From 637ee29eff53fd718a454aacd3b7190cb4e15df8 Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Mon, 22 Aug 2016 14:28:20 +0100 Subject: [PATCH] drm/i915: Fix nesting of filelist_mutex vs struct_mutex in i915_ppgtt_info An unlikely ABBA deadlock in debugfs that no one has reported. [ 284.922349] ====================================================== [ 284.922355] [ INFO: possible circular locking dependency detected ] [ 284.922361] 4.8.0-rc2+ #430 Tainted: G W [ 284.922366] ------------------------------------------------------- [ 284.922371] cat/1197 is trying to acquire lock: [ 284.922376] (&dev->filelist_mutex){+.+...}, at: [] i915_ppgtt_info+0x82/0x390 [i915] [ 284.922423] [ 284.922423] but task is already holding lock: [ 284.922429] (&dev->struct_mutex){+.+.+.}, at: [] i915_ppgtt_info+0x35/0x390 [i915] [ 284.922465] [ 284.922465] which lock already depends on the new lock. [ 284.922465] [ 284.922471] [ 284.922471] the existing dependency chain (in reverse order) is: [ 284.922477] -> #1 (&dev->struct_mutex){+.+.+.}: [ 284.922493] [] lock_acquire+0x60/0x80 [ 284.922505] [] mutex_lock_nested+0x5f/0x360 [ 284.922520] [] print_context_stats+0x37/0xf0 [i915] [ 284.922549] [] i915_gem_object_info+0x265/0x490 [i915] [ 284.922581] [] seq_read+0xe1/0x3b0 [ 284.922592] [] full_proxy_read+0x83/0xb0 [ 284.922604] [] __vfs_read+0x23/0x110 [ 284.922616] [] vfs_read+0x89/0x110 [ 284.922626] [] SyS_read+0x44/0xa0 [ 284.922636] [] entry_SYSCALL_64_fastpath+0x1c/0xac [ 284.922648] -> #0 (&dev->filelist_mutex){+.+...}: [ 284.922667] [] __lock_acquire+0x10fc/0x1270 [ 284.922678] [] lock_acquire+0x60/0x80 [ 284.922689] [] mutex_lock_nested+0x5f/0x360 [ 284.922701] [] i915_ppgtt_info+0x82/0x390 [i915] [ 284.922729] [] seq_read+0xe1/0x3b0 [ 284.922739] [] full_proxy_read+0x83/0xb0 [ 284.922750] [] __vfs_read+0x23/0x110 [ 284.922761] [] vfs_read+0x89/0x110 [ 284.922771] [] SyS_read+0x44/0xa0 [ 284.922781] [] entry_SYSCALL_64_fastpath+0x1c/0xac [ 284.922793] [ 284.922793] other info that might help us debug this: [ 284.922793] [ 284.922809] Possible unsafe locking scenario: [ 284.922809] [ 284.922818] CPU0 CPU1 [ 284.922825] ---- ---- [ 284.922831] lock(&dev->struct_mutex); [ 284.922842] lock(&dev->filelist_mutex); [ 284.922854] lock(&dev->struct_mutex); [ 284.922865] lock(&dev->filelist_mutex); [ 284.922875] [ 284.922875] *** DEADLOCK *** [ 284.922875] [ 284.922888] 3 locks held by cat/1197: [ 284.922895] #0: (debugfs_srcu){......}, at: [] full_proxy_read+0x0/0xb0 [ 284.922919] #1: (&p->lock){+.+.+.}, at: [] seq_read+0x38/0x3b0 [ 284.922942] #2: (&dev->struct_mutex){+.+.+.}, at: [] i915_ppgtt_info+0x35/0x390 [i915] [ 284.922983] Fixes: 1d2ac403ae3b ("drm: Protect dev->filelist with its own mutex") Signed-off-by: Chris Wilson Reviewed-by: Joonas Lahtinen Link: http://patchwork.freedesktop.org/patch/msgid/20160822132820.21725-1-chris@chris-wilson.co.uk --- drivers/gpu/drm/i915/i915_debugfs.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_debugfs.c b/drivers/gpu/drm/i915/i915_debugfs.c index 3054bd62c5fd..0f6116fd91d8 100644 --- a/drivers/gpu/drm/i915/i915_debugfs.c +++ b/drivers/gpu/drm/i915/i915_debugfs.c @@ -2270,10 +2270,13 @@ static int i915_ppgtt_info(struct seq_file *m, void *data) struct drm_i915_private *dev_priv = node_to_i915(m->private); struct drm_device *dev = &dev_priv->drm; struct drm_file *file; + int ret; - int ret = mutex_lock_interruptible(&dev->struct_mutex); + mutex_lock(&dev->filelist_mutex); + ret = mutex_lock_interruptible(&dev->struct_mutex); if (ret) - return ret; + goto out_unlock; + intel_runtime_pm_get(dev_priv); if (INTEL_GEN(dev_priv) >= 8) @@ -2281,7 +2284,6 @@ static int i915_ppgtt_info(struct seq_file *m, void *data) else if (INTEL_GEN(dev_priv) >= 6) gen6_ppgtt_info(m, dev_priv); - mutex_lock(&dev->filelist_mutex); list_for_each_entry_reverse(file, &dev->filelist, lhead) { struct drm_i915_file_private *file_priv = file->driver_priv; struct task_struct *task; @@ -2289,19 +2291,19 @@ static int i915_ppgtt_info(struct seq_file *m, void *data) task = get_pid_task(file->pid, PIDTYPE_PID); if (!task) { ret = -ESRCH; - goto out_unlock; + goto out_rpm; } seq_printf(m, "\nproc: %s\n", task->comm); put_task_struct(task); idr_for_each(&file_priv->context_idr, per_file_ctx, (void *)(unsigned long)m); } -out_unlock: - mutex_unlock(&dev->filelist_mutex); +out_rpm: intel_runtime_pm_put(dev_priv); mutex_unlock(&dev->struct_mutex); - +out_unlock: + mutex_unlock(&dev->filelist_mutex); return ret; } -- 2.20.1