All of lore.kernel.org
 help / color / mirror / Atom feed
From: Peter Zijlstra <peterz@infradead.org>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: Ingo Molnar <mingo@kernel.org>,
	"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
	linux-kernel@vger.kernel.org, mcgrof@kernel.org,
	Linus Torvalds <torvalds@linux-foundation.org>,
	syzkaller-bugs@googlegroups.com,
	syzbot <syzbot+6cd18e123583550cf469@syzkaller.appspotmail.com>,
	Hillf Danton <hdanton@sina.com>
Subject: Re: [syzbot] WARNING: locking bug in umh_complete
Date: Fri, 3 Feb 2023 13:30:01 +0100	[thread overview]
Message-ID: <Y9z+SerR8mlZYo16@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <Y9z76ZLe4On96xIN@hirez.programming.kicks-ass.net>

On Fri, Feb 03, 2023 at 01:19:53PM +0100, Peter Zijlstra wrote:
> On Fri, Feb 03, 2023 at 07:48:35PM +0900, Tetsuo Handa wrote:
> > On 2023/02/03 19:22, Tetsuo Handa wrote:
> > > Yes, this bug is caused by commit f5d39b020809 ("freezer,sched: Rewrite core freezer
> > > logic"), for that commit for unknown reason omits wait_for_completion(&done) call
> > > when wait_for_completion_state(&done, state) returned -ERESTARTSYS.
> > > 
> > > Peter, is it safe to restore wait_for_completion(&done) call?
> > > 
> > 
> > Something like this?
> > 
> > diff --git a/kernel/umh.c b/kernel/umh.c
> > index 850631518665..97230edb1849 100644
> > --- a/kernel/umh.c
> > +++ b/kernel/umh.c
> > @@ -441,8 +441,8 @@ int call_usermodehelper_exec(struct subprocess_info *sub_info, int wait)
> >  	if (wait & UMH_KILLABLE)
> >  		state |= TASK_KILLABLE;
> >  
> > -	if (wait & UMH_FREEZABLE)
> > -		state |= TASK_FREEZABLE;
> > +	//if (wait & UMH_FREEZABLE)
> > +	//	state |= TASK_FREEZABLE;
> >  
> >  	retval = wait_for_completion_state(&done, state);
> >  	if (!retval)
> > @@ -452,7 +452,9 @@ int call_usermodehelper_exec(struct subprocess_info *sub_info, int wait)
> >  		/* umh_complete() will see NULL and free sub_info */
> >  		if (xchg(&sub_info->complete, NULL))
> >  			goto unlock;
> > +		/* fallthrough, umh_complete() was already called */
> >  	}
> > +	wait_for_completion(&done);
> >  
> >  wait_done:
> >  	retval = sub_info->retval;
> > 
> > How does TASK_FREEZABLE affect here?
> 
> It marks those waits that are safe to convert to a frozen state.
> 
> > Since call_usermodehelper_exec() is a function for starting and
> > waiting for termination of a userspace process (which is subjected to
> > freezing), the caller of call_usermodehelper_exec() can't wait for the
> > termination of that userspace process if that process was frozen, and
> > wait_for_completion()
> > blocks forever?
> 
> It'll probably make the freeze fail and abort the suspend. We first
> freezer userspace (including the helper), then we try and freeze all the
> kernel threads. If we can't, we error out and abort -- waking everything
> back up.
> 
> But now I realize what I missed before, wait_for_completion() it not
> interruptible.
> 
> I think the right fix is to:
> 
> 	state &= ~TASK_KILLABLE;

	state &= ~__TASK_WAKEKILL;

we don't want to mask out UNINTERUPTIBLE, that would be bad.

> 	wait_for_completion_state(&done, state);
> 
> Also, put in a comment..

  reply	other threads:[~2023-02-03 12:30 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20230127014137.4906-1-hdanton@sina.com>
2023-02-03 10:22 ` [syzbot] WARNING: locking bug in umh_complete Tetsuo Handa
2023-02-03 10:48   ` Tetsuo Handa
2023-02-03 12:19     ` Peter Zijlstra
2023-02-03 12:30       ` Peter Zijlstra [this message]
2023-02-03 12:59         ` Tetsuo Handa
2023-02-03 14:31           ` Peter Zijlstra
2023-02-04  0:48             ` Tetsuo Handa
2023-02-06 15:51               ` Luis Chamberlain
2023-02-13 15:14                 ` Peter Zijlstra
2023-02-13 15:27                 ` Peter Zijlstra
2023-02-14  2:31                   ` Schspa Shi
2023-02-21 21:54                     ` Luis Chamberlain
2023-02-22  9:34                     ` Peter Zijlstra
2023-02-27  7:57                       ` Schspa Shi
2023-02-13 15:34               ` Peter Zijlstra
2023-02-14 11:16                 ` Tetsuo Handa
2023-02-15 10:33             ` [tip: sched/urgent] freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL tip-bot2 for Peter Zijlstra
2023-02-03 12:00   ` [syzbot] WARNING: locking bug in umh_complete Peter Zijlstra
2023-01-26 22:27 syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y9z+SerR8mlZYo16@hirez.programming.kicks-ass.net \
    --to=peterz@infradead.org \
    --cc=hdanton@sina.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mcgrof@kernel.org \
    --cc=mingo@kernel.org \
    --cc=penguin-kernel@i-love.sakura.ne.jp \
    --cc=rafael.j.wysocki@intel.com \
    --cc=syzbot+6cd18e123583550cf469@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.