[RFC] Cross-release versus a new tool

[RFC] Cross-release versus a new tool

[Byungchul Park]

Hi folks,

Lockdep is a great tool for detecting deadlock possibility, which was
designed for detecting wrong usage of locking API esp. typical lock e.g.
spinlock and mutex. However, when it comes to read lock or any other
mechanisms than typical lock, Lockdep code has been getting tweaked and
complicated to cover all of them. It'd be getting worse over time.

First of all, we should understand what a deadlock detection tool should
do. Fundamentally, a deadlock is caused by "WAITER(S) ON ITS EVENT(S)
THAT WILL NEVER HAPPEN" so the tool should focus on waiters and events.
Otherwise, complexifying it just makes things worse.

(NOTE: I hope you guys distinguish between dependency checking feature
and any other supports for lock usage. I'm gonna talk about the aspect
of dependency checking feature only in this posting. The support for
correctness check of lock usage should still be there as is.)

We can detect a deadlock by tracking waiters and its events. A deadlock
detection tool should focus on waiters and events and its contexts, not
specific cases like the order of acquisitions that Lockdep does, where
waiters and its events *implicitly* exist there anyway. This way, the
tool can be simple and straightforward, and able to cover all cases.

I understand all Linux kernel features should be mature enough. I think
Lockdep is fairly so, thanks to the folks for many years. I partially
agree with the opinion that Lockdep should be kept and new feautures for
a better work should be stacked onto Lockdep if needed. However, it's
a shame that the base that Lockdep was built on is not that nice.

The requirement we expect the tool should meet is, I think:

   R1. It should detect a deadlock caused by typical type of lock e.g.
       spin lock and mutex lock.

       We acquire a lock before accessing a shared resource and release
       the lock after using it, say, both the acquisition and release
       happen at the *same context*. Using the fact so just tracking the
       order of lock acquisitions, we can detect a deadlock.

   R2. It should detect a deadlock caused by other than typical type of
       lock e.g. read lock.

       Read lock works in a different way from typical one because it
       was introduced to avoid *wait* on contention between read locks.
       Furthermore, they behave differently depending on if it's
       recursive one or not. It's not easy to detect a deadlock with
       focusing on the order unless focusing on the interesting waiters
       and its events. Otherwise, the tool should be tweaked and getting
       complicated to cover them, which is how Lockdep does :(

   R3. It should detect a deadlock caused by any waiter e.g. page lock
       and wait_for_completion.

       Not only locks but also any waits can cause a deadlock. However,
       Lockdep doesn't work for the cases because it wasn't designed
       fot that. Instead, these cases have been covered by manually
       adding Lockdep annotations like acquire/release, in case by case
       manner when found the needs. It'd better be done automatically or
       with simpler annotations, for example, wait/event annotation
       instead of acquire/release.

   R4. Sychronization objects e.g. lock and wait_for_completion need to
       be classified correctly as a prerequisite, minimizing the number
       of false positives.

       A deadlock detection tool does not track all individual objects.
       Instead, it works with *class* classified based on its code path
       basically. Unfortunately, because not all the classification is
       perfect, false alarms may raise. To avoid it, some classes that
       were assigned automatically but incorrectly, have been reset by
       the developers manually for many years.

   R5. It should not overwhelm the kernel message with meaningless
       reports. But it should still report meaningful ones.

       Even though one problematic usage in terms of dependency can
       cause more than one scenario leading deadlock, it would be
       meaningless to report all of them because some may rather get in
       the way when picking meaningful ones for analysis. However,
       meaningful ones are still worth being reported.

   R6. It should be mature and stable enough to handle subtle issues
       properly.

       There are a lot of subtle issues in Linux kernel. The more
       primitives they are, the more subtle issues there might be. A
       dependency checking tool is one of very primitives feature so
       needs to be mature and stable enough.

Lockdep has been developed fairly great for many years - by intoducing
dynamic class assignment feature, recursive read lock support lately and
so on - so as to cover R1, R2, R4, partially R5 and R6 for now, but,
with the code complicated and enlarged inevitably.

However, there is still a lack of R3 in the tool. I'm thinking we can
choose one of two options to cover R3:

   1. Cross-release

   This feature was reverted due to a few false positive alarms in a
   specific environment where more than one file system were stacked on
   one another through loopback. At that time, it looked not easy to
   assign proper classes to locks in each layer with a lack of dynamic
   class assignment feature. Now it's been ready, I think it's worth
   retrying to introduce Cross-release.

   We can keep the all advantages Lockdep already has, esp. R6 with this
   option. At the same time, we would keep the problems too, Lockdep has
   e.i. the code is going more complicated and getting bigger than what
   it actually needs.

   2. A new tool

   I implemented a deadlock detection tool from the scratch by tracking
   waits and event, not acquisition or release - it was inevitable to
   rely on BFS as Lockdep does tho. I should admit this is not as mature
   as Lockdep so needs to be improved more esp. stability. However, I'm
   strongly convinced that it's the right way to go with and it does
   exactly what a deadlock detection tool should do.

   However, again, the new tool has just been implemented so may not
   cover R6 enough. So I need you guys to work together... FYI, see the
   link, https://lkml.org/lkml/2020/11/23/236 for the patches. The work
   is based on the mainline v5.9.

   NOTE: It's worth noting that the new tool is not perfect for now. For
   example, it has yet to support non-recursive read lock depenency. It
   would not be that hard work tho.

I've asked you for your opinion in https://lkml.org/lkml/2020/11/11/19
one day, and someone answered like re-introducing Cross-release looks
better. However, I decided to write this posting again and lastly
because I thought I didn't explain the rationale, each pros and cons
enough. Just this last time and then I'll stop asking any more.

It would not be that important to doing something onto the kernel code
but the right direction definitely should be more important. I want to
discuss the direction and decision wrt the tool based on the facts, good
things, and bad things without bias. Whatever decision will be made, I'd
like to go work with it and ask you for working together once it's made.

Either Cross-release or the new tool, let me go with any. Could you give
your opinions? It would be appreciated.

Thank you!
Byungchul

---

P.S. Trivial thing... but I'd like to mention one thing. From what I
heard, you got overwhelmed by a ton of reports when you allowed Lockdep
to multi-report. It's because Lockdep is not designed to work nicely
with irq related deadlock like "irq enable -> acqusition within the irq"
cases. It's gonna certainly overwhelm kmsg with the current design.

When it comes to irq related deadlock, it would be a better decision to
report only the shortest path in the dependency tree - assuming the tree
reflects irq related dependencies as well - which means the most likely
case. I tested the test case and found it didn't overwhelm even with
multiple reporting on.

Multiple reporting with Dept looks quite helpful from my experience. If
you doubt, I'd recommend to try to see what's gonna happen with Dept on
v5.9 with your system. Refer to the link above for the patches.

[REPORT] Request for reviewing crypto code wrt wait_for_completion()

[Byungchul Park]

Hello crypto folks,

I developed a tool for tracking waiters and reporting if any of the
events that the waiters are waiting for would never happen, say, a
deadlock. Yes, it would look like Lockdep but more inclusive.

While I ran the tool(Dept: Dependency Tracker) on v5.4.96, I got some
reports from the tool. One of them is related to crypto subsystem.
Because I'm not that familiar with the code, I'd like to ask you guys to
review the related code.

If I understand correctly, it doesn't actually cause deadlock but looks
like a problematic code. I know you are not used to the format of the
report from Dept so.. let me summerize the result.

The simplified call trace looks like when the problem araised :

THREAD A
--------
A1 crypto_alg_mod_lookup()
A2    crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST)
A3       cryptomgr_schedule_probe()
A4          kthread_run(cyptomgr_probe) ---> Start THREAD B

A5    crypto_larval_wait()
A6       wait_for_completion_killable_timeout(c) /* waiting for B10 */

THREAD B
--------
B1 cryptomgr_probe()
B2    pkcslpad_create()
B3       crypto_wait_for_test()
B4          crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER)
B5             cryptomgr_schedule_test()
B6                kthread_run(cyptomgr_test) ---> Start THREAD C

B7    tmpl->alloc()
B8    crupto_register_instance()
B9          wait_for_completion_killable(c) /* waiting for C3 */
B10   complete_all(c)

THREAD C
--------
C1 cryptomgr_test()
C2    crypto_alg_tested()
C3       complete_all(c)

---

For example, in this situation, I think C3 could wake up both A6 and B9
before THREAD B reaches B10 which is not desired by A6. Say, is it okay
to wake up A6 with B7 ~ B9 having yet to complete?

Sorry if I misunderstand the code. It looks so complicated to me. Could
you check if the code is good?

Just FYI, the below is the report from the tool, Dept, I developed.

Thanks,
Byungchul

---

[   10.520128 ] ===================================================
[   10.526037 ] Dept: Circular dependency has been detected.
[   10.531337 ] 5.4.96-242 #1 Tainted: G        W   
[   10.536375 ] ---------------------------------------------------
[   10.542280 ] summary
[   10.544366 ] ---------------------------------------------------
[   10.550271 ] *** AA DEADLOCK ***
[   10.550271 ] 
[   10.554875 ] context A
[   10.557136 ]     [S] (unknown)(&larval->completion:0)
[   10.562087 ]     [W] wait_for_completion_killable(&larval->completion:0)
[   10.568688 ]     [E] complete_all(&larval->completion:0)
[   10.573898 ] 
[   10.575377 ] [S]: start of the event context
[   10.579546 ] [W]: the wait blocked
[   10.582848 ] [E]: the event not reachable
[   10.586757 ] ---------------------------------------------------
[   10.592662 ] context A's detail
[   10.595703 ] ---------------------------------------------------
[   10.601608 ] context A
[   10.603868 ]     [S] (unknown)(&larval->completion:0)
[   10.608819 ]     [W] wait_for_completion_killable(&larval->completion:0)
[   10.615419 ]     [E] complete_all(&larval->completion:0)
[   10.620630 ] 
[   10.622109 ] [S] (unknown)(&larval->completion:0):
[   10.626799 ] (N/A)
[   10.628712 ] 
[   10.630191 ] [W] wait_for_completion_killable(&larval->completion:0):
[   10.636537 ] [<ffffffc0104dfc20>] crypto_wait_for_test+0x40/0x80
[   10.642443 ] stacktrace:
[   10.644881 ]       wait_for_completion_killable+0x34/0x160
[   10.650267 ]       crypto_wait_for_test+0x40/0x80
[   10.654871 ]       crypto_register_instance+0xb0/0xe0
[   10.659824 ]       akcipher_register_instance+0x30/0x38
[   10.664950 ]       pkcs1pad_create+0x238/0x2b0
[   10.669295 ]       cryptomgr_probe+0x40/0xd0
[   10.673467 ]       kthread+0x150/0x188
[   10.677118 ]       ret_from_fork+0x10/0x18
[   10.681114 ] 
[   10.682592 ] [E] complete_all(&larval->completion:0):
[   10.687544 ] [<ffffffc0104e8d20>] cryptomgr_probe+0xb0/0xd0
[   10.693016 ] stacktrace:
[   10.695452 ]       complete_all+0x30/0x70
[   10.699362 ]       cryptomgr_probe+0xb0/0xd0
[   10.703532 ]       kthread+0x150/0x188
[   10.707181 ]       ret_from_fork+0x10/0x18
[   10.711177 ] ---------------------------------------------------
[   10.717083 ] information that might be helpful
[   10.721426 ] ---------------------------------------------------
[   10.727334 ] CPU: 0 PID: 1787 Comm: cryptomgr_probe Tainted: G        W
5.4.96-242 #1
[   10.735757 ] Hardware name: LG Electronics, DTV SoC LG1213 (AArch64) (DT)
[   10.742444 ] Call trace:
[   10.744879 ]  dump_backtrace+0x0/0x148
[   10.748529 ]  show_stack+0x14/0x20
[   10.751833 ]  dump_stack+0xd0/0x12c
[   10.755223 ]  print_circle+0x3b0/0x3f8
[   10.758873 ]  cb_check_dl+0x54/0x70
[   10.762262 ]  bfs+0x64/0x1a0
[   10.765043 ]  add_dep+0x90/0xb8
[   10.768086 ]  dept_event+0x4c8/0x560
[   10.771562 ]  complete_all+0x30/0x70
[   10.775038 ]  cryptomgr_probe+0xb0/0xd0
[   10.778774 ]  kthread+0x150/0x188
[   10.781989 ]  ret_from_fork+0x10/0x18
[   10.786091 ] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[   10.792783 ] platform regulatory.0: Direct firmware load for
regulatory.db failed with error -2
[   10.796148 ] ALSA device list:
[   10.801423 ] cfg80211: failed to load regulatory.db

Re: [REPORT] Request for reviewing crypto code wrt wait_for_completion()

[Herbert Xu]

On Fri, Aug 06, 2021 at 05:03:44PM +0900, Byungchul Park wrote:
> Hello crypto folks,
> 
> I developed a tool for tracking waiters and reporting if any of the
> events that the waiters are waiting for would never happen, say, a
> deadlock. Yes, it would look like Lockdep but more inclusive.
> 
> While I ran the tool(Dept: Dependency Tracker) on v5.4.96, I got some
> reports from the tool. One of them is related to crypto subsystem.
> Because I'm not that familiar with the code, I'd like to ask you guys to
> review the related code.
> 
> If I understand correctly, it doesn't actually cause deadlock but looks
> like a problematic code. I know you are not used to the format of the
> report from Dept so.. let me summerize the result.
> 
> The simplified call trace looks like when the problem araised :
> 
> THREAD A
> --------
> A1 crypto_alg_mod_lookup()
> A2    crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST)
> A3       cryptomgr_schedule_probe()
> A4          kthread_run(cyptomgr_probe) ---> Start THREAD B
> 
> A5    crypto_larval_wait()
> A6       wait_for_completion_killable_timeout(c) /* waiting for B10 */

This larval would be an instantiation larval, and it can only be
woken up by thread B, not C.

> THREAD B
> --------
> B1 cryptomgr_probe()
> B2    pkcslpad_create()
> B3       crypto_wait_for_test()
> B4          crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER)
> B5             cryptomgr_schedule_test()
> B6                kthread_run(cyptomgr_test) ---> Start THREAD C
> 
> B7    tmpl->alloc()
> B8    crupto_register_instance()
> B9          wait_for_completion_killable(c) /* waiting for C3 */
> B10   complete_all(c)

I presume you're talking about about the wait_for_completion from
crypto_wait_for_test, in which case it can only be woken by thread
C.  After which thread B will return to cryptomgr_probe and wake up
thread A.

> THREAD C
> --------
> C1 cryptomgr_test()
> C2    crypto_alg_tested()
> C3       complete_all(c)
> 
> ---
> 
> For example, in this situation, I think C3 could wake up both A6 and B9
> before THREAD B reaches B10 which is not desired by A6. Say, is it okay
> to wake up A6 with B7 ~ B9 having yet to complete?

AFAICS thread C only wakes up test larvals, not instantiation larvals.
Please let me know if you have any further issues.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [REPORT] Request for reviewing crypto code wrt wait_for_completion()

[Byungchul Park]

On Fri, Aug 06, 2021 at 07:40:58PM +0800, Herbert Xu wrote:
> On Fri, Aug 06, 2021 at 05:03:44PM +0900, Byungchul Park wrote:
> > Hello crypto folks,
> > 
> > I developed a tool for tracking waiters and reporting if any of the
> > events that the waiters are waiting for would never happen, say, a
> > deadlock. Yes, it would look like Lockdep but more inclusive.
> > 
> > While I ran the tool(Dept: Dependency Tracker) on v5.4.96, I got some
> > reports from the tool. One of them is related to crypto subsystem.
> > Because I'm not that familiar with the code, I'd like to ask you guys to
> > review the related code.
> > 
> > If I understand correctly, it doesn't actually cause deadlock but looks
> > like a problematic code. I know you are not used to the format of the
> > report from Dept so.. let me summerize the result.
> > 
> > The simplified call trace looks like when the problem araised :
> > 
> > THREAD A
> > --------
> > A1 crypto_alg_mod_lookup()
> > A2    crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST)
> > A3       cryptomgr_schedule_probe()
> > A4          kthread_run(cyptomgr_probe) ---> Start THREAD B
> > 
> > A5    crypto_larval_wait()
> > A6       wait_for_completion_killable_timeout(c) /* waiting for B10 */
> 
> This larval would be an instantiation larval, and it can only be
> woken up by thread B, not C.

Yes. This is what I understood based on the code.

> > THREAD B
> > --------
> > B1 cryptomgr_probe()
> > B2    pkcslpad_create()
> > B3       crypto_wait_for_test()
> > B4          crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER)
> > B5             cryptomgr_schedule_test()
> > B6                kthread_run(cyptomgr_test) ---> Start THREAD C
> > 
> > B7    tmpl->alloc()
> > B8    crupto_register_instance()
> > B9          wait_for_completion_killable(c) /* waiting for C3 */
> > B10   complete_all(c)
> 
> I presume you're talking about about the wait_for_completion from

Right. Sorry for confusing you.

> crypto_wait_for_test, in which case it can only be woken by thread
> C.  After which thread B will return to cryptomgr_probe and wake up
> thread A.

Yes. This is what I understood based on the code too.

> 
> > THREAD C
> > --------
> > C1 cryptomgr_test()
> > C2    crypto_alg_tested()
> > C3       complete_all(c)
> > 
> > ---
> > 
> > For example, in this situation, I think C3 could wake up both A6 and B9
> > before THREAD B reaches B10 which is not desired by A6. Say, is it okay
> > to wake up A6 with B7 ~ B9 having yet to complete?
> 
> AFAICS thread C only wakes up test larvals, not instantiation larvals.
> Please let me know if you have any further issues.

The both cases looks like to get the larvals from the same list,
crypto_alg_list, one from crypto_larval_lookup() and the other from
__crypto_register_alg(). So I thought a single larval can be used at the
same time both at crypto_wait_for_test() and crypto_alg_mod_lookup() by
any chance. It would be great if the code ensures it never happens :-)

The problematic scenario I wanted to ask you looks like - I was
wondering if it's okay to nest requesting CRYPTO_MSG_ALG_REQUEST and
CRYPTO_MSG_ALG_REGISTER in a single stack, in other words, if it's okay
to try CRYPTO_MSG_ALG_REGISTER before completing CRYPTO_MSG_ALG_REQUEST.

A1 crypto_alg_mod_lookup()
A2    crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST)
A3       cryptomgr_schedule_probe()
A4          kthread_run(cyptomgr_probe) ---> Start THREAD B

B1 cryptomgr_probe()
B2    pkcslpad_create()
B3       crypto_wait_for_test()
B4          crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER)
B5             cryptomgr_schedule_test()
B6                kthread_run(cyptomgr_test) ---> Start THREAD C

C1 cryptomgr_test()
C2    crypto_alg_tested()
C3       complete_all(c) <- *the point* that I'd like to ask you.

A5    crypto_larval_wait()
A6       wait_for_completion_killable_timeout(c) /* waiting for B10 */
         (wake up and go)

Bx          wait_for_completion_killable(c) /* waiting for C3 */
            (wake up and go)
Bx    tmpl->alloc()
Bx    crupto_register_instance()
B10   complete_all(c)

I think I've shown you all the detail about the problematic flow. If
it still looks okay to you, then it'd be great!

Thank you,
Byungchul

> Thanks,
> -- 
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [REPORT] Request for reviewing crypto code wrt wait_for_completion()

[Herbert Xu]

On Sat, Aug 07, 2021 at 12:46:39PM +0900, Byungchul Park wrote:
>
> > > THREAD C
> > > --------
> > > C1 cryptomgr_test()
> > > C2    crypto_alg_tested()
> > > C3       complete_all(c)
> > > 
> > > For example, in this situation, I think C3 could wake up both A6 and B9
> > > before THREAD B reaches B10 which is not desired by A6. Say, is it okay
> > > to wake up A6 with B7 ~ B9 having yet to complete?
> > 
> > AFAICS thread C only wakes up test larvals, not instantiation larvals.
> > Please let me know if you have any further issues.
> 
> The both cases looks like to get the larvals from the same list,
> crypto_alg_list, one from crypto_larval_lookup() and the other from
> __crypto_register_alg(). So I thought a single larval can be used at the
> same time both at crypto_wait_for_test() and crypto_alg_mod_lookup() by
> any chance. It would be great if the code ensures it never happens :-)

Perhaps it's not obvious but the distinguishing feature between test
larvals and the other kind of larvals is that test larvals have a
non-null cra_driver_name field.

In crypto_alg_tested we specifically exclude non-test larvals
when doing the lookup.

> The problematic scenario I wanted to ask you looks like - I was
> wondering if it's okay to nest requesting CRYPTO_MSG_ALG_REQUEST and
> CRYPTO_MSG_ALG_REGISTER in a single stack, in other words, if it's okay
> to try CRYPTO_MSG_ALG_REGISTER before completing CRYPTO_MSG_ALG_REQUEST.
> 
> A1 crypto_alg_mod_lookup()
> A2    crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST)
> A3       cryptomgr_schedule_probe()
> A4          kthread_run(cyptomgr_probe) ---> Start THREAD B
> 
> B1 cryptomgr_probe()
> B2    pkcslpad_create()
> B3       crypto_wait_for_test()
> B4          crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER)
> B5             cryptomgr_schedule_test()
> B6                kthread_run(cyptomgr_test) ---> Start THREAD C
> 
> C1 cryptomgr_test()
> C2    crypto_alg_tested()
> C3       complete_all(c) <- *the point* that I'd like to ask you.

Well c in this case can only be a test larval so it cannot wake
up thread A which is waiting on a non-test larval.

> A5    crypto_larval_wait()
> A6       wait_for_completion_killable_timeout(c) /* waiting for B10 */
>          (wake up and go)
> 
> Bx          wait_for_completion_killable(c) /* waiting for C3 */
>             (wake up and go)
> Bx    tmpl->alloc()
> Bx    crupto_register_instance()
> B10   complete_all(c)

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [RFC] Cross-release versus a new tool

[Byungchul Park]

On Tue, Aug 03, 2021 at 11:16:12AM +0900, Byungchul Park wrote:
> Hi folks,

Hi,

I understand you guys don't like the approach that introduces a new
implementation for now that Lockdep is quite mature enough, and at the
same time you might agree with the approach focusing on waiters than
lock acquisitions tho.

How do you think about that? I may develop the new tool in a separated
tree and make it mature enough for the mainline tree, or develop it in
the mainline tree as an experimental one, or rather focus on
re-introducing cross-release, or other options.

It would be appreciated to share opinions for that.

Thanks,
Byungchul

> Lockdep is a great tool for detecting deadlock possibility, which was
> designed for detecting wrong usage of locking API esp. typical lock e.g.
> spinlock and mutex. However, when it comes to read lock or any other
> mechanisms than typical lock, Lockdep code has been getting tweaked and
> complicated to cover all of them. It'd be getting worse over time.
> 
> First of all, we should understand what a deadlock detection tool should
> do. Fundamentally, a deadlock is caused by "WAITER(S) ON ITS EVENT(S)
> THAT WILL NEVER HAPPEN" so the tool should focus on waiters and events.
> Otherwise, complexifying it just makes things worse.
> 
> (NOTE: I hope you guys distinguish between dependency checking feature
> and any other supports for lock usage. I'm gonna talk about the aspect
> of dependency checking feature only in this posting. The support for
> correctness check of lock usage should still be there as is.)
> 
> We can detect a deadlock by tracking waiters and its events. A deadlock
> detection tool should focus on waiters and events and its contexts, not
> specific cases like the order of acquisitions that Lockdep does, where
> waiters and its events *implicitly* exist there anyway. This way, the
> tool can be simple and straightforward, and able to cover all cases.
> 
> I understand all Linux kernel features should be mature enough. I think
> Lockdep is fairly so, thanks to the folks for many years. I partially
> agree with the opinion that Lockdep should be kept and new feautures for
> a better work should be stacked onto Lockdep if needed. However, it's
> a shame that the base that Lockdep was built on is not that nice.
> 
> The requirement we expect the tool should meet is, I think:
> 
>    R1. It should detect a deadlock caused by typical type of lock e.g.
>        spin lock and mutex lock.
> 
>        We acquire a lock before accessing a shared resource and release
>        the lock after using it, say, both the acquisition and release
>        happen at the *same context*. Using the fact so just tracking the
>        order of lock acquisitions, we can detect a deadlock.
> 
>    R2. It should detect a deadlock caused by other than typical type of
>        lock e.g. read lock.
> 
>        Read lock works in a different way from typical one because it
>        was introduced to avoid *wait* on contention between read locks.
>        Furthermore, they behave differently depending on if it's
>        recursive one or not. It's not easy to detect a deadlock with
>        focusing on the order unless focusing on the interesting waiters
>        and its events. Otherwise, the tool should be tweaked and getting
>        complicated to cover them, which is how Lockdep does :(
> 
>    R3. It should detect a deadlock caused by any waiter e.g. page lock
>        and wait_for_completion.
> 
>        Not only locks but also any waits can cause a deadlock. However,
>        Lockdep doesn't work for the cases because it wasn't designed
>        fot that. Instead, these cases have been covered by manually
>        adding Lockdep annotations like acquire/release, in case by case
>        manner when found the needs. It'd better be done automatically or
>        with simpler annotations, for example, wait/event annotation
>        instead of acquire/release.
> 
>    R4. Sychronization objects e.g. lock and wait_for_completion need to
>        be classified correctly as a prerequisite, minimizing the number
>        of false positives.
> 
>        A deadlock detection tool does not track all individual objects.
>        Instead, it works with *class* classified based on its code path
>        basically. Unfortunately, because not all the classification is
>        perfect, false alarms may raise. To avoid it, some classes that
>        were assigned automatically but incorrectly, have been reset by
>        the developers manually for many years.
> 
>    R5. It should not overwhelm the kernel message with meaningless
>        reports. But it should still report meaningful ones.
> 
>        Even though one problematic usage in terms of dependency can
>        cause more than one scenario leading deadlock, it would be
>        meaningless to report all of them because some may rather get in
>        the way when picking meaningful ones for analysis. However,
>        meaningful ones are still worth being reported.
> 
>    R6. It should be mature and stable enough to handle subtle issues
>        properly.
> 
>        There are a lot of subtle issues in Linux kernel. The more
>        primitives they are, the more subtle issues there might be. A
>        dependency checking tool is one of very primitives feature so
>        needs to be mature and stable enough.
> 
> Lockdep has been developed fairly great for many years - by intoducing
> dynamic class assignment feature, recursive read lock support lately and
> so on - so as to cover R1, R2, R4, partially R5 and R6 for now, but,
> with the code complicated and enlarged inevitably.
> 
> However, there is still a lack of R3 in the tool. I'm thinking we can
> choose one of two options to cover R3:
> 
>    1. Cross-release
> 
>    This feature was reverted due to a few false positive alarms in a
>    specific environment where more than one file system were stacked on
>    one another through loopback. At that time, it looked not easy to
>    assign proper classes to locks in each layer with a lack of dynamic
>    class assignment feature. Now it's been ready, I think it's worth
>    retrying to introduce Cross-release.
> 
>    We can keep the all advantages Lockdep already has, esp. R6 with this
>    option. At the same time, we would keep the problems too, Lockdep has
>    e.i. the code is going more complicated and getting bigger than what
>    it actually needs.
> 
>    2. A new tool
> 
>    I implemented a deadlock detection tool from the scratch by tracking
>    waits and event, not acquisition or release - it was inevitable to
>    rely on BFS as Lockdep does tho. I should admit this is not as mature
>    as Lockdep so needs to be improved more esp. stability. However, I'm
>    strongly convinced that it's the right way to go with and it does
>    exactly what a deadlock detection tool should do.
> 
>    However, again, the new tool has just been implemented so may not
>    cover R6 enough. So I need you guys to work together... FYI, see the
>    link, https://lkml.org/lkml/2020/11/23/236 for the patches. The work
>    is based on the mainline v5.9.
> 
>    NOTE: It's worth noting that the new tool is not perfect for now. For
>    example, it has yet to support non-recursive read lock depenency. It
>    would not be that hard work tho.
> 
> I've asked you for your opinion in https://lkml.org/lkml/2020/11/11/19
> one day, and someone answered like re-introducing Cross-release looks
> better. However, I decided to write this posting again and lastly
> because I thought I didn't explain the rationale, each pros and cons
> enough. Just this last time and then I'll stop asking any more.
> 
> It would not be that important to doing something onto the kernel code
> but the right direction definitely should be more important. I want to
> discuss the direction and decision wrt the tool based on the facts, good
> things, and bad things without bias. Whatever decision will be made, I'd
> like to go work with it and ask you for working together once it's made.
> 
> Either Cross-release or the new tool, let me go with any. Could you give
> your opinions? It would be appreciated.
> 
> Thank you!
> Byungchul
> 
> ---
> 
> P.S. Trivial thing... but I'd like to mention one thing. From what I
> heard, you got overwhelmed by a ton of reports when you allowed Lockdep
> to multi-report. It's because Lockdep is not designed to work nicely
> with irq related deadlock like "irq enable -> acqusition within the irq"
> cases. It's gonna certainly overwhelm kmsg with the current design.
> 
> When it comes to irq related deadlock, it would be a better decision to
> report only the shortest path in the dependency tree - assuming the tree
> reflects irq related dependencies as well - which means the most likely
> case. I tested the test case and found it didn't overwhelm even with
> multiple reporting on.
> 
> Multiple reporting with Dept looks quite helpful from my experience. If
> you doubt, I'd recommend to try to see what's gonna happen with Dept on
> v5.9 with your system. Refer to the link above for the patches.