v4:
- Auto select DEBUG_RWSEMS & DEBUG_WW_MUTEX_SLOWPATH if PROVE_LOCKING
- Modify patch 2 to do a restructuring of the lock debugging menu.
v3:
- Add a new patch which adds a master LOCK_DEBUGGING option to turn
on all lock debugging.
v2:
- Fix typo in up_read_non_owner().
This patchset enhances lock debugging by adding rwsem lock/unlock
mismatches checking and restructure the lock debugging menu to make it
easier to select options that are likely to be most frequently used.
Waiman Long (2):
locking/rwsem: Add DEBUG_RWSEMS to look for lock/unlock mismatches
locking/debug: Restructure the lock debugging menu
kernel/locking/rwsem.c | 4 ++
kernel/locking/rwsem.h | 8 ++-
lib/Kconfig.debug | 150 +++++++++++++++++++++++++++----------------------
3 files changed, 93 insertions(+), 69 deletions(-)
--
1.8.3.1
For a rwsem, locking can either be exclusive or shared. The corresponding
exclusive or shared unlock must be used. Otherwise, the protected data
structures may get corrupted or the lock may be in an inconsistent state.
In order to detect such anomaly, a new configuration option DEBUG_RWSEMS
is added which can be enabled to look for such mismatches and print
warnings that that happens.
Signed-off-by: Waiman Long <[email protected]>
---
kernel/locking/rwsem.c | 4 ++++
kernel/locking/rwsem.h | 8 +++++++-
lib/Kconfig.debug | 8 ++++++++
3 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/kernel/locking/rwsem.c b/kernel/locking/rwsem.c
index f549c55..30465a2 100644
--- a/kernel/locking/rwsem.c
+++ b/kernel/locking/rwsem.c
@@ -117,6 +117,7 @@ int down_write_trylock(struct rw_semaphore *sem)
void up_read(struct rw_semaphore *sem)
{
rwsem_release(&sem->dep_map, 1, _RET_IP_);
+ DEBUG_RWSEMS_WARN_ON(sem->owner != RWSEM_READER_OWNED);
__up_read(sem);
}
@@ -129,6 +130,7 @@ void up_read(struct rw_semaphore *sem)
void up_write(struct rw_semaphore *sem)
{
rwsem_release(&sem->dep_map, 1, _RET_IP_);
+ DEBUG_RWSEMS_WARN_ON(sem->owner != current);
rwsem_clear_owner(sem);
__up_write(sem);
@@ -142,6 +144,7 @@ void up_write(struct rw_semaphore *sem)
void downgrade_write(struct rw_semaphore *sem)
{
lock_downgrade(&sem->dep_map, _RET_IP_);
+ DEBUG_RWSEMS_WARN_ON(sem->owner != current);
rwsem_set_reader_owned(sem);
__downgrade_write(sem);
@@ -211,6 +214,7 @@ int __sched down_write_killable_nested(struct rw_semaphore *sem, int subclass)
void up_read_non_owner(struct rw_semaphore *sem)
{
+ DEBUG_RWSEMS_WARN_ON(sem->owner != RWSEM_READER_OWNED);
__up_read(sem);
}
diff --git a/kernel/locking/rwsem.h b/kernel/locking/rwsem.h
index a883b8f..563a7bc 100644
--- a/kernel/locking/rwsem.h
+++ b/kernel/locking/rwsem.h
@@ -16,6 +16,12 @@
*/
#define RWSEM_READER_OWNED ((struct task_struct *)1UL)
+#ifdef CONFIG_DEBUG_RWSEMS
+#define DEBUG_RWSEMS_WARN_ON(c) DEBUG_LOCKS_WARN_ON(c)
+#else
+#define DEBUG_RWSEMS_WARN_ON(c)
+#endif
+
#ifdef CONFIG_RWSEM_SPIN_ON_OWNER
/*
* All writes to owner are protected by WRITE_ONCE() to make sure that
@@ -41,7 +47,7 @@ static inline void rwsem_set_reader_owned(struct rw_semaphore *sem)
* do a write to the rwsem cacheline when it is really necessary
* to minimize cacheline contention.
*/
- if (sem->owner != RWSEM_READER_OWNED)
+ if (READ_ONCE(sem->owner) != RWSEM_READER_OWNED)
WRITE_ONCE(sem->owner, RWSEM_READER_OWNED);
}
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 64155e3..6aad28c 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1075,6 +1075,13 @@ config DEBUG_WW_MUTEX_SLOWPATH
even a debug kernel. If you are a driver writer, enable it. If
you are a distro, do not.
+config DEBUG_RWSEMS
+ bool "RW Semaphore debugging: basic checks"
+ depends on DEBUG_KERNEL && RWSEM_SPIN_ON_OWNER
+ help
+ This feature allows mismatched rw semaphore locks and unlocks
+ to be detected and reported.
+
config DEBUG_LOCK_ALLOC
bool "Lock debugging: detect incorrect freeing of live locks"
depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
@@ -1097,6 +1104,7 @@ config PROVE_LOCKING
select DEBUG_SPINLOCK
select DEBUG_MUTEXES
select DEBUG_RT_MUTEXES if RT_MUTEXES
+ select DEBUG_RWSEMS if RWSEM_SPIN_ON_OWNER
select DEBUG_LOCK_ALLOC
select TRACE_IRQFLAGS
default n
--
1.8.3.1
Two config options in the lock debugging menu that are probably the most
frequently used, as far as I am concerned, is the PROVE_LOCKING and
LOCK_STAT. From a UI perspective, they should be front and center. So
these two options are now moved to the top of the lock debugging menu.
The DEBUG_WW_MUTEX_SLOWPATH option is also added to the PROVE_LOCKING
umbrella.
Signed-off-by: Waiman Long <[email protected]>
---
lib/Kconfig.debug | 146 ++++++++++++++++++++++++++++--------------------------
1 file changed, 76 insertions(+), 70 deletions(-)
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 6aad28c..dc9ffe2 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1034,6 +1034,79 @@ config DEBUG_PREEMPT
menu "Lock Debugging (spinlocks, mutexes, etc...)"
+config LOCK_DEBUGGING_SUPPORT
+ bool
+ depends on TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
+ default y
+
+config PROVE_LOCKING
+ bool "Lock debugging: prove locking correctness"
+ depends on DEBUG_KERNEL && LOCK_DEBUGGING_SUPPORT
+ select LOCKDEP
+ select DEBUG_SPINLOCK
+ select DEBUG_MUTEXES
+ select DEBUG_RT_MUTEXES if RT_MUTEXES
+ select DEBUG_RWSEMS if RWSEM_SPIN_ON_OWNER
+ select DEBUG_WW_MUTEX_SLOWPATH
+ select DEBUG_LOCK_ALLOC
+ select TRACE_IRQFLAGS
+ default n
+ help
+ This feature enables the kernel to prove that all locking
+ that occurs in the kernel runtime is mathematically
+ correct: that under no circumstance could an arbitrary (and
+ not yet triggered) combination of observed locking
+ sequences (on an arbitrary number of CPUs, running an
+ arbitrary number of tasks and interrupt contexts) cause a
+ deadlock.
+
+ In short, this feature enables the kernel to report locking
+ related deadlocks before they actually occur.
+
+ The proof does not depend on how hard and complex a
+ deadlock scenario would be to trigger: how many
+ participant CPUs, tasks and irq-contexts would be needed
+ for it to trigger. The proof also does not depend on
+ timing: if a race and a resulting deadlock is possible
+ theoretically (no matter how unlikely the race scenario
+ is), it will be proven so and will immediately be
+ reported by the kernel (once the event is observed that
+ makes the deadlock theoretically possible).
+
+ If a deadlock is impossible (i.e. the locking rules, as
+ observed by the kernel, are mathematically correct), the
+ kernel reports nothing.
+
+ NOTE: this feature can also be enabled for rwlocks, mutexes
+ and rwsems - in which case all dependencies between these
+ different locking variants are observed and mapped too, and
+ the proof of observed correctness is also maintained for an
+ arbitrary combination of these separate locking variants.
+
+ For more details, see Documentation/locking/lockdep-design.txt.
+
+config LOCK_STAT
+ bool "Lock usage statistics"
+ depends on DEBUG_KERNEL && LOCK_DEBUGGING_SUPPORT
+ select LOCKDEP
+ select DEBUG_SPINLOCK
+ select DEBUG_MUTEXES
+ select DEBUG_RT_MUTEXES if RT_MUTEXES
+ select DEBUG_LOCK_ALLOC
+ default n
+ help
+ This feature enables tracking lock contention points
+
+ For more details, see Documentation/locking/lockstat.txt
+
+ This also enables lock events required by "perf lock",
+ subcommand of perf.
+ If you want to use "perf lock", you also need to turn on
+ CONFIG_EVENT_TRACING.
+
+ CONFIG_LOCK_STAT defines "contended" and "acquired" lock events.
+ (CONFIG_LOCKDEP defines "acquire" and "release" events.)
+
config DEBUG_RT_MUTEXES
bool "RT Mutex debugging, deadlock detection"
depends on DEBUG_KERNEL && RT_MUTEXES
@@ -1060,7 +1133,7 @@ config DEBUG_MUTEXES
config DEBUG_WW_MUTEX_SLOWPATH
bool "Wait/wound mutex debugging: Slowpath testing"
- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
+ depends on DEBUG_KERNEL && LOCK_DEBUGGING_SUPPORT
select DEBUG_LOCK_ALLOC
select DEBUG_SPINLOCK
select DEBUG_MUTEXES
@@ -1084,7 +1157,7 @@ config DEBUG_RWSEMS
config DEBUG_LOCK_ALLOC
bool "Lock debugging: detect incorrect freeing of live locks"
- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
+ depends on DEBUG_KERNEL && LOCK_DEBUGGING_SUPPORT
select DEBUG_SPINLOCK
select DEBUG_MUTEXES
select DEBUG_RT_MUTEXES if RT_MUTEXES
@@ -1097,54 +1170,9 @@ config DEBUG_LOCK_ALLOC
spin_lock_init()/mutex_init()/etc., or whether there is any lock
held during task exit.
-config PROVE_LOCKING
- bool "Lock debugging: prove locking correctness"
- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
- select LOCKDEP
- select DEBUG_SPINLOCK
- select DEBUG_MUTEXES
- select DEBUG_RT_MUTEXES if RT_MUTEXES
- select DEBUG_RWSEMS if RWSEM_SPIN_ON_OWNER
- select DEBUG_LOCK_ALLOC
- select TRACE_IRQFLAGS
- default n
- help
- This feature enables the kernel to prove that all locking
- that occurs in the kernel runtime is mathematically
- correct: that under no circumstance could an arbitrary (and
- not yet triggered) combination of observed locking
- sequences (on an arbitrary number of CPUs, running an
- arbitrary number of tasks and interrupt contexts) cause a
- deadlock.
-
- In short, this feature enables the kernel to report locking
- related deadlocks before they actually occur.
-
- The proof does not depend on how hard and complex a
- deadlock scenario would be to trigger: how many
- participant CPUs, tasks and irq-contexts would be needed
- for it to trigger. The proof also does not depend on
- timing: if a race and a resulting deadlock is possible
- theoretically (no matter how unlikely the race scenario
- is), it will be proven so and will immediately be
- reported by the kernel (once the event is observed that
- makes the deadlock theoretically possible).
-
- If a deadlock is impossible (i.e. the locking rules, as
- observed by the kernel, are mathematically correct), the
- kernel reports nothing.
-
- NOTE: this feature can also be enabled for rwlocks, mutexes
- and rwsems - in which case all dependencies between these
- different locking variants are observed and mapped too, and
- the proof of observed correctness is also maintained for an
- arbitrary combination of these separate locking variants.
-
- For more details, see Documentation/locking/lockdep-design.txt.
-
config LOCKDEP
bool
- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
+ depends on DEBUG_KERNEL && LOCK_DEBUGGING_SUPPORT
select STACKTRACE
select FRAME_POINTER if !MIPS && !PPC && !ARM_UNWIND && !S390 && !MICROBLAZE && !ARC && !SCORE && !X86
select KALLSYMS
@@ -1153,28 +1181,6 @@ config LOCKDEP
config LOCKDEP_SMALL
bool
-config LOCK_STAT
- bool "Lock usage statistics"
- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
- select LOCKDEP
- select DEBUG_SPINLOCK
- select DEBUG_MUTEXES
- select DEBUG_RT_MUTEXES if RT_MUTEXES
- select DEBUG_LOCK_ALLOC
- default n
- help
- This feature enables tracking lock contention points
-
- For more details, see Documentation/locking/lockstat.txt
-
- This also enables lock events required by "perf lock",
- subcommand of perf.
- If you want to use "perf lock", you also need to turn on
- CONFIG_EVENT_TRACING.
-
- CONFIG_LOCK_STAT defines "contended" and "acquired" lock events.
- (CONFIG_LOCKDEP defines "acquire" and "release" events.)
-
config DEBUG_LOCKDEP
bool "Lock dependency engine debugging"
depends on DEBUG_KERNEL && LOCKDEP
--
1.8.3.1
On Wed, 28 Mar 2018, Waiman Long wrote:
>+config DEBUG_RWSEMS
>+ bool "RW Semaphore debugging: basic checks"
>+ depends on DEBUG_KERNEL && RWSEM_SPIN_ON_OWNER
Why depend on RWSEM_SPIN_ON_OWNER? Doesn't everyone benefit from this?
For example, DEBUG_MUTEXES does not need it.
Thanks,
Davidlohr
On Wed, 28 Mar 2018, Waiman Long wrote:
>Two config options in the lock debugging menu that are probably the most
>frequently used, as far as I am concerned, is the PROVE_LOCKING and
>LOCK_STAT. From a UI perspective, they should be front and center. So
>these two options are now moved to the top of the lock debugging menu.
>
>The DEBUG_WW_MUTEX_SLOWPATH option is also added to the PROVE_LOCKING
>umbrella.
>
>Signed-off-by: Waiman Long <[email protected]>
Acked-by: Davidlohr Bueso <[email protected]>
On 03/28/2018 09:32 PM, Davidlohr Bueso wrote:
> On Wed, 28 Mar 2018, Waiman Long wrote:
>
>> +config DEBUG_RWSEMS
>> + bool "RW Semaphore debugging: basic checks"
>> + depends on DEBUG_KERNEL && RWSEM_SPIN_ON_OWNER
>
> Why depend on RWSEM_SPIN_ON_OWNER? Doesn't everyone benefit from this?
> For example, DEBUG_MUTEXES does not need it.
>
> Thanks,
> Davidlohr
Because it checks the owner field which is present only if
RWSEM_SPIN_ON_OWNER is defined. Mutex is different in the sense that the
owner field is always there no matter if MUTEX_SPIN_ON_OWNER is set or not.
Cheers,
Longman
On Thu, 29 Mar 2018, Waiman Long wrote:
>Because it checks the owner field which is present only if
>RWSEM_SPIN_ON_OWNER is defined. Mutex is different in the sense that the
>owner field is always there no matter if MUTEX_SPIN_ON_OWNER is set or not.
Ah right; that's after Peter's mutex rewrite iirc. No objections from me.
Acked-by: Davidlohr Bueso <[email protected]>
On 03/29/2018 11:01 AM, Davidlohr Bueso wrote:
> On Thu, 29 Mar 2018, Waiman Long wrote:
>
>> Because it checks the owner field which is present only if
>> RWSEM_SPIN_ON_OWNER is defined. Mutex is different in the sense that the
>> owner field is always there no matter if MUTEX_SPIN_ON_OWNER is set
>> or not.
>
> Ah right; that's after Peter's mutex rewrite iirc. No objections from me.
>
> Acked-by: Davidlohr Bueso <[email protected]>
In reality, I think RWSEM_SPIN_ON_OWNER is almost always set if the xadd
version of rwsem is used. So we may do some cleanup here if necessary.
-Longman
* Waiman Long <[email protected]> wrote:
> Two config options in the lock debugging menu that are probably the most
> frequently used, as far as I am concerned, is the PROVE_LOCKING and
> LOCK_STAT. From a UI perspective, they should be front and center. So
> these two options are now moved to the top of the lock debugging menu.
>
> The DEBUG_WW_MUTEX_SLOWPATH option is also added to the PROVE_LOCKING
> umbrella.
>
> Signed-off-by: Waiman Long <[email protected]>
> ---
> lib/Kconfig.debug | 146 ++++++++++++++++++++++++++++--------------------------
> 1 file changed, 76 insertions(+), 70 deletions(-)
>
> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> index 6aad28c..dc9ffe2 100644
> --- a/lib/Kconfig.debug
> +++ b/lib/Kconfig.debug
> @@ -1034,6 +1034,79 @@ config DEBUG_PREEMPT
>
> menu "Lock Debugging (spinlocks, mutexes, etc...)"
>
> +config LOCK_DEBUGGING_SUPPORT
> + bool
> + depends on TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
> + default y
Ok, this patch is a nice reorganization - but could we please split this into two
patches, the first one adds the LOCK_DEBUGGING_SUPPORT helper, the other does the
reordering of the entries (without changing anything in the entries)?
It's hard to review when the two steps are mixed up.
Thanks,
Ingo