204243 – WARNING: possible circular locking dependency detected [sr_mod]

Bug 204243 - WARNING: possible circular locking dependency detected [sr_mod]

Summary: WARNING: possible circular locking dependency detected [sr_mod]

Status:	NEW

Alias:	None

Product:	IO/Storage
Classification:	Unclassified
Component:	SCSI (show other bugs)
Hardware:	All Linux

Importance:	P1 normal
Assignee:	linux-scsi@vger.kernel.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-07-20 10:43 UTC by Erhard F.
Modified:	2019-07-21 07:28 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:	5.2.1
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
dmesg output (55.66 KB, text/plain) 2019-07-20 10:43 UTC, Erhard F.	Details
kernel .config (5.2.1) (102.00 KB, text/plain) 2019-07-20 10:45 UTC, Erhard F.	Details
Add an attachment (proposed patch, testcase, etc.)

Description Erhard F. 2019-07-20 10:43:36 UTC

Created attachment 283867 [details]
dmesg output

Encountered this during writing an .iso to a DVD-RW media:

[...]
[ 6908.678745] ======================================================
[ 6908.678746] WARNING: possible circular locking dependency detected
[ 6908.678749] 5.2.1-gentoo #1 Not tainted
[ 6908.678750] ------------------------------------------------------
[ 6908.678752] brasero/1066 is trying to acquire lock:
[ 6908.678754] 0000000087aec994 (&mm->mmap_sem#2){++++}, at: __do_page_fault+0x387/0x420
[ 6908.678761] 
               but task is already holding lock:
[ 6908.678762] 0000000056293ac4 (sr_mutex){+.+.}, at: sr_block_ioctl+0x3a/0xc0 [sr_mod]
[ 6908.678768] 
               which lock already depends on the new lock.

[ 6908.678769] 
               the existing dependency chain (in reverse order) is:
[ 6908.678770] 
               -> #6 (sr_mutex){+.+.}:
[ 6908.678773] 
               -> #5 (&bdev->bd_mutex){+.+.}:
[ 6908.678775] 
               -> #4 (&fs_devs->device_list_mutex){+.+.}:
[ 6908.678777] 
               -> #3 (&fs_info->tree_log_mutex){+.+.}:
[ 6908.678780] 
               -> #2 (&fs_info->reloc_mutex){+.+.}:
[ 6908.678782] 
               -> #1 (sb_pagefaults){.+.+}:
[ 6908.678784] 
               -> #0 (&mm->mmap_sem#2){++++}:
[ 6908.678786] 
               other info that might help us debug this:

[ 6908.678787] Chain exists of:
                 &mm->mmap_sem#2 --> &bdev->bd_mutex --> sr_mutex

[ 6908.678790]  Possible unsafe locking scenario:

[ 6908.678791]        CPU0                    CPU1
[ 6908.678793]        ----                    ----
[ 6908.678794]   lock(sr_mutex);
[ 6908.678795]                                lock(&bdev->bd_mutex);
[ 6908.678797]                                lock(sr_mutex);
[ 6908.678798]   lock(&mm->mmap_sem#2);
[ 6908.678800] 
                *** DEADLOCK ***

[ 6908.678801] 1 lock held by brasero/1066:
[ 6908.678802]  #0: 0000000056293ac4 (sr_mutex){+.+.}, at: sr_block_ioctl+0x3a/0xc0 [sr_mod]
[ 6908.678806] 
               stack backtrace:
[ 6908.678809] CPU: 1 PID: 1066 Comm: brasero Not tainted 5.2.1-gentoo #1
[ 6908.678810] Hardware name: System manufacturer System Product Name/M5A78L-M LX3, BIOS 1401    05/05/2016
[ 6908.678812] Call Trace:
[ 6908.678816]  dump_stack+0x67/0x98
[ 6908.678820]  print_circular_bug.cold.60+0x15c/0x195
[ 6908.678823]  __lock_acquire+0x17c0/0x1d18
[ 6908.678826]  lock_acquire+0xaa/0x168
[ 6908.678828]  ? __do_page_fault+0x387/0x420
[ 6908.678831]  ? copy_user_generic_string+0x29/0x40
[ 6908.678833]  down_read+0x28/0xc0
[ 6908.678836]  ? __do_page_fault+0x387/0x420
[ 6908.678838]  __do_page_fault+0x387/0x420
[ 6908.678841]  ? page_fault+0x1b/0x20
[ 6908.678843]  ? copy_user_generic_string+0x29/0x40
[ 6908.678846]  ? copyout+0x25/0x30
[ 6908.678847]  ? copy_page_to_iter+0xd0/0x330
[ 6908.678850]  ? bio_uncopy_user+0x124/0x168
[ 6908.678852]  ? blk_rq_unmap_user+0x22/0x60
[ 6908.678855]  ? sg_io+0x268/0x440
[ 6908.678857]  ? scsi_cmd_ioctl+0x2b2/0x498
[ 6908.678861]  ? cdrom_ioctl+0x36/0xde4 [cdrom]
[ 6908.678864]  ? _raw_spin_unlock_irqrestore+0x37/0x40
[ 6908.678866]  ? __pm_runtime_resume+0x4f/0x70
[ 6908.678869]  ? sr_block_ioctl+0x9d/0xc0 [sr_mod]
[ 6908.678872]  ? blkdev_ioctl+0x52e/0xa80
[ 6908.678874]  ? find_held_lock+0x2d/0x90
[ 6908.678876]  ? block_ioctl+0x2d/0x38
[ 6908.678879]  ? do_vfs_ioctl+0xa8/0x718
[ 6908.678881]  ? __fget+0x101/0x1e0
[ 6908.678883]  ? ksys_ioctl+0x35/0x70
[ 6908.678884]  ? __x64_sys_ioctl+0x11/0x18
[ 6908.678887]  ? do_syscall_64+0x4b/0x198
[ 6908.678889]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 6984.804171] capability: warning: `growisofs' uses 32-bit capabilities (legacy support in use)

Comment 1 Erhard F. 2019-07-20 10:45:28 UTC

Created attachment 283869 [details]
kernel .config (5.2.1)

Comment 2 Thomas Schmitt 2019-07-21 07:26:19 UTC

Hi,

the lock in sr_block_open() is a nuisance since it was introduced by
a daring mass change nine years ago:
  https://lkml.org/lkml/2010/9/14/338
It has a history of complaints about slowing down concurrent use of
ioctl(SG_IO) on different sr drives:
  https://marc.info/?l=linux-scsi&m=135705061804384&w=2
As developer of libburn i had to develop workarounds in userspace:
  http://libburnia-project.org/wiki/ConcurrentLinuxSr
None of them is really satisfying.

Since 3 years i use /dev/sg* instead of /dev/sr* for burning. The older
readers will remember the relief when we could use hd and sr and thus
had proper coordination with mount(8). This is gone, at least for systems
where more than one optical drive shall be used concurrently.

So, as did others before, i propose to remove the mutex_lock()/mutex_unlock()
pair in sr_block_ioctl().

(Actually the other mutex_lock()/mutex_unlock() pairs introduced by
   https://lkml.org/lkml/2010/9/14/338
 should be examined whether they are appropriate replacements of the
 previously existing BKLs. They don't have this long lasting impact on
 multi-drive operation, though.)

Have a nice day :)

Thomas

Comment 3 Thomas Schmitt 2019-07-21 07:28:15 UTC

Sorry, i wrote "sr_block_open()" where i meant "sr_block_ioctl()".

Note You need to log in before you can comment on or make changes to this bug.