Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp157434imu; Thu, 3 Jan 2019 16:24:38 -0800 (PST) X-Google-Smtp-Source: ALg8bN4a+ds1MpClXZBZs92uYl88PUk1wtVB7sJP53wmHgGXyISzGAY0XRhZfrNDUrAPwBcTCJbn X-Received: by 2002:a63:3602:: with SMTP id d2mr18518730pga.404.1546561478406; Thu, 03 Jan 2019 16:24:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546561478; cv=none; d=google.com; s=arc-20160816; b=LsF5UpzXpCcQYyvhDyZlXqj78DdwShVNfznHMFK5Da1z7FVuK81E7b+BGbew8lRizC WUl7FTxXVo95YLnpI1nU6hUuO8upcJJt5G+l4IF8JtYb/6tfu3QcXgBB+/jteaIo34tf sl1azED93AilooNDLfjM3gr7YFeWuJ4eHg7uTWoJu7opBOkmkF+iyO3XW9xuDSXDWedd y2Rr9dg+uuaJxm2ssOIwojKJVuQ6ysWU5rxDpGvALrcwrBckGFK3/4OMR6edD4qW5+N5 m84Wh9Xv6eV2IF6GXhT4nAalIjojKYCO9Bos+i3uJ/PP/G4DodHXTL4GDSF5qRRaqKb0 P9KQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=aFI0giJYbhNPFznjR5oQTctli4EP+mqQQk/jyhXI+1I=; b=v3l3COKU24kEbEJEcJqvQ/ezuY63sQdkOvI6Twv9orUfjd8py9oOFtpWChEoQJM240 mTCVp+oWBYovV/U7gdM6RX/eGcwozZ+/rpA0uQX8hL70wEZ3AbMmyU8psj7PfYlcO36t 5wplfAjnjLlEfDOliWHaMLkVgJCmBpo4ifk+RCMPBSbccmJXd7OlYSt3wEQBlrD0tAID RntVYH+rVPtcBFY7+4ASbe4cstejcA/8idbIOiuIuDzLlOHZNCcz0slQEh5txAkcny0l UoKRQ52N1UGsYo9WVRh1Hwk8XDHYkAPWGkIEW5nS6JswXLxOixL6dB4RieigS1UPhoaW xlMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lca.pw header.s=google header.b=MktrgIXy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p23si2134814plo.7.2019.01.03.16.24.07; Thu, 03 Jan 2019 16:24:38 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@lca.pw header.s=google header.b=MktrgIXy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727436AbfACTkj (ORCPT + 99 others); Thu, 3 Jan 2019 14:40:39 -0500 Received: from mail-qt1-f195.google.com ([209.85.160.195]:40527 "EHLO mail-qt1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727032AbfACTkj (ORCPT ); Thu, 3 Jan 2019 14:40:39 -0500 Received: by mail-qt1-f195.google.com with SMTP id k12so38117196qtf.7 for ; Thu, 03 Jan 2019 11:40:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lca.pw; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=aFI0giJYbhNPFznjR5oQTctli4EP+mqQQk/jyhXI+1I=; b=MktrgIXyWDg/eGQT1DInn+Xjxd6FA7VWIGgIy3veEfIq3U5CheVtOiMwBzrHHI9i0p AdRtio7DqVYJLe2tOv6CAxUqUyXykmjWc5w8cGe+z/rgTi/3N33tnyMq9DkxHvlID9F1 dG2LKcMyWMAsi61bmgsZ1tfX01Grq6/RiZwxQVjZqcSzwF4C5h2O70bjdfQNUJUpHcuJ iNdOLGhIBv0AGwJMcldsp8VGjPoTIUadCzXvMDGwkQfPsZuNugeT8ZLoITKkE4xZalfG vXTYHtpZH3Ku8N8THOQiybDcjzNK8tYrakM/x75E8Nh4ts0H3VezwebuxYlA3b6QWGyd T1Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=aFI0giJYbhNPFznjR5oQTctli4EP+mqQQk/jyhXI+1I=; b=ErqdwshXIXCyZ7YCdrvxc+SpnoluCo0cBQKt/FiylPbbTE88ypgwzFfQqr5EJgWsLp zBYJ3ZSpsdYBsgUvcAJyvH7F/YQ1LWRGQBg0ZYheP+/h2ml+vBLqDsj+1gO0TdsfGEzd ibLaC+32O/R4W3q47xlHlkC61DY0BVe/jyCSDEaDVcL6ZCRjgdJx/nPdB7h/6UioM6ZV xEVFITaIQTcoWYhEovIYQWLseiMOVdFia3x2pPT2bK5wU04Zdrr4z3VyzWbjO0oem7Le qiE3Xg+gtp+29z/SwCZn0ZtfmdmZ4tU3s3kyqK7Rx+vQeWPWLkP2euCw+TLBRP9fsG3i YlIQ== X-Gm-Message-State: AJcUukc2274grauZKvpVc7AuDxShAI/SHA18LLWFRxrf6ZKYwV+KcvNv PXuxr42KvSWNNVrT19eszwU1RQ== X-Received: by 2002:ac8:6151:: with SMTP id d17mr46702472qtm.194.1546544437694; Thu, 03 Jan 2019 11:40:37 -0800 (PST) Received: from ovpn-120-55.rdu2.redhat.com (pool-71-184-117-43.bstnma.fios.verizon.net. [71.184.117.43]) by smtp.gmail.com with ESMTPSA id n68sm25417957qte.66.2019.01.03.11.40.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Jan 2019 11:40:37 -0800 (PST) Subject: Re: possible deadlock in __wake_up_common_lock To: Mel Gorman , Dmitry Vyukov Cc: Vlastimil Babka , syzbot , Andrea Arcangeli , Andrew Morton , "Kirill A. Shutemov" , LKML , Linux-MM , linux@dominikbrodowski.net, Michal Hocko , David Rientjes , syzkaller-bugs , xieyisheng1@huawei.com, zhong jiang , Peter Zijlstra , Ingo Molnar References: <000000000000f67ca2057e75bec3@google.com> <1194004c-f176-6253-a5fd-682472dccacc@suse.cz> <20190102180611.GE31517@techsingularity.net> <20190103163750.GH31517@techsingularity.net> From: Qian Cai Message-ID: Date: Thu, 3 Jan 2019 14:40:35 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.3 MIME-Version: 1.0 In-Reply-To: <20190103163750.GH31517@techsingularity.net> Content-Type: text/plain; charset=iso-8859-15 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/3/19 11:37 AM, Mel Gorman wrote: > On Wed, Jan 02, 2019 at 07:29:43PM +0100, Dmitry Vyukov wrote: >>>> This wakeup_kswapd is new due to Mel's 1c30844d2dfe ("mm: reclaim small >>>> amounts of memory when an external fragmentation event occurs") so CC Mel. >>>> >>> >>> New year new bugs :( >> >> Old too :( >> https://syzkaller.appspot.com/#upstream-open >> > > Well, that can ruin a day! Lets see can we knock one off the list. > >>> While I recognise there is no test case available, how often does this >>> trigger in syzbot as it would be nice to have some confirmation any >>> patch is really fixing the problem. >> >> This info is always available over the "dashboard link" in the report: >> https://syzkaller.appspot.com/bug?extid=93d94a001cfbce9e60e1 >> > > Noted for future reference. > >> In this case it's 1. I don't know why. Lock inversions are easier to >> trigger in some sense as information accumulates globally. Maybe one >> of these stacks is hard to trigger, or maybe all these stacks are >> rarely triggered on one machine. While the info accumulates globally, >> non of the machines are actually run for any prolonged time: they all >> crash right away on hundreds of known bugs. >> >> So good that Qian can reproduce this. > > I think this might simply be hard to reproduce. I tried for hours on two > separate machines and failed. Nevertheless this should still fix it and > hopefully syzbot picks this up automaticlly when cc'd. If I hear > nothing, I'll send the patch unconditionally (and cc syzbot). Hopefully > Qian can give it a whirl too. > > Thanks > > --8<-- > mm, page_alloc: Do not wake kswapd with zone lock held > > syzbot reported the following and it was confirmed by Qian Cai that a > similar bug was visible from a different context. > > ====================================================== > WARNING: possible circular locking dependency detected > 4.20.0+ #297 Not tainted > ------------------------------------------------------ > syz-executor0/8529 is trying to acquire lock: > 000000005e7fb829 (&pgdat->kswapd_wait){....}, at: > __wake_up_common_lock+0x19e/0x330 kernel/sched/wait.c:120 > > but task is already holding lock: > 000000009bb7bae0 (&(&zone->lock)->rlock){-.-.}, at: spin_lock > include/linux/spinlock.h:329 [inline] > 000000009bb7bae0 (&(&zone->lock)->rlock){-.-.}, at: rmqueue_bulk > mm/page_alloc.c:2548 [inline] > 000000009bb7bae0 (&(&zone->lock)->rlock){-.-.}, at: __rmqueue_pcplist > mm/page_alloc.c:3021 [inline] > 000000009bb7bae0 (&(&zone->lock)->rlock){-.-.}, at: rmqueue_pcplist > mm/page_alloc.c:3050 [inline] > 000000009bb7bae0 (&(&zone->lock)->rlock){-.-.}, at: rmqueue > mm/page_alloc.c:3072 [inline] > 000000009bb7bae0 (&(&zone->lock)->rlock){-.-.}, at: > get_page_from_freelist+0x1bae/0x52a0 mm/page_alloc.c:3491 > > It appears to be a false positive in that the only way the lock > ordering should be inverted is if kswapd is waking itself and the > wakeup allocates debugging objects which should already be allocated > if it's kswapd doing the waking. Nevertheless, the possibility exists > and so it's best to avoid the problem. > > This patch flags a zone as needing a kswapd using the, surprisingly, > unused zone flag field. The flag is read without the lock held to > do the wakeup. It's possible that the flag setting context is not > the same as the flag clearing context or for small races to occur. > However, each race possibility is harmless and there is no visible > degredation in fragmentation treatment. > > While zone->flag could have continued to be unused, there is potential > for moving some existing fields into the flags field instead. Particularly > read-mostly ones like zone->initialized and zone->contiguous. > > Signed-off-by: Mel Gorman Tested-by: Qian Cai