| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABXGCsO5mFu9fOq8oKwByZaAjJrCB_V0hKgOsLLJJ4x3PmHr1g@mail.gmail.com>
Date: Tue, 22 Jul 2025 12:11:36 +0500
From: Mikhail Gavrilov <mikhail.v.gavrilov@...il.com>
To: Hillf Danton <hdanton@...a.com>
Cc: thomas.hellstrom@...ux.intel.com, axboe@...nel.dk,
linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
Ming Lei <ming.lei@...hat.com>, regressions@...ts.linux.dev
Subject: Re: 6.15/regression/bisected - lockdep warning: circular locking
dependency detected when plugging USB stick after ffa1e7ada456
On Tue, Jul 22, 2025 at 5:51 AM Hillf Danton <hdanton@...a.com> wrote:
>
> Try the diff that serializes elevator_change() with q->elevator_lock if
> reproducer is available.
>
> --- x/block/elevator.c
> +++ y/block/elevator.c
> @@ -661,6 +661,7 @@ static int elevator_change(struct reques
> unsigned int memflags;
> int ret = 0;
>
> + /* updaters should be serialized */
> lockdep_assert_held(&q->tag_set->update_nr_hwq_lock);
>
> memflags = blk_mq_freeze_queue(q);
> @@ -674,11 +675,11 @@ static int elevator_change(struct reques
> * Disk isn't added yet, so verifying queue lock only manually.
> */
> blk_mq_cancel_work_sync(q);
> + blk_mq_unfreeze_queue(q, memflags);
> mutex_lock(&q->elevator_lock);
> if (!(q->elevator && elevator_match(q->elevator->type, ctx->name)))
> ret = elevator_switch(q, ctx);
> mutex_unlock(&q->elevator_lock);
> - blk_mq_unfreeze_queue(q, memflags);
> if (!ret)
> ret = elevator_change_done(q, ctx);
>
Hi Hillf,
Thanks for the patch.
I tested your proposed diff that serializes elevator_change() with
q->elevator_lock. Unfortunately, instead of the previous lockdep
warning, I'm now seeing a soft lockup warning.
Here is the relevant excerpt from the kernel log:
[ 78.573292] sd 6:0:0:0: [sda] Assuming drive cache: write through
[ 78.581496] ------------[ cut here ]------------
[ 78.581507] WARNING: CPU: 7 PID: 300 at block/elevator.c:578
elevator_switch+0x512/0x630
[ 78.581515] Modules linked in: uas usb_storage uinput snd_seq_dummy
snd_hrtimer nft_queue nfnetlink_queue nf_conntrack_netbios_ns
nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib
nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct
nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4
nf_tables qrtr bnep binfmt_misc intel_rapl_msr amd_atl
intel_rapl_common mt7921e mt7921_common mt792x_lib mt76_connac_lib
mt76 snd_hda_codec_realtek snd_hda_codec_generic edac_mce_amd
snd_hda_scodec_component snd_hda_codec_hdmi btusb mac80211 btrtl
kvm_amd btintel btbcm snd_hda_intel btmtk snd_intel_dspcfg bluetooth
snd_intel_sdw_acpi kvm snd_hda_codec snd_hda_core vfat snd_hwdep fat
snd_seq spd5118 snd_seq_device libarc4 irqbypass snd_pcm cfg80211
wmi_bmof rapl snd_timer pcspkr k10temp i2c_piix4 snd joydev i2c_smbus
rfkill soundcore gpio_amdpt gpio_generic loop zram lz4hc_compress
lz4_compress amdgpu amdxcp i2c_algo_bit drm_ttm_helper ttm drm_exec
gpu_sched drm_suballoc_helper nvme
[ 78.581629] drm_panel_backlight_quirks drm_buddy polyval_clmulni
r8169 drm_display_helper ghash_clmulni_intel nvme_core sha512_ssse3
sha1_ssse3 cec sp5100_tco nvme_keyring realtek nvme_auth video wmi
sunrpc iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi i2c_dev
fuse nfnetlink
[ 78.581663] CPU: 7 UID: 0 PID: 300 Comm: kworker/u129:6 Tainted: G
L 6.16.0-rc7-with-fix+ #38 PREEMPT(lazy)
[ 78.581668] Tainted: [L]=SOFTLOCKUP
[ 78.581669] Hardware name: ASRock B650I Lightning WiFi/B650I
Lightning WiFi, BIOS 3.30 06/16/2025
[ 78.581672] Workqueue: async async_run_entry_fn
[ 78.581677] RIP: 0010:elevator_switch+0x512/0x630
[ 78.581681] Code: 0f 85 20 fd ff ff 48 c7 c2 a0 08 27 a6 be 4a 03
00 00 48 c7 c7 00 09 27 a6 c6 05 1e e1 d7 04 01 e8 03 31 b0 fe e9 fc
fc ff ff <0f> 0b e9 34 fb ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 e2
48 c1
[ 78.581684] RSP: 0018:ffffc9000326f7d0 EFLAGS: 00010246
[ 78.581687] RAX: 0000000000000000 RBX: ffff8883d97334d0 RCX: 1ffff9200064dedc
[ 78.581689] RDX: 1ffff1107b2e679d RSI: 0000000000000000 RDI: ffff8883d9733ce8
[ 78.581691] RBP: 0000000000000000 R08: ffffffffa5c33e41 R09: fffffbfff515a0fc
[ 78.581693] R10: ffffc9000326f808 R11: 0000000000000001 R12: ffffc9000326f860
[ 78.581694] R13: ffff8883d9733ab0 R14: 00000000ffffffff R15: ffff8881eff5c098
[ 78.581696] FS: 0000000000000000(0000) GS:ffff889026d50000(0000)
knlGS:0000000000000000
[ 78.581698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.581700] CR2: 000056377a0b42d0 CR3: 00000002206a6000 CR4: 0000000000f50ef0
[ 78.581702] PKRU: 55555554
[ 78.581704] Call Trace:
[ 78.581706] <TASK>
[ 78.581710] elevator_change+0x1f1/0x2d0
[ 78.581715] elevator_set_default+0x22d/0x2a0
[ 78.581719] ? __pfx_elevator_set_default+0x10/0x10
[ 78.581724] ? disk_register_independent_access_ranges+0x24f/0x310
[ 78.581730] blk_register_queue+0x33a/0x490
[ 78.581736] __add_disk+0x5fd/0xd50
[ 78.581742] add_disk_fwnode+0x113/0x590
[ 78.581748] sd_probe+0x873/0xe10
[ 78.581755] really_probe+0x1de/0x890
[ 78.581761] ? __pfx___device_attach_driver+0x10/0x10
[ 78.581763] __driver_probe_device+0x18c/0x390
[ 78.581766] ? lockdep_hardirqs_on+0x8c/0x130
[ 78.581771] driver_probe_device+0x4a/0x120
[ 78.581775] __device_attach_driver+0x156/0x280
[ 78.581778] bus_for_each_drv+0x111/0x1a0
[ 78.581782] ? __pfx_bus_for_each_drv+0x10/0x10
[ 78.581786] ? trace_hardirqs_on+0x18/0x150
[ 78.581790] ? lockdep_hardirqs_on+0x8c/0x130
[ 78.581792] ? __raw_spin_unlock_irqrestore+0x5d/0x80
[ 78.581796] ? __raw_spin_unlock_irqrestore+0x46/0x80
[ 78.581800] __device_attach_async_helper+0x19c/0x240
[ 78.581804] ? __pfx___device_attach_async_helper+0x10/0x10
[ 78.581808] ? seqcount_lockdep_reader_access.constprop.0+0xa5/0xb0
[ 78.581812] ? ktime_get+0x63/0x180
[ 78.581817] async_run_entry_fn+0x94/0x540
[ 78.581821] process_one_work+0x87a/0x14d0
[ 78.581830] ? __pfx_process_one_work+0x10/0x10
[ 78.581833] ? find_held_lock+0x2b/0x80
[ 78.581840] ? assign_work+0x156/0x390
[ 78.581845] worker_thread+0x5f2/0xfd0
[ 78.581853] ? __pfx_worker_thread+0x10/0x10
[ 78.581855] kthread+0x3b0/0x770
[ 78.581859] ? local_clock_noinstr+0x68/0x130
[ 78.581862] ? __pfx_kthread+0x10/0x10
[ 78.581867] ? rcu_is_watching+0x15/0xe0
[ 78.581871] ? __pfx_kthread+0x10/0x10
[ 78.581875] ret_from_fork+0x3ef/0x510
[ 78.581879] ? __pfx_kthread+0x10/0x10
[ 78.581881] ? __pfx_kthread+0x10/0x10
[ 78.581885] ret_from_fork_asm+0x1a/0x30
[ 78.581894] </TASK>
[ 78.581896] irq event stamp: 1002669
[ 78.581898] hardirqs last enabled at (1002675):
[<ffffffffa282630e>] __up_console_sem+0x7e/0x90
[ 78.581902] hardirqs last disabled at (1002680):
[<ffffffffa28262f3>] __up_console_sem+0x63/0x90
[ 78.581904] softirqs last enabled at (999948):
[<ffffffffa25f8c49>] handle_softirqs+0x579/0x840
[ 78.581908] softirqs last disabled at (999941):
[<ffffffffa25f9046>] __irq_exit_rcu+0x126/0x240
[ 78.581910] ---[ end trace 0000000000000000 ]---
[ 78.637462] GPT:Primary header thinks Alt. header is not at the end
of the disk.
[ 78.637472] GPT:2097151 != 3907583
This happens after plugging in a USB flash stick (sd 6:0:0:0) with the
patched kernel.
Full dmesg trace is attached below.
Let me know if you'd like me to try additional debugging or patches.
Thanks for looking into this!
--
Best Regards,
Mike Gavrilov.
Download attachment "dmesg-6.16.0-rc7-with-fix.zip" of type "application/zip" (46529 bytes)
Powered by blists - more mailing lists