Re: "cat /proc/lockdep" after "rmmod <some module>" when !debug_locks will crash the system

From: Bart Van Assche
Date: Mon Mar 25 2019 - 11:27:07 EST

Next message: luferry: "[PATCH] make blk_mq_map_queues more friendly for cpu topology"
Previous message: Matthew Wilcox: "Re: [PATCH 2/4] signal: Make flush_sigqueue() use free_q to release memory"
Next in thread: Bart Van Assche: "Re: "cat /proc/lockdep" after "rmmod <some module>" when !debug_locks will crash the system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2019-03-25 at 17:45 +-0800, shenghui wrote:
+AD4 Sorry to trouble you.
+AD4
+AD4 I installed virtualbox-5.2.24 on my system (x86 32) and on bootup I got some warning:
+AD4 ---------------------
+AD4 1251 +AFs 42.640869+AF0 DEBUG+AF8-LOCKS+AF8-WARN+AF8-ON(+ACE-current-+AD4-hardirqs+AF8-enabled)
+AD4 1252 +AFs 42.640880+AF0 WARNING: CPU: 0 PID: 841 at kernel/locking/lockdep.c:4132 check+AF8-flags.part.45+-0x9e/0x190
+AD4 ...
+AD4
+AD4 As no crash afterwards, I just ignore the warning and continue using my system.
+AD4
+AD4 Later I rmmod some module and run +ACI-cat /proc/lockdep+ACI, the system crashed.
+AD4 (Sorry I cannot capture the crash log as kdump didn't work on my system, but I can
+AD4 see some words +ACI...normal kernel read fault...+ACI)
+AD4
+AD4
+AD4 Then I walked through the code and found:
+AD4 1) DEBUG+AF8-LOCKS+AF8-WARN+AF8-ON(+ACE-current-+AD4-hardirqs+AF8-enabled) will turn debug+AF8-locks to 0
+AD4 2) if +ACE-debug+AF8-locks, graph+AF8-lock() will return 0
+AD4 3) On module unloading, lockdep+AF8-free+AF8-key+AF8-range+AF8-reg() will run.
+AD4 But when +ACE-debug+AF8-locks, lockdep+AF8-free+AF8-key+AF8-range+AF8-reg() will do nothing.
+AD4
+AD4 4743 static void lockdep+AF8-free+AF8-key+AF8-range+AF8-reg(void +ACo-start, unsigned long size)
+AD4 4744 +AHs
+AD4 ...
+AD4 4751 raw+AF8-local+AF8-irq+AF8-save(flags)+ADs
+AD4 4752 locked +AD0 graph+AF8-lock()+ADs
+AD4 4753 if (+ACE-locked)
+AD4 4754 goto out+AF8-irq+ADs
+AD4 ...
+AD4 4759
+AD4 4760 graph+AF8-unlock()+ADs
+AD4 4761 out+AF8-irq:
+AD4 4762 raw+AF8-local+AF8-irq+AF8-restore(flags)+ADs
+AD4
+AD4 4) The result is: module is unloaded, but some lock+AF8-class related with the module
+AD4 still exist in all+AF8-lock+AF8-classes.
+AD4 5) 'cat /proc/lockdep' will access elements of all+AF8-lock+AF8-classes, and will trigger the crash.
+AD4
+AD4
+AD4 Seems the usage of +ACIAIQ-graph+AF8-lock()+ACI can prevent any new changes to all+AF8-lock+AF8-classes and other hashtables
+AD4 if +ACE-debug+AF8-locks.

Hi Shenghui,

None of the rmmod / cat /proc/lockdep tests I ran triggered the above warning.
It would help if you could share the steps you followed to trigger that warning.

Thanks,

Bart.

Next message: luferry: "[PATCH] make blk_mq_map_queues more friendly for cpu topology"
Previous message: Matthew Wilcox: "Re: [PATCH 2/4] signal: Make flush_sigqueue() use free_q to release memory"
Next in thread: Bart Van Assche: "Re: "cat /proc/lockdep" after "rmmod <some module>" when !debug_locks will crash the system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]