[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Feb 2019 11:14:27 +0100 (CET)
From: Thomas Gleixner <tglx@...utronix.de>
To: Heiko Carstens <heiko.carstens@...ibm.com>
cc: Sebastian Sewior <bigeasy@...utronix.de>,
"Paul E. McKenney" <paulmck@...ux.ibm.com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>,
Martin Schwidefsky <schwidefsky@...ibm.com>,
LKML <linux-kernel@...r.kernel.org>, linux-s390@...r.kernel.org,
Stefan Liebler <stli@...ux.ibm.com>
Subject: Re: WARN_ON_ONCE(!new_owner) within wake_futex_pi() triggerede
On Sat, 2 Feb 2019, Heiko Carstens wrote:
> On Fri, Feb 01, 2019 at 10:59:08PM +0100, Thomas Gleixner wrote:
> > Were you able to capture a trace with the last set of additional trace
> > printks?
>
> Of course I forgot to collect that, sorry! But just reproduced; see
> log below (last 1000 lines) and attachment for full log.
The failing futex is here:
<...>-48786 [002] .... 337.231645: sys_futex(uaddr: 3ff90c00460, op: 6, val: 1, utime: 0, uaddr2: 4, val3: 0)
<...>-48786 [002] .... 337.231646: attach_to_pi_owner: Missing pid 49011
<...>-48786 [002] .... 337.231646: handle_exit_race: uval2 vs uval 8000bf73 vs 8000bf73 (-1)
<...>-48786 [002] .... 337.231741: sys_futex -> 0xfffffffffffffffd
Lets look were it was handled in the kernel right before that:
<...>-49014 [006] .... 337.215675: sys_futex(uaddr: 3ff90c00460, op: 7, val: 3ff00000007, utime: 3ff8d3f8910, uaddr2: 3ff8d3f8910, val3: 3ffc64fe8f7)
<...>-49014 [006] .... 337.215675: do_futex: uaddr: 3ff90c00460 cur: 8000bf76 new: 0
49014 unlocks the futex in the kernel and due to lack of waiters it sets it
to unlocked ---> new: 0.
Between this and the failing sys_futex() invocation, the missing task exits:
<...>-49011 [000] .... 337.221543: handle_futex_death: uaddr: 3ff90c00a00 pi: 1
...
<...>-49011 [000] .... 337.221547: handle_futex_death: uaddr: 3ff90c00488 success
<...>-49011 [000] .... 337.221548: sched_process_exit: comm=ld64.so.1 pid=49011 prio=120
but it does not have futex 3ff90c00460 in its robust list.
So after the unlock @timestamp 337.215675 the kernel does not deal with
that futex at all until the failed lock attempt where it rightfully rejects
the attempt due to the alleged owner being gone.
So this looks more like user space doing something stupid...
As we talked about the missing barriers before, I just looked at
pthread_mutex_trylock() and that does still:
if (robust)
{
ENQUEUE_MUTEX_PI (mutex);
THREAD_SETMEM (THREAD_SELF, robust_head.list_op_pending, NULL);
}
So it's missing the barriers which pthread_mutex_lock() has. Grasping for
straws obviously....
Thanks,
tglx
Powered by blists - more mailing lists