Bug 52231 - possible circular locking dependency detected in radeon driver
Summary: possible circular locking dependency detected in radeon driver
Status: CLOSED CODE_FIX
Alias: None
Product: Drivers
Classification: Unclassified
Component: Console/Framebuffers (show other bugs)
Hardware: All Linux
: P1 normal
Assignee: James Simmons
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-01-03 13:04 UTC by Christian Casteyde
Modified: 2013-07-23 14:00 UTC (History)
1 user (show)

See Also:
Kernel Version: 3.8-rc2
Subsystem:
Regression: Yes
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Christian Casteyde 2013-01-03 13:04:12 UTC 
Kernel 3.8-rc2
Slackware64 14
Core i7, 6 GB RAM, 64 bit mode

Since kernel 3.8-rc2 with kmemcheck and lockdep hacking options turned on, I get the following lockdep warning:

EXT4-fs (sda3): re-mounted. Opts: discard,commit=0

======================================================
[ INFO: possible circular locking dependency detected ]
3.8.0-rc2 #21 Not tainted
-------------------------------------------------------
99video/2835 is trying to acquire lock:
 ((fb_notifier_list).rwsem){.+.+.+}, at: [<ffffffff8109f2f4>] __blocking_notifier_call_chain+0x54/0xd0

but task is already holding lock:
 (console_lock){+.+.+.}, at: [<ffffffff81344a65>] store_fbstate+0x55/0x80

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (console_lock){+.+.+.}:
       [<ffffffff810c9eaa>] lock_acquire+0x5a/0x70
       [<ffffffff810756e7>] console_lock+0x57/0x60
       [<ffffffff813a1874>] register_con_driver+0x34/0x140
       [<ffffffff813a2fe9>] take_over_console+0x29/0x60
       [<ffffffff8134a90b>] fbcon_takeover+0x5b/0xb0
       [<ffffffff8134f7ad>] fbcon_event_notify+0x72d/0x830
       [<ffffffff8109f00e>] notifier_call_chain+0x5e/0x150
       [<ffffffff8109f30d>] __blocking_notifier_call_chain+0x6d/0xd0
       [<ffffffff8109f381>] blocking_notifier_call_chain+0x11/0x20
       [<ffffffff81340df6>] fb_notifier_call_chain+0x16/0x20
       [<ffffffff8134301d>] register_framebuffer+0x1bd/0x2f0
       [<ffffffff813adf43>] drm_fb_helper_single_fb_probe+0x1d3/0x2f0
       [<ffffffff813ae231>] drm_fb_helper_initial_config+0x1d1/0x240
       [<ffffffff81417b1a>] radeon_fbdev_init+0xba/0x110
       [<ffffffff81412a01>] radeon_modeset_init+0x501/0xb60
       [<ffffffff813f00d0>] radeon_driver_load_kms+0xe0/0x150
       [<ffffffff813bb5ce>] drm_get_pci_dev+0x17e/0x2b0
       [<ffffffff813d643a>] radeon_pci_probe+0xaa/0xe0
       [<ffffffff8132f196>] local_pci_probe+0x46/0x80
       [<ffffffff8132f7c1>] pci_device_probe+0x101/0x110
       [<ffffffff8146cb86>] driver_probe_device+0x76/0x220
       [<ffffffff8146cdd3>] __driver_attach+0xa3/0xb0
       [<ffffffff8146ae4d>] bus_for_each_dev+0x4d/0x90
       [<ffffffff8146c6d9>] driver_attach+0x19/0x20
       [<ffffffff8146c2a0>] bus_add_driver+0x1a0/0x270
       [<ffffffff8146d442>] driver_register+0x72/0x170
       [<ffffffff8132f89f>] __pci_register_driver+0x5f/0x70
       [<ffffffff813bb815>] drm_pci_init+0x115/0x130
       [<ffffffff820a7460>] radeon_init+0xe7/0xe9
       [<ffffffff810002da>] do_one_initcall+0x11a/0x170
       [<ffffffff81811aec>] kernel_init+0x11c/0x290
       [<ffffffff8182ffec>] ret_from_fork+0x7c/0xb0

-> #0 ((fb_notifier_list).rwsem){.+.+.+}:
       [<ffffffff810c96f0>] __lock_acquire+0x1a20/0x1ca0
       [<ffffffff810c9eaa>] lock_acquire+0x5a/0x70
       [<ffffffff8182ca39>] down_read+0x39/0x8c
       [<ffffffff8109f2f4>] __blocking_notifier_call_chain+0x54/0xd0
       [<ffffffff8109f381>] blocking_notifier_call_chain+0x11/0x20
       [<ffffffff81340df6>] fb_notifier_call_chain+0x16/0x20
       [<ffffffff81341516>] fb_set_suspend+0x46/0x60
       [<ffffffff81344a70>] store_fbstate+0x60/0x80
       [<ffffffff81468493>] dev_attr_store+0x13/0x20
       [<ffffffff811b813b>] sysfs_write_file+0xdb/0x150
       [<ffffffff81148b86>] vfs_write+0xa6/0x160
       [<ffffffff81148e90>] sys_write+0x50/0xa0
       [<ffffffff81830092>] system_call_fastpath+0x16/0x1b

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(console_lock);
                               lock((fb_notifier_list).rwsem);
                               lock(console_lock);
  lock((fb_notifier_list).rwsem);

 *** DEADLOCK ***

4 locks held by 99video/2835:
 #0:  (&buffer->mutex){+.+.+.}, at: [<ffffffff811b80a3>] sysfs_write_file+0x43/0x150
 #1:  (s_active#124){.+.+.+}, at: [<ffffffff811b8123>] sysfs_write_file+0xc3/0x150
 #2:  (&fb_info->lock){+.+.+.}, at: [<ffffffff813412c1>] lock_fb_info+0x21/0x60
 #3:  (console_lock){+.+.+.}, at: [<ffffffff81344a65>] store_fbstate+0x55/0x80

stack backtrace:
Pid: 2835, comm: 99video Not tainted 3.8.0-rc2 #21
Call Trace:
 [<ffffffff81823b11>] print_circular_bug+0x28e/0x29f
 [<ffffffff810c96f0>] __lock_acquire+0x1a20/0x1ca0
 [<ffffffff810c9eaa>] lock_acquire+0x5a/0x70
 [<ffffffff8109f2f4>] ? __blocking_notifier_call_chain+0x54/0xd0
 [<ffffffff810c4e0f>] ? __lock_is_held+0x5f/0x90
 [<ffffffff8182ca39>] down_read+0x39/0x8c
 [<ffffffff8109f2f4>] ? __blocking_notifier_call_chain+0x54/0xd0
 [<ffffffff8109f2f4>] __blocking_notifier_call_chain+0x54/0xd0
 [<ffffffff8109f2f4>] __blocking_notifier_call_chain+0x54/0xd0
 [<ffffffff8109f381>] blocking_notifier_call_chain+0x11/0x20
 [<ffffffff81340df6>] fb_notifier_call_chain+0x16/0x20
 [<ffffffff81341516>] fb_set_suspend+0x46/0x60
 [<ffffffff810756e7>] ? console_lock+0x57/0x60
 [<ffffffff81344a65>] ? store_fbstate+0x55/0x80
 [<ffffffff81344a70>] store_fbstate+0x60/0x80
 [<ffffffff81468493>] dev_attr_store+0x13/0x20
 [<ffffffff811b813b>] sysfs_write_file+0xdb/0x150
 [<ffffffff81148b86>] vfs_write+0xa6/0x160
 [<ffffffff81148e90>] sys_write+0x50/0xa0
 [<ffffffff81830092>] system_call_fastpath+0x16/0x1b
PM: Syncing filesystems ... done.
WARNING: kmemcheck: Caught 16-bit read from uninitialized memory (ffff8801c52bbc20)
010000000000000001000000000000000000000000000000b0bb2bc50188ffff
 u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u
 ^
Pid: 2256, comm: X Not tainted 3.8.0-rc2 #21 Acer Aspire 7750G/JE70_HR
RIP: 0010:[<ffffffff813ac091>]  [<ffffffff813ac091>] drm_fb_helper_setcmap+0x111/0x400
RSP: 0018:ffff8801c0c35978  EFLAGS: 00010206
RAX: ffff8801c52bbc00 RBX: ffff8801c476e800 RCX: 0000000000000000
RDX: 000000000000000f RSI: ffff8801c52bb850 RDI: 00000000000000ff
RBP: ffff8801c0c35a48 R08: 00000000001d5300 R09: 0000000000ffffff
R10: 0000000000000000 R11: 000000000000ffff R12: 0000000000000000
R13: 0000000000000010 R14: 0000000000000010 R15: ffff8801c52bb800
FS:  00007f34900ed8c0(0000) GS:ffff8801c7e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff8801c644bf10 CR3: 00000001c30d3000 CR4: 00000000000407f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
 [<ffffffff81344375>] fb_set_cmap+0x65/0x140
 [<ffffffff81341dff>] fb_set_var+0x1cf/0x480
 [<ffffffff8134be21>] fbcon_blank+0x1e1/0x2e0
 [<ffffffff813a3f79>] do_unblank_screen+0xa9/0x1d0
 [<ffffffff81399744>] complete_change_console+0x64/0xf0
 [<ffffffff8139aa32>] vt_ioctl+0x1262/0x1350
 [<ffffffff8138fd98>] tty_ioctl+0x2c8/0xd10
 [<ffffffff8115aae7>] do_vfs_ioctl+0x97/0x5a0
 [<ffffffff8115b03b>] sys_ioctl+0x4b/0x90
 [<ffffffff81830092>] system_call_fastpath+0x16/0x1b
 [<ffffffffffffffff>] 0xffffffffffffffff
WARNING: kmemcheck: Caught 16-bit read from uninitialized memory (ffff8801c52bbe20)
ea00000077000000260000000b00000002000000040000000100000001000000
 u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u
 ^
Pid: 2256, comm: X Not tainted 3.8.0-rc2 #21 Acer Aspire 7750G/JE70_HR
RIP: 0010:[<ffffffff813ac0af>]  [<ffffffff813ac0af>] drm_fb_helper_setcmap+0x12f/0x400
RSP: 0018:ffff8801c0c35978  EFLAGS: 00010246
RAX: ffff8801c52bbe00 RBX: ffff8801c476e800 RCX: 0000000000000000
RDX: 0000000000000010 RSI: ffff8801c52bb850 RDI: 00000000000000ff
RBP: ffff8801c0c35a48 R08: 00000000001d5300 R09: 0000000000ffffff
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000010
R13: 0000000000000010 R14: 0000000000000010 R15: ffff8801c52bb800
FS:  00007f34900ed8c0(0000) GS:ffff8801c7e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff8801c644bf10 CR3: 00000001c30d3000 CR4: 00000000000407f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
 [<ffffffff81344375>] fb_set_cmap+0x65/0x140
 [<ffffffff81341dff>] fb_set_var+0x1cf/0x480
 [<ffffffff8134be21>] fbcon_blank+0x1e1/0x2e0
 [<ffffffff813a3f79>] do_unblank_screen+0xa9/0x1d0
 [<ffffffff81399744>] complete_change_console+0x64/0xf0
 [<ffffffff8139aa32>] vt_ioctl+0x1262/0x1350
 [<ffffffff8138fd98>] tty_ioctl+0x2c8/0xd10
 [<ffffffff8115aae7>] do_vfs_ioctl+0x97/0x5a0
 [<ffffffff8115b03b>] sys_ioctl+0x4b/0x90
 [<ffffffff81830092>] system_call_fastpath+0x16/0x1b
 [<ffffffffffffffff>] 0xffffffffffffffff
WARNING: kmemcheck: Caught 16-bit read from uninitialized memory (ffff8801c4778020)
000000000000000010fa0881ffffffff00000000000000000000000000000000
 u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u u
 ^
Pid: 2256, comm: X Not tainted 3.8.0-rc2 #21 Acer Aspire 7750G/JE70_HR
RIP: 0010:[<ffffffff813ac0b8>]  [<ffffffff813ac0b8>] drm_fb_helper_setcmap+0x138/0x400
RSP: 0018:ffff8801c0c35978  EFLAGS: 00010246
RAX: ffff8801c4778000 RBX: ffff8801c476e800 RCX: 0000000000000000
RDX: 0000000000000010 RSI: ffff8801c52bb850 RDI: 00000000000000ff
RBP: ffff8801c0c35a48 R08: 00000000001d5300 R09: 00000000000000ea
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000010
R13: 0000000000000010 R14: 0000000000000010 R15: ffff8801c52bb800
FS:  00007f34900ed8c0(0000) GS:ffff8801c7e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff8801c644bf10 CR3: 00000001c30d3000 CR4: 00000000000407f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
 [<ffffffff81344375>] fb_set_cmap+0x65/0x140
 [<ffffffff81341dff>] fb_set_var+0x1cf/0x480
 [<ffffffff8134be21>] fbcon_blank+0x1e1/0x2e0
 [<ffffffff813a3f79>] do_unblank_screen+0xa9/0x1d0
 [<ffffffff81399744>] complete_change_console+0x64/0xf0
 [<ffffffff8139aa32>] vt_ioctl+0x1262/0x1350
 [<ffffffff8138fd98>] tty_ioctl+0x2c8/0xd10
 [<ffffffff8115aae7>] do_vfs_ioctl+0x97/0x5a0
 [<ffffffff8115b03b>] sys_ioctl+0x4b/0x90
 [<ffffffff81830092>] system_call_fastpath+0x16/0x1b

etc.
(uninitialized read is already reported in another bugzilla entry).
Comment 1 Alan 2013-01-03 13:08:55 UTC 
Fix was posted 7th December, no idea why it still doesn't seem to have been applied.
Comment 2 Christian Casteyde 2013-07-23 14:00:39 UTC 
Not reproduced with recent kernels.
Note You need to log in before you can comment on or make changes to this bug.