Before commit b3fd4f03ca0b995(locking/rwsem: Avoid deceiving lock
spinners), rwsem_spin_on_owner() returns false if the owner is changed.
This commit just returns true under the situation, then kernel
softlock can be triggered easily in xfstest.

So this patch recovers to previous behaviour, and it should be
reasonable to stop spining in case of heavy contention.

The soft lockup can be reproduced easily in xfstests(generic/299)
over ext4:

[  236.417011] NMI watchdog: BUG: soft lockup - CPU#5 stuck for 23s! 
[kworker/5:80:3288]
[  236.417011] Modules linked in: nbd ipv6 kvm_intel kvm serio_raw
[  236.417011] CPU: 5 PID: 3288 Comm: kworker/5:80 Not tainted 
4.0.0-rc1-next-20150303+ #69
[  236.417011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 
Bochs 01/01/2011
[  236.417011] Workqueue: dio/sda dio_aio_complete_work
[  236.417011] task: ffff8800b87c0000 ti: ffff8800b703c000 task.ti: 
ffff8800b703c000
[  236.417011] RIP: 0010:[<ffffffff81083c20>]  [<ffffffff81083c20>] 
__rcu_read_unlock+0x47/0x55
[  236.417011] RSP: 0018:ffff8800b703fb98  EFLAGS: 00000246
[  236.417011] RAX: 0000000000000000 RBX: ffff8800b703fb48 RCX: 000000000003b080
[  236.417011] RDX: fffffffe00000001 RSI: ffff880231f03a20 RDI: ffff8800bb755568
[  236.417011] RBP: ffff8800b703fba8 R08: ffff880227908078 R09: ffff8800b87c0000
[  236.417011] R10: 0000000000000001 R11: 0000000000000020 R12: ffff8800b703c000
[  236.417011] R13: ffff8800b87c0000 R14: 000000000000000f R15: 0000000000000101
[  236.417011] FS:  0000000000000000(0000) GS:ffff88023eca0000(0000) 
knlGS:0000000000000000
[  236.417011] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  236.417011] CR2: 00007f549369f948 CR3: 00000000ba891000 CR4: 00000000000007e0
[  236.417011] Stack:
[  236.417011]  fffffffe00000001 ffff8800bb755568 ffff8800b703fbc8 
ffffffff81073917
[  236.417011]  ffff8800bb755568 ffff8800bb755584 ffff8800b703fc48 
ffffffff814d1ba4
[  236.417011]  ffff8800b703fbe8 ffff8800b87c0000 ffff8800b703fc78 
ffffffff811cf51b
[  236.417011] Call Trace:
[  236.417011]  [<ffffffff81073917>] rwsem_spin_on_owner+0x2b/0x79
[  236.417011]  [<ffffffff814d1ba4>] rwsem_down_write_failed+0xc0/0x2f1
[  236.417011]  [<ffffffff811cf51b>] ? start_this_handle+0x494/0x4bd
[  236.417011]  [<ffffffff810d1149>] ? trace_preempt_on+0x12/0x2f
[  236.417011]  [<ffffffff812ae8f3>] call_rwsem_down_write_failed+0x13/0x20
[  236.417011]  [<ffffffff814d1623>] ? down_write+0x24/0x33
[  236.417011]  [<ffffffff81199404>] ext4_map_blocks+0x236/0x3cb
[  236.417011]  [<ffffffff811bb407>] ? ext4_convert_unwritten_extents+0xd2/0x19c
[  236.417011]  [<ffffffff811bcae4>] ? __ext4_journal_start_sb+0x77/0xb8
[  236.417011]  [<ffffffff811bb42e>] ext4_convert_unwritten_extents+0xf9/0x19c
[  236.417011]  [<ffffffff8119e214>] ext4_put_io_end+0x3a/0x5d
[  236.417011]  [<ffffffff81197268>] ext4_end_io_dio+0x2a/0x2c
[  236.417011]  [<ffffffff8116418c>] dio_complete+0x97/0x12d
[  236.417011]  [<ffffffff81164333>] dio_aio_complete_work+0x21/0x23
[  236.417011]  [<ffffffff81053a4b>] process_one_work+0x160/0x299
[  236.417011]  [<ffffffff810542fa>] worker_thread+0x1c7/0x29e
[  236.417011]  [<ffffffff81054133>] ?cancel_delayed_work_sync+0x15/0x15
[  236.417011]  [<ffffffff81054133>] ?cancel_delayed_work_sync+0x15/0x15
[  236.417011]  [<ffffffff810583a5>] kthread+0xae/0xb6
[  236.417011]  [<ffffffff810582f7>] ? __kthread_parkme+0x61/0x61
[  236.417011]  [<ffffffff814d3593>] ret_from_fork+0x53/0x80
[  236.417011]  [<ffffffff810582f7>] ? __kthread_parkme+0x61/0x61
[  236.417011] Code: 01 74 0a ff c8 89 83 10 07 00 00 eb 28 c7 83 10 07 00 00
00 00 00 80 66 8b 83 14 07 00 00 66 85 c0 74 08 48 89 df e8 62 40 00 00 <c7>
83 10 07 00 00 00 00 00 00 58 5b 5d c3 0f 1f 44 00 00 55 48

Cc: Davidlohr Bueso <dbu...@suse.de>
Cc: Peter Zijlstra (Intel) <pet...@infradead.org>
Cc: Jason Low <jason.l...@hp.com>
Cc: Linus Torvalds <torva...@linux-foundation.org>
Cc: Michel Lespinasse <wal...@google.com>
Cc: Paul E. McKenney <paul...@linux.vnet.ibm.com>
Cc: Tim Chen <tim.c.c...@linux.intel.com>
Cc: Ingo Molnar <mi...@kernel.org>
Cc: "Theodore Ts'o" <ty...@mit.edu>
Signed-off-by: Ming Lei <ming....@canonical.com>
---
 kernel/locking/rwsem-xadd.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/kernel/locking/rwsem-xadd.c b/kernel/locking/rwsem-xadd.c
index 06e2214..1e78c5b 100644
--- a/kernel/locking/rwsem-xadd.c
+++ b/kernel/locking/rwsem-xadd.c
@@ -358,8 +358,12 @@ bool rwsem_spin_on_owner(struct rw_semaphore *sem, struct 
task_struct *owner)
        }
        rcu_read_unlock();
 
+       /*
+        * When the owner is changed, it is a sign for heavy contention,
+        * so stop spinning for avoiding kernel lockup.
+        */
        if (READ_ONCE(sem->owner))
-               return true; /* new owner, continue spinning */
+               return false;
 
        /*
         * When the owner is not set, the lock could be free or
-- 
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to