• Wander Lairson Costa's avatar
    kernel/fork: beware of __put_task_struct() calling context · d243b344
    Wander Lairson Costa authored
    Under PREEMPT_RT, __put_task_struct() indirectly acquires sleeping
    locks. Therefore, it can't be called from an non-preemptible context.
    
    One practical example is splat inside inactive_task_timer(), which is
    called in a interrupt context:
    
      CPU: 1 PID: 2848 Comm: life Kdump: loaded Tainted: G W ---------
       Hardware name: HP ProLiant DL388p Gen8, BIOS P70 07/15/2012
       Call Trace:
       dump_stack_lvl+0x57/0x7d
       mark_lock_irq.cold+0x33/0xba
       mark_lock+0x1e7/0x400
       mark_usage+0x11d/0x140
       __lock_acquire+0x30d/0x930
       lock_acquire.part.0+0x9c/0x210
       rt_spin_lock+0x27/0xe0
       refill_obj_stock+0x3d/0x3a0
       kmem_cache_free+0x357/0x560
       inactive_task_timer+0x1ad/0x340
       __run_hrtimer+0x8a/0x1a0
       __hrtimer_run_queues+0x91/0x130
       hrtimer_interrupt+0x10f/0x220
       __sysvec_apic_timer_interrupt+0x7b/0xd0
       sysvec_apic_timer_interrupt+0x4f/0xd0
       asm_sysvec_apic_timer_interrupt+0x12/0x20
       RIP: 0033:0x7fff196bf6f5
    
    Instead of calling __put_task_struct() directly, we defer it using
    call_rcu(). A more natural approach would use a workqueue, but since
    in PREEMPT_RT, we can't allocate dynamic memory from atomic context,
    the code would become more complex because we would need to put the
    work_struct instance in the task_struct and initialize it when we
    allocate a new task_struct.
    
    The issue is reproducible with stress-ng:
    
      while true; do
          stress-ng --sched deadline --sched-period 1000000000 \
    	      --sched-runtime 800000000 --sched-deadline \
    	      1000000000 --mmapfork 23 -t 20
      done
    Reported-by: default avatarHu Chunyu <chuhu@redhat.com>
    Suggested-by: default avatarOleg Nesterov <oleg@redhat.com>
    Suggested-by: default avatarValentin Schneider <vschneid@redhat.com>
    Suggested-by: default avatarPeter Zijlstra <peterz@infradead.org>
    Signed-off-by: default avatarWander Lairson Costa <wander@redhat.com>
    Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
    Link: https://lore.kernel.org/r/20230614122323.37957-2-wander@redhat.com
    d243b344
task.h 5.99 KB