On 5/15/26 14:05, Mika Penttilä wrote:
> Hi,
>
>> FYI: While testing with hmm_tests I ran into
>>
>> [ 107.866004] ============================================
>> [ 107.866284] WARNING: possible recursive locking detected
>> [ 107.866577] 7.1.0-rc3-00311-g4277273ca0e1 #12 Not tainted
>> [ 107.866877] --------------------------------------------
>> [ 107.867217] hmm-tests/1098 is trying to acquire lock:
>> [ 107.867491] ffff888113571b38 (&mm->mmap_lock){++++}-{4:4}, at:
>> dmirror_range_fault+0x147/0x610 [test_hmm] <- line 368 of lib/test_hmm.c
>> [ 107.868076]
>> [ 107.868076] but task is already holding lock:
>> [ 107.868383] ffff888113571b38 (&mm->mmap_lock){++++}-{4:4}, at:
>> dmirror_fault_and_migrate_to_device.constprop.0+0x3aa/0x6a0 [test_hmm] <-
>> line 1267 of lib/test_hmm.c
>> [ 107.869076]
>> [ 107.869076] other info that might help us debug this:
>> [ 107.869415] Possible unsafe locking scenario:
>> [ 107.869415]
>> [ 107.869729] CPU0
>> [ 107.869866] ----
>> [ 107.870054] lock(&mm->mmap_lock);
>> [ 107.870247] lock(&mm->mmap_lock);
>> [ 107.870436]
>> [ 107.870436] *** DEADLOCK ***
>> [ 107.870436]
>> [ 107.870743] May be due to missing lock nesting notation
>> [ 107.870743]
>> [ 107.871158] 1 lock held by hmm-tests/1098:
>> [ 107.871377] #0: ffff888113571b38 (&mm->mmap_lock){++++}-{4:4}, at:
>> dmirror_fault_and_migrate_to_device.constprop.0+0x3aa/0x6a0 [test_hmm]
>> [ 107.872081]
>> [ 107.872081] stack backtrace:
>> [ 107.872348] CPU: 1 UID: 0 PID: 1098 Comm: hmm-tests Not tainted
>> 7.1.0-rc3-00311-g4277273ca0e1 #12 PREEMPT(full)
>> [ 107.872350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
>> edk2-20260213-6.fc44 02/13/2026
>> [ 107.872354] Call Trace:
>> [ 107.872357] <TASK>
>> [ 107.872358] dump_stack_lvl+0x5d/0x80
>> [ 107.872385] print_deadlock_bug.cold+0xc0/0xe2
>> [ 107.872393] __lock_acquire+0x10cf/0x1b90
>> [ 107.872400] lock_acquire+0x189/0x2f0
>> [ 107.872401] ? dmirror_range_fault+0x147/0x610 [test_hmm]
>> [ 107.872404] down_read+0x9b/0x4b0
>> [ 107.872420] ? dmirror_range_fault+0x147/0x610 [test_hmm]
>> [ 107.872421] ? lock_acquire+0x189/0x2f0
>> [ 107.872422] ? __pfx_down_read+0x10/0x10
>> [ 107.872424] ? __lock_acquire+0x3c2/0x1b90
>> [ 107.872425] dmirror_range_fault+0x147/0x610 [test_hmm]
>> [ 107.872427] ? __pfx_down_read+0x10/0x10
>> [ 107.872429] ? __pfx_dmirror_range_fault+0x10/0x10 [test_hmm]
>> [ 107.872430] ? __lock_acquire+0x3c2/0x1b90
>> [ 107.872434] dmirror_fault_and_migrate_to_device.constprop.0+0x3bf/0x6a0
>> [test_hmm]
>> [ 107.872436] ?
>> __pfx_dmirror_fault_and_migrate_to_device.constprop.0+0x10/0x10 [test_hmm]
>> [ 107.872439] ? find_held_lock+0x2b/0x80
>> [ 107.872444] ? dmirror_device_remove_chunks+0x5b8/0xa00 [test_hmm]
>> [ 107.872445] ? __is_insn_slot_addr+0xee/0x1f0
>> [ 107.872458] ? lock_acquire+0x189/0x2f0
>> [ 107.872460] ? avc_has_extended_perms+0x234/0x1350
>> [ 107.872476] ? __might_fault+0x89/0x150
>> [ 107.872484] ? lock_release+0xe1/0x320
>> [ 107.872486] dmirror_fops_unlocked_ioctl+0x9ba/0xdb0 [test_hmm]
>> [ 107.872488] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x6c0
>> [ 107.872494] ? __pfx_dmirror_fops_unlocked_ioctl+0x10/0x10 [test_hmm]
>> [ 107.872498] ? count_memcg_events_mm.constprop.0+0x22/0x1a0
>> [ 107.872499] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
>> [ 107.872501] ? count_memcg_events_mm.constprop.0+0xaa/0x1a0
>> [ 107.872503] ? lock_release+0xe1/0x320
>> [ 107.872504] ? find_held_lock+0x2b/0x80
>> [ 107.872506] ? exc_page_fault+0x7e/0xf0
>> [ 107.872510] __x64_sys_ioctl+0x13c/0x1d0
>> [ 107.872521] ? lockdep_hardirqs_on_prepare+0xd9/0x190
>> [ 107.872523] do_syscall_64+0xf3/0x6a0
>> [ 107.872526] ? exc_page_fault+0xde/0xf0
>> [ 107.872528] entry_SYSCALL_64_after_hwframe+0x77/0x7f
>> [ 107.872529] RIP: 0033:0x7f7381c543ad
>> [ 107.872531] Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45
>> b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89>
>> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 2b 04 25 28 00 00 00
>> [ 107.872532] RSP: 002b:00007ffc3160a9b0 EFLAGS: 00000246 ORIG_RAX:
>> 0000000000000010
>> [ 107.872539] RAX: ffffffffffffffda RBX: 00007f7381b44000 RCX:
>> 00007f7381c543ad
>> [ 107.872540] RDX: 00007ffc3160aa30 RSI: 00000000c0284803 RDI:
>> 0000000000000022
>> [ 107.872541] RBP: 00007ffc3160aa00 R08: 00000000ffffffff R09:
>> 0000000000000000
>> [ 107.872541] R10: 0000000000000022 R11: 0000000000000246 R12:
>> 00007ffc3160aa24
>> [ 107.872542] R13: 000000000041f380 R14: 0000000000000200 R15:
>> 00007f7381200000
>> [ 107.872544] </TASK>
>>
>>
>> Thanks,
>> Balbir
>>
> Thanks, I could reproduce. Had lockdep dropped off so went unnoticed. It is
> nesting mmap_read_lock in the test suite, I will change that in next version.
>
> --Mika
>
>
I'll wait for the next version
Balbir
