releases/3.0.96/tipc-fix-lockdep-warning-during-bearer-initialization.patch

   1 From f023235029429ba54960f51dc46ea98dfca16a9b Mon Sep 17 00:00:00 2001
   2 From: Ying Xue <ying.xue@windriver.com>
   3 Date: Thu, 16 Aug 2012 12:09:07 +0000
   4 Subject: tipc: fix lockdep warning during bearer initialization
   5
   6 From: Ying Xue <ying.xue@windriver.com>
   7
   8 [ Upstream commit 4225a398c1352a7a5c14dc07277cb5cc4473983b ]
   9
  10 When the lockdep validator is enabled, it will report the below
  11 warning when we enable a TIPC bearer:
  12
  13 [ INFO: possible irq lock inversion dependency detected ]
  14 ---------------------------------------------------------
  15 Possible interrupt unsafe locking scenario:
  16
  17         CPU0                    CPU1
  18         ----                    ----
  19    lock(ptype_lock);
  20                                 local_irq_disable();
  21                                 lock(tipc_net_lock);
  22                                 lock(ptype_lock);
  23    <Interrupt>
  24    lock(tipc_net_lock);
  25
  26   *** DEADLOCK ***
  27
  28 the shortest dependencies between 2nd lock and 1st lock:
  29   -> (ptype_lock){+.+...} ops: 10 {
  30 [...]
  31 SOFTIRQ-ON-W at:
  32                       [<c1089418>] __lock_acquire+0x528/0x13e0
  33                       [<c108a360>] lock_acquire+0x90/0x100
  34                       [<c1553c38>] _raw_spin_lock+0x38/0x50
  35                       [<c14651ca>] dev_add_pack+0x3a/0x60
  36                       [<c182da75>] arp_init+0x1a/0x48
  37                       [<c182dce5>] inet_init+0x181/0x27e
  38                       [<c1001114>] do_one_initcall+0x34/0x170
  39                       [<c17f7329>] kernel_init+0x110/0x1b2
  40                       [<c155b6a2>] kernel_thread_helper+0x6/0x10
  41 [...]
  42    ... key      at: [<c17e4b10>] ptype_lock+0x10/0x20
  43    ... acquired at:
  44     [<c108a360>] lock_acquire+0x90/0x100
  45     [<c1553c38>] _raw_spin_lock+0x38/0x50
  46     [<c14651ca>] dev_add_pack+0x3a/0x60
  47     [<c8bc18d2>] enable_bearer+0xf2/0x140 [tipc]
  48     [<c8bb283a>] tipc_enable_bearer+0x1ba/0x450 [tipc]
  49     [<c8bb3a04>] tipc_cfg_do_cmd+0x5c4/0x830 [tipc]
  50     [<c8bbc032>] handle_cmd+0x42/0xd0 [tipc]
  51     [<c148e802>] genl_rcv_msg+0x232/0x280
  52     [<c148d3f6>] netlink_rcv_skb+0x86/0xb0
  53     [<c148e5bc>] genl_rcv+0x1c/0x30
  54     [<c148d144>] netlink_unicast+0x174/0x1f0
  55     [<c148ddab>] netlink_sendmsg+0x1eb/0x2d0
  56     [<c1456bc1>] sock_aio_write+0x161/0x170
  57     [<c1135a7c>] do_sync_write+0xac/0xf0
  58     [<c11360f6>] vfs_write+0x156/0x170
  59     [<c11361e2>] sys_write+0x42/0x70
  60     [<c155b0df>] sysenter_do_call+0x12/0x38
  61 [...]
  62 }
  63   -> (tipc_net_lock){+..-..} ops: 4 {
  64 [...]
  65     IN-SOFTIRQ-R at:
  66                      [<c108953a>] __lock_acquire+0x64a/0x13e0
  67                      [<c108a360>] lock_acquire+0x90/0x100
  68                      [<c15541cd>] _raw_read_lock_bh+0x3d/0x50
  69                      [<c8bb874d>] tipc_recv_msg+0x1d/0x830 [tipc]
  70                      [<c8bc195f>] recv_msg+0x3f/0x50 [tipc]
  71                      [<c146a5fa>] __netif_receive_skb+0x22a/0x590
  72                      [<c146ab0b>] netif_receive_skb+0x2b/0xf0
  73                      [<c13c43d2>] pcnet32_poll+0x292/0x780
  74                      [<c146b00a>] net_rx_action+0xfa/0x1e0
  75                      [<c103a4be>] __do_softirq+0xae/0x1e0
  76 [...]
  77 }
  78
  79 >From the log, we can see three different call chains between
  80 CPU0 and CPU1:
  81
  82 Time 0 on CPU0:
  83
  84   kernel_init()->inet_init()->dev_add_pack()
  85
  86 At time 0, the ptype_lock is held by CPU0 in dev_add_pack();
  87
  88 Time 1 on CPU1:
  89
  90   tipc_enable_bearer()->enable_bearer()->dev_add_pack()
  91
  92 At time 1, tipc_enable_bearer() first holds tipc_net_lock, and then
  93 wants to take ptype_lock to register TIPC protocol handler into the
  94 networking stack.  But the ptype_lock has been taken by dev_add_pack()
  95 on CPU0, so at this time the dev_add_pack() running on CPU1 has to be
  96 busy looping.
  97
  98 Time 2 on CPU0:
  99
 100   netif_receive_skb()->recv_msg()->tipc_recv_msg()
 101
 102 At time 2, an incoming TIPC packet arrives at CPU0, hence
 103 tipc_recv_msg() will be invoked. In tipc_recv_msg(), it first wants
 104 to hold tipc_net_lock.  At the moment, below scenario happens:
 105
 106 On CPU0, below is our sequence of taking locks:
 107
 108   lock(ptype_lock)->lock(tipc_net_lock)
 109
 110 On CPU1, our sequence of taking locks looks like:
 111
 112   lock(tipc_net_lock)->lock(ptype_lock)
 113
 114 Obviously deadlock may happen in this case.
 115
 116 But please note the deadlock possibly doesn't occur at all when the
 117 first TIPC bearer is enabled.  Before enable_bearer() -- running on
 118 CPU1 does not hold ptype_lock, so the TIPC receive handler (i.e.
 119 recv_msg()) is not registered successfully via dev_add_pack(), so
 120 the tipc_recv_msg() cannot be called by recv_msg() even if a TIPC
 121 message comes to CPU0. But when the second TIPC bearer is
 122 registered, the deadlock can perhaps really happen.
 123
 124 To fix it, we will push the work of registering TIPC protocol
 125 handler into workqueue context. After the change, both paths taking
 126 ptype_lock are always in process contexts, thus, the deadlock should
 127 never occur.
 128
 129 Signed-off-by: Ying Xue <ying.xue@windriver.com>
 130 Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
 131 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
 132 Signed-off-by: David S. Miller <davem@davemloft.net>
 133 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 134 ---
 135  net/tipc/eth_media.c |   15 ++++++++++++++-
 136  1 file changed, 14 insertions(+), 1 deletion(-)
 137
 138 --- a/net/tipc/eth_media.c
 139 +++ b/net/tipc/eth_media.c
 140 @@ -53,6 +53,7 @@ struct eth_bearer {
 141         struct tipc_bearer *bearer;
 142         struct net_device *dev;
 143         struct packet_type tipc_packet_type;
 144 +       struct work_struct setup;
 145  };
 146
 147  static struct eth_bearer eth_bearers[MAX_ETH_BEARERS];
 148 @@ -121,6 +122,17 @@ static int recv_msg(struct sk_buff *buf,
 149  }
 150
 151  /**
 152 + * setup_bearer - setup association between Ethernet bearer and interface
 153 + */
 154 +static void setup_bearer(struct work_struct *work)
 155 +{
 156 +       struct eth_bearer *eb_ptr =
 157 +               container_of(work, struct eth_bearer, setup);
 158 +
 159 +       dev_add_pack(&eb_ptr->tipc_packet_type);
 160 +}
 161 +
 162 +/**
 163   * enable_bearer - attach TIPC bearer to an Ethernet interface
 164   */
 165
 166 @@ -167,7 +179,8 @@ static int enable_bearer(struct tipc_bea
 167                 eb_ptr->tipc_packet_type.af_packet_priv = eb_ptr;
 168                 INIT_LIST_HEAD(&(eb_ptr->tipc_packet_type.list));
 169                 dev_hold(dev);
 170 -               dev_add_pack(&eb_ptr->tipc_packet_type);
 171 +               INIT_WORK(&eb_ptr->setup, setup_bearer);
 172 +               schedule_work(&eb_ptr->setup);
 173         }
 174
 175         /* Associate TIPC bearer with Ethernet bearer */