* [cgroups] suspicious rcu_dereference_check() usage!
@ 2017-02-20 10:15 Mike Galbraith
2017-03-01 17:44 ` Tejun Heo
0 siblings, 1 reply; 5+ messages in thread
From: Mike Galbraith @ 2017-02-20 10:15 UTC (permalink / raw)
To: Tejun Heo; +Cc: LKML
Running LTP on master.today (v4.10) with a seriously bloated PREEMPT
config inspired box to emit the below.
[ 7160.458996] ===============================
[ 7160.463195] [ INFO: suspicious RCU usage. ]
[ 7160.467387] 4.10.0-default #100 Tainted: G E
[ 7160.472808] -------------------------------
[ 7160.476999] ./include/linux/cgroup.h:435 suspicious rcu_dereference_check() usage!
[ 7160.484576]
[ 7160.484576] other info that might help us debug this:
[ 7160.484576]
[ 7160.492577]
[ 7160.492577] rcu_scheduler_active = 2, debug_locks = 1
[ 7160.499113] 1 lock held by pids_task1/19308:
[ 7160.503390] #0: (&cgroup_threadgroup_rwsem){+++++.}, at: [<ffffffff81095b60>] _do_fork+0xf0/0x710
[ 7160.512450]
[ 7160.512450] stack backtrace:
[ 7160.516810] CPU: 5 PID: 19308 Comm: pids_task1 Tainted: G E 4.10.0-default #100
[ 7160.525239] Hardware name: IBM System x3550 M3 -[7944K3G]-/69Y5698 , BIOS -[D6E150AUS-1.10]- 12/15/2010
[ 7160.534965] Call Trace:
[ 7160.537414] dump_stack+0x85/0xc9
[ 7160.540732] lockdep_rcu_suspicious+0xd5/0x110
[ 7160.545177] task_css.constprop.7+0x88/0x90
[ 7160.549357] pids_can_fork+0x132/0x160
[ 7160.553106] cgroup_can_fork+0x63/0xc0
[ 7160.556855] copy_process.part.30+0x17ef/0x21b0
[ 7160.561382] ? _do_fork+0xf0/0x710
[ 7160.564786] ? free_pages_and_swap_cache+0x9e/0xc0
[ 7160.569575] _do_fork+0xf0/0x710
[ 7160.572806] ? __this_cpu_preempt_check+0x13/0x20
[ 7160.577505] ? __percpu_counter_add+0x86/0xb0
[ 7160.581860] ? entry_SYSCALL_64_fastpath+0x5/0xc2
[ 7160.586562] ? do_syscall_64+0x2d/0x200
[ 7160.590395] SyS_clone+0x19/0x20
[ 7160.593623] do_syscall_64+0x6c/0x200
[ 7160.597283] entry_SYSCALL64_slow_path+0x25/0x25
[ 7160.601899] RIP: 0033:0x7fdaa3b881c4
[ 7160.605473] RSP: 002b:00007ffd21635d50 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 7160.613036] RAX: ffffffffffffffda RBX: 0000000000004b6c RCX: 00007fdaa3b881c4
[ 7160.620162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 7160.627288] RBP: 00007ffd21635d90 R08: 0000000000000000 R09: 00007fdaa4052700
[ 7160.634414] R10: 00007fdaa40529d0 R11: 0000000000000246 R12: 00007ffd21635d50
[ 7160.641539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [cgroups] suspicious rcu_dereference_check() usage!
2017-02-20 10:15 [cgroups] suspicious rcu_dereference_check() usage! Mike Galbraith
@ 2017-03-01 17:44 ` Tejun Heo
2017-03-01 17:57 ` Mike Galbraith
0 siblings, 1 reply; 5+ messages in thread
From: Tejun Heo @ 2017-03-01 17:44 UTC (permalink / raw)
To: Mike Galbraith; +Cc: LKML
Hello, Mike.
Sorry about the delay. Was on vacation and then had a strep throat.
On Mon, Feb 20, 2017 at 11:15:23AM +0100, Mike Galbraith wrote:
> Running LTP on master.today (v4.10) with a seriously bloated PREEMPT
> config inspired box to emit the below.
>
> [ 7160.458996] ===============================
> [ 7160.463195] [ INFO: suspicious RCU usage. ]
> [ 7160.467387] 4.10.0-default #100 Tainted: G E
> [ 7160.472808] -------------------------------
> [ 7160.476999] ./include/linux/cgroup.h:435 suspicious rcu_dereference_check() usage!
> [ 7160.484576]
> [ 7160.484576] other info that might help us debug this:
> [ 7160.484576]
> [ 7160.492577]
> [ 7160.492577] rcu_scheduler_active = 2, debug_locks = 1
> [ 7160.499113] 1 lock held by pids_task1/19308:
> [ 7160.503390] #0: (&cgroup_threadgroup_rwsem){+++++.}, at: [<ffffffff81095b60>] _do_fork+0xf0/0x710
> [ 7160.512450]
> [ 7160.512450] stack backtrace:
> [ 7160.516810] CPU: 5 PID: 19308 Comm: pids_task1 Tainted: G E 4.10.0-default #100
> [ 7160.525239] Hardware name: IBM System x3550 M3 -[7944K3G]-/69Y5698 , BIOS -[D6E150AUS-1.10]- 12/15/2010
> [ 7160.534965] Call Trace:
> [ 7160.537414] dump_stack+0x85/0xc9
> [ 7160.540732] lockdep_rcu_suspicious+0xd5/0x110
> [ 7160.545177] task_css.constprop.7+0x88/0x90
> [ 7160.549357] pids_can_fork+0x132/0x160
> [ 7160.553106] cgroup_can_fork+0x63/0xc0
That gotta be a spurious one coming from the incorrect
!CONFIG_PROVE_RCU definition of the task_css_set_check() macro.
Something like the following should fix it.
If you still have the .config around, can you please attach it? I'll
verify the fix and send out the fix.
Thanks.
diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h
index f6b43fb..870ea9a 100644
--- a/include/linux/cgroup.h
+++ b/include/linux/cgroup.h
@@ -396,7 +396,7 @@ extern spinlock_t css_set_lock;
((task)->flags & PF_EXITING) || (__c))
#else
#define task_css_set_check(task, __c) \
- rcu_dereference((task)->cgroups)
+ rcu_dereference_check((task)->cgroups, (__c))
#endif
/**
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [cgroups] suspicious rcu_dereference_check() usage!
2017-03-01 17:44 ` Tejun Heo
@ 2017-03-01 17:57 ` Mike Galbraith
2017-03-01 20:39 ` [PATCH cgroup/for-4.10-fixes] cgroup/pids: remove spurious suspicious RCU usage warning Tejun Heo
0 siblings, 1 reply; 5+ messages in thread
From: Mike Galbraith @ 2017-03-01 17:57 UTC (permalink / raw)
To: Tejun Heo; +Cc: LKML
[-- Attachment #1: Type: text/plain, Size: 207 bytes --]
On Wed, 2017-03-01 at 12:44 -0500, Tejun Heo wrote:
> If you still have the .config around, can you please attach it? I'll
> verify the fix and send out the fix.
Resurrected (master) and attached.
-Mike
[-- Attachment #2: config.xz --]
[-- Type: application/x-xz, Size: 37700 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH cgroup/for-4.10-fixes] cgroup/pids: remove spurious suspicious RCU usage warning
2017-03-01 17:57 ` Mike Galbraith
@ 2017-03-01 20:39 ` Tejun Heo
2017-03-06 20:12 ` Tejun Heo
0 siblings, 1 reply; 5+ messages in thread
From: Tejun Heo @ 2017-03-01 20:39 UTC (permalink / raw)
To: cgroups; +Cc: LKML, Mike Galbraith, kernel-team
pids_can_fork() is special in that the css association is guaranteed
to be stable throughout the function and thus doesn't need RCU
protection around task_css access. When determining the css to charge
the pid, task_css_check() is used to override the RCU sanity check.
While adding a warning message on fork rejection from pids limit,
135b8b37bd91 ("cgroup: Add pids controller event when fork fails
because of pid limit") incorrectly added a task_css access which is
neither RCU protected or explicitly annotated. This triggers the
following suspicious RCU usage warning when RCU debugging is enabled.
cgroup: fork rejected by pids controller in
===============================
[ ERR: suspicious RCU usage. ]
4.10.0-work+ #1 Not tainted
-------------------------------
./include/linux/cgroup.h:435 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 0
1 lock held by bash/1748:
#0: (&cgroup_threadgroup_rwsem){+++++.}, at: [<ffffffff81052c96>] _do_fork+0xe6/0x6e0
stack backtrace:
CPU: 3 PID: 1748 Comm: bash Not tainted 4.10.0-work+ #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.fc25 04/01/2014
Call Trace:
dump_stack+0x68/0x93
lockdep_rcu_suspicious+0xd7/0x110
pids_can_fork+0x1c7/0x1d0
cgroup_can_fork+0x67/0xc0
copy_process.part.58+0x1709/0x1e90
_do_fork+0xe6/0x6e0
SyS_clone+0x19/0x20
do_syscall_64+0x5c/0x140
entry_SYSCALL64_slow_path+0x25/0x25
RIP: 0033:0x7f7853fab93a
RSP: 002b:00007ffc12d05c90 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7853fab93a
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 00007ffc12d05cc0 R08: 0000000000000000 R09: 00007f78548db700
R10: 00007f78548db9d0 R11: 0000000000000246 R12: 00000000000006d4
R13: 0000000000000001 R14: 0000000000000000 R15: 000055e3ebe2c04d
/asdf
There's no reason to dereference task_css again here when the
associated css is already available. Fix it by replacing the
task_cgroup() call with css->cgroup.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Mike Galbraith <efault@gmx.de>
Fixes: 135b8b37bd91 ("cgroup: Add pids controller event when fork fails because of pid limit")
Cc: Kenny Yu <kennyyu@fb.com>
Cc: stable@vger.kernel.org # v4.8+
---
kernel/cgroup/pids.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/cgroup/pids.c b/kernel/cgroup/pids.c
index 2bd6737..a57242e 100644
--- a/kernel/cgroup/pids.c
+++ b/kernel/cgroup/pids.c
@@ -229,7 +229,7 @@ static int pids_can_fork(struct task_struct *task)
/* Only log the first time events_limit is incremented. */
if (atomic64_inc_return(&pids->events_limit) == 1) {
pr_info("cgroup: fork rejected by pids controller in ");
- pr_cont_cgroup_path(task_cgroup(current, pids_cgrp_id));
+ pr_cont_cgroup_path(css->cgroup);
pr_cont("\n");
}
cgroup_file_notify(&pids->events_file);
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH cgroup/for-4.10-fixes] cgroup/pids: remove spurious suspicious RCU usage warning
2017-03-01 20:39 ` [PATCH cgroup/for-4.10-fixes] cgroup/pids: remove spurious suspicious RCU usage warning Tejun Heo
@ 2017-03-06 20:12 ` Tejun Heo
0 siblings, 0 replies; 5+ messages in thread
From: Tejun Heo @ 2017-03-06 20:12 UTC (permalink / raw)
To: cgroups; +Cc: LKML, Mike Galbraith, kernel-team
On Wed, Mar 01, 2017 at 03:39:07PM -0500, Tejun Heo wrote:
> pids_can_fork() is special in that the css association is guaranteed
> to be stable throughout the function and thus doesn't need RCU
> protection around task_css access. When determining the css to charge
> the pid, task_css_check() is used to override the RCU sanity check.
>
> While adding a warning message on fork rejection from pids limit,
> 135b8b37bd91 ("cgroup: Add pids controller event when fork fails
> because of pid limit") incorrectly added a task_css access which is
> neither RCU protected or explicitly annotated. This triggers the
> following suspicious RCU usage warning when RCU debugging is enabled.
Applied to cgroup/for-4.11-fixes.
--
tejun
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-03-06 20:12 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-02-20 10:15 [cgroups] suspicious rcu_dereference_check() usage! Mike Galbraith
2017-03-01 17:44 ` Tejun Heo
2017-03-01 17:57 ` Mike Galbraith
2017-03-01 20:39 ` [PATCH cgroup/for-4.10-fixes] cgroup/pids: remove spurious suspicious RCU usage warning Tejun Heo
2017-03-06 20:12 ` Tejun Heo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).