On Wed, Apr 27, 2016 at 12:55:47PM +0200, Andreas Starzer wrote:
> This Bug was already fixed in rcutiny_plugin.h with changing the
> wait-queue to simple-waiter.
>
> Found this bug with 3.10.63-rt65 in rcutree_plugin.h too. (It is not
> fixed in current 3.10-release)
>
> SVC (hard-irq-context) for scheduling tries to wake-up wait-queue
> waiters and therefore simple-waiter is needed.
>
> I fixed the problem for myself with this patch, but I don't know if
> this is a correct fix.
Is this a bug with 4.1-rt too? This the stable rt releases get their fixes
from either mainline stable, or from rt-devel (the upstream RT development).
It looks to me that 4.1-rt would have the same issue here, although 4.6-rt has
this code rewritten a bit, although it appears that mainline itself converted
this to a swait (after swait made it into mainline).
But if this bug does affect 4.1-rt, it should go against that and be marked
for stable...@vger.kernel.org, and it will then be backported to the older
rt kernels.
-- Steve
>
> Index: src/kernel/rcutree_plugin.h
> ===================================================================
> --- src/kernel/rcutree_plugin.h (revision 159)
> +++ src/kernel/rcutree_plugin.h (working copy)
> @@ -705,7 +705,8 @@
> }
> EXPORT_SYMBOL_GPL(synchronize_rcu);
>
> -static DECLARE_WAIT_QUEUE_HEAD(sync_rcu_preempt_exp_wq);
> +/* (stz): bug#16085 replace standard wq by simple waiter for call by
> SVC context. */
> +static DEFINE_SWAIT_HEAD(sync_rcu_preempt_exp_wq);
> static unsigned long sync_rcu_preempt_exp_count;
> static DEFINE_MUTEX(sync_rcu_preempt_exp_mutex);
>
> @@ -762,8 +763,10 @@
> }
> if (rnp->parent == NULL) {
> raw_spin_unlock_irqrestore(&rnp->lock, flags);
> - if (wake)
> - wake_up(&sync_rcu_preempt_exp_wq);
> + if (wake) {
> + /* (stz): bug#16085 replace standard wq by simple
> waiter for call by SVC context. */
> + swait_wake(&sync_rcu_preempt_exp_wq);
> + }
> break;
> }
> mask = rnp->grpmask;
> @@ -883,8 +886,9 @@
>
> /* Wait for snapshotted ->blkd_tasks lists to drain. */
> rnp = rcu_get_root(rsp);
> - wait_event(sync_rcu_preempt_exp_wq,
> - sync_rcu_preempt_exp_done(rnp));
> + /* (stz): bug#16085 replace standard wq by simple waiter for call
> by SVC context. */
> + swait_event(sync_rcu_preempt_exp_wq,
> + sync_rcu_preempt_exp_done(rnp));
>
> /* Clean up and exit. */
> smp_mb(); /* ensure expedited GP seen before counter increment. */
>
>
>
> ------------------------------
> Detailed Output:
> ------------------------------
>
> [22503.069680] BUG: sleeping function called from invalid context at
> kernel/rtmutex.c:796
> [22503.069685] in_atomic(): 1, irqs_disabled(): 0, pid: 385, name: rstpd
> [22503.069707] Preemption disabled at:[<8000e28c>] svc_preempt+0x8/0x20
> [22503.069708]
> [22503.069717] CPU: 1 PID: 385 Comm: rstpd Tainted: G O
> 3.10.63-sp4-rt65-svn160 #6
> [22503.069723] Backtrace:
> [22503.069742] [<80011d08>] (dump_backtrace+0x0/0x108) from
> [<80011f18>] (show_stack+0x18/0x1c)
> [22503.069753] r6:00000003 r5:8c906000 r4:00000000 r3:00000000
> [22503.069772] [<80011f00>] (show_stack+0x0/0x1c) from [<8060ce58>]
> (dump_stack+0x24/0x28)
> [22503.069794] [<8060ce34>] (dump_stack+0x0/0x28) from [<80054524>]
> (__might_sleep+0x100/0x158)
> [22503.069810] [<80054424>] (__might_sleep+0x0/0x158) from
> [<806104f4>] (rt_spin_lock+0x24/0x30)
> [22503.069816] r5:00000001 r4:8086461c
> [22503.069831] [<806104d0>] (rt_spin_lock+0x0/0x30) from [<800565b0>]
> (__wake_up+0x2c/0x58)
> [22503.069837] r4:8086461c r3:00000001
> [22503.069850] [<80056584>] (__wake_up+0x0/0x58) from [<80089f9c>]
> (rcu_report_exp_rnp.isra.50+0xac/0xb4)
> [22503.069861] r7:00000001 r6:20010113 r5:00000001 r4:80864340
> [22503.069874] [<80089ef0>] (rcu_report_exp_rnp.isra.50+0x0/0xb4) from
> [<8008b9d0>] (rcu_read_unlock_special+0x138/0x1cc)
> [22503.069885] r7:40010113 r6:80864340 r5:00000001 r4:80864340
> [22503.069897] [<8008b898>] (rcu_read_unlock_special+0x0/0x1cc) from
> [<8008bb10>] (rcu_note_context_switch+0xac/0x1fc)
> [22503.069912] r9:00000001 r8:8c906000 r7:00000001 r6:8c3a6e80 r5:8c906008
> [22503.069912] r4:80853a38
> [22503.069924] [<8008ba64>] (rcu_note_context_switch+0x0/0x1fc) from
> [<8060eee4>] (__schedule+0x70/0x44c)
> [22503.069935] [<8060ee74>] (__schedule+0x0/0x44c) from [<8060f898>]
> (preempt_schedule_irq+0x40/0x6c)
> [22503.069947] [<8060f858>] (preempt_schedule_irq+0x0/0x6c) from
> [<8000e28c>] (svc_preempt+0x8/0x20)
> [22503.069953] r4:800476bc r3:00000000
> [22503.069979] [<8004766c>] (__rcu_read_unlock+0x0/0x5c) from
> [<8046db5c>] (dev_queue_xmit+0x200/0x444)
> [22503.070007] r4:8c957c00 r3:00001000
> [22503.070031] [<8046d95c>] (dev_queue_xmit+0x0/0x444) from
> [<8059f390>] (packet_sendmsg+0xb74/0xca0)
> [22503.070059] [<8059e81c>] (packet_sendmsg+0x0/0xca0) from
> [<80455a80>] (sock_sendmsg+0xb0/0xd8)
> [22503.070077] [<804559d0>] (sock_sendmsg+0x0/0xd8) from [<80458048>]
> (SyS_sendto+0xc0/0xe4)
> [22503.070104] r7:0001d4e0 r6:8a02d440 r5:00000000 r4:00000035
> [22503.070120] [<80457f88>] (SyS_sendto+0x0/0xe4) from [<8000e680>]
> (ret_fast_syscall+0x0/0x30)
> [22503.070145] r7:00000122 r6:00000014 r5:00000014 r4:7ed242dc
