > 								down(&console_sem)
> > > 								list_add_tail(&waiter.list, &sem->wait_list);
> > > up(&console_sem)
> > > wake_up_q(&wake_q)
> > > try_to_wake_up
> > > __task_rq_lock
> > > _raw_spin_lock
> > > 
> > > This patch fixes the issue by deffering all printk console printing
> > > during the lock holding period.
> > > 
> > > Fixes: d84b31313ef8 ("sched/isolation: Offload residual 1Hz scheduler tick")
> > > Signed-off-by: Wang Tao <wangtao554@huawei.com>
> > 
> > I fundamentally hate that deferred thing and consider it a printk bug.
> > 
> > But really, if you trip that WARN, fix it and the problem goes away.
> 
> And probably it triggers a lot of false positives. An overloaded housekeeping
> CPU can easily be off for 2 seconds. We should make it 30 seconds.
>

It does trigger pretty easily. We've done some work to try to make better
(spreading HK work around for example) but you can still hit it. Especially,
if there are virtualization layers involved...

Increasing that time a bit would be great :)

Cheers,
Phil


> Thanks.
> 
> -- 
> Frederic Weisbecker
> SUSE Labs
> 

-- 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] sched/core: Fix potential deadlock on rq lock
  2025-09-11 15:14     ` Phil Auld
@ 2025-09-11 15:38       ` Frederic Weisbecker
  0 siblings, 0 replies; 5+ messages in thread
From: Frederic Weisbecker @ 2025-09-11 15:38 UTC (permalink / raw)
  To: Phil Auld
  Cc: Peter Zijlstra, Wang Tao, stable, mingo, juri.lelli,
	vincent.guittot, dietmar.eggemann, rostedt, bsegall, mgorman,
	tglx, linux-kernel, tanghui20, zhangqiao22

Le Thu, Sep 11, 2025 at 11:14:06AM -0400, Phil Auld a écrit :
> On Thu, Sep 11, 2025 at 05:02:45PM +0200 Frederic Weisbecker wrote:
> > Le Thu, Sep 11, 2025 at 03:53:58PM +0200, Peter Zijlstra a écrit :
> > > On Thu, Sep 11, 2025 at 12:42:49PM +0000, Wang Tao wrote:
> > > > When CPU 1 enters the nohz_full state, and the kworker on CPU 0 executes
> > > > the function sched_tick_remote, holding the lock on CPU1's rq
> > > > and triggering the warning WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3).
> > > > This leads to the process of printing the warning message, where the
> > > > console_sem semaphore is held. At this point, the print task on the
> > > > CPU1's rq cannot acquire the console_sem and joins the wait queue,
> > > > entering the UNINTERRUPTIBLE state. It waits for the console_sem to be
> > > > released and then wakes up. After the task on CPU 0 releases
> > > > the console_sem, it wakes up the waiting console_sem task.
> > > > In try_to_wake_up, it attempts to acquire the lock on CPU1's rq again,
> > > > resulting in a deadlock.
> > > > 
> > > > The triggering scenario is as follows:
> > > > 
> > > > CPU0								CPU1
> > > > sched_tick_remote
> > > > WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3)
> > > > 
> > > > report_bug							con_write
> > > > printk
> > > > 
> > > > console_unlock
> > > > 								do_con_write
> > > > 								console_lock
> > > > 								down(&console_sem)
> > > > 								list_add_tail(&waiter.list, &sem->wait_list);
> > > > up(&console_sem)
> > > > wake_up_q(&wake_q)
> > > > try_to_wake_up
> > > > __task_rq_lock
> > > > _raw_spin_lock
> > > > 
> > > > This patch fixes the issue by deffering all printk console printing
> > > > during the lock holding period.
> > > > 
> > > > Fixes: d84b31313ef8 ("sched/isolation: Offload residual 1Hz scheduler tick")
> > > > Signed-off-by: Wang Tao <wangtao554@huawei.com>
> > > 
> > > I fundamentally hate that deferred thing and consider it a printk bug.
> > > 
> > > But really, if you trip that WARN, fix it and the problem goes away.
> > 
> > And probably it triggers a lot of false positives. An overloaded housekeeping
> > CPU can easily be off for 2 seconds. We should make it 30 seconds.
> >
> 
> It does trigger pretty easily. We've done some work to try to make better
> (spreading HK work around for example) but you can still hit it. Especially,
> if there are virtualization layers involved...
> 
> Increasing that time a bit would be great :)

Interested in sending the patch? :-)

Thanks.

> 
> Cheers,
> Phil
> 
> 
> > Thanks.
> > 
> > -- 
> > Frederic Weisbecker
> > SUSE Labs
> > 
> 
> -- 
> 

-- 
Frederic Weisbecker
SUSE Labs

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2025-09-11 15:38 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-09-11 12:42 [PATCH] sched/core: Fix potential deadlock on rq lock Wang Tao
2025-09-11 13:53 ` Peter Zijlstra
2025-09-11 15:02   ` Frederic Weisbecker
2025-09-11 15:14     ` Phil Auld
2025-09-11 15:38       ` Frederic Weisbecker

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox