linux

mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-22 17:33:01 +00:00

History

Herton Ronaldo Krzesinski 9e769ff3f5 fb: avoid possible deadlock caused by fb_set_suspend A lock ordering issue can cause deadlocks: in framebuffer/console code, all needed struct fb_info locks are taken before acquire_console_sem(), in places which need to take console semaphore. But fb_set_suspend is always called with console semaphore held, and inside it we call lock_fb_info which gets the fb_info lock, inverse locking order of what the rest of the code does. This causes a real deadlock issue, when we write to state fb sysfs attribute (which calls fb_set_suspend) while a framebuffer is being unregistered by remove_conflicting_framebuffers, as can be shown by following show blocked state trace on a test program which loads i915 and runs another forked processes writing to state attribute: Test process with semaphore held and trying to get fb_info lock: .. fb-test2 D 0000000000000000 0 237 228 0x00000000 ffff8800774f3d68 0000000000000082 00000000000135c0 00000000000135c0 ffff880000000000 ffff8800774f3fd8 ffff8800774f3fd8 ffff880076ee4530 00000000000135c0 ffff8800774f3fd8 ffff8800774f2000 00000000000135c0 Call Trace: [<ffffffff8141287a>] __mutex_lock_slowpath+0x11a/0x1e0 [<ffffffff814142f2>] ? _raw_spin_lock_irq+0x22/0x40 [<ffffffff814123d3>] mutex_lock+0x23/0x50 [<ffffffff8125dfc5>] lock_fb_info+0x25/0x60 [<ffffffff8125e3f0>] fb_set_suspend+0x20/0x80 [<ffffffff81263e2f>] store_fbstate+0x4f/0x70 [<ffffffff812e7f70>] dev_attr_store+0x20/0x30 [<ffffffff811c46b4>] sysfs_write_file+0xd4/0x160 [<ffffffff81155a26>] vfs_write+0xc6/0x190 [<ffffffff81155d51>] sys_write+0x51/0x90 [<ffffffff8100c012>] system_call_fastpath+0x16/0x1b .. modprobe process stalled because has the fb_info lock (got inside unregister_framebuffer) but waiting for the semaphore held by the test process which is waiting to get the fb_info lock: .. modprobe D 0000000000000000 0 230 218 0x00000000 ffff880077a4d618 0000000000000082 0000000000000001 0000000000000001 ffff880000000000 ffff880077a4dfd8 ffff880077a4dfd8 ffff8800775a2e20 00000000000135c0 ffff880077a4dfd8 ffff880077a4c000 00000000000135c0 Call Trace: [<ffffffff81411fe5>] schedule_timeout+0x215/0x310 [<ffffffff81058051>] ? get_parent_ip+0x11/0x50 [<ffffffff814130dd>] __down+0x6d/0xb0 [<ffffffff81089f71>] down+0x41/0x50 [<ffffffff810629ac>] acquire_console_sem+0x2c/0x50 [<ffffffff812ca53d>] unbind_con_driver+0xad/0x2d0 [<ffffffff8126f5f7>] fbcon_event_notify+0x457/0x890 [<ffffffff814144ff>] ? _raw_spin_unlock_irqrestore+0x1f/0x50 [<ffffffff81058051>] ? get_parent_ip+0x11/0x50 [<ffffffff8141836d>] notifier_call_chain+0x4d/0x70 [<ffffffff8108a3b8>] __blocking_notifier_call_chain+0x58/0x80 [<ffffffff8108a3f6>] blocking_notifier_call_chain+0x16/0x20 [<ffffffff8125dabb>] fb_notifier_call_chain+0x1b/0x20 [<ffffffff8125e6ac>] unregister_framebuffer+0x7c/0x130 [<ffffffff8125e8b3>] remove_conflicting_framebuffers+0x153/0x180 [<ffffffff8125eef3>] register_framebuffer+0x93/0x2c0 [<ffffffffa0331112>] drm_fb_helper_single_fb_probe+0x252/0x2f0 [drm_kms_helper] [<ffffffffa03314a3>] drm_fb_helper_initial_config+0x2f3/0x6d0 [drm_kms_helper] [<ffffffffa03318dd>] ? drm_fb_helper_single_add_all_connectors+0x5d/0x1c0 [drm_kms_helper] [<ffffffffa037b588>] intel_fbdev_init+0xa8/0x160 [i915] [<ffffffffa0343d74>] i915_driver_load+0x854/0x12b0 [i915] [<ffffffffa02f0e7e>] drm_get_pci_dev+0x19e/0x360 [drm] [<ffffffff8141821d>] ? sub_preempt_count+0x9d/0xd0 [<ffffffffa0386f91>] i915_pci_probe+0x15/0x17 [i915] [<ffffffff8124481f>] local_pci_probe+0x5f/0xd0 [<ffffffff81244f89>] pci_device_probe+0x119/0x120 [<ffffffff812eccaa>] ? driver_sysfs_add+0x7a/0xb0 [<ffffffff812ed003>] driver_probe_device+0xa3/0x290 [<ffffffff812ed1f0>] ? __driver_attach+0x0/0xb0 [<ffffffff812ed29b>] __driver_attach+0xab/0xb0 [<ffffffff812ed1f0>] ? __driver_attach+0x0/0xb0 [<ffffffff812ebd3e>] bus_for_each_dev+0x5e/0x90 [<ffffffff812ecc2e>] driver_attach+0x1e/0x20 [<ffffffff812ec6f2>] bus_add_driver+0xe2/0x320 [<ffffffffa03aa000>] ? i915_init+0x0/0x96 [i915] [<ffffffff812ed536>] driver_register+0x76/0x140 [<ffffffffa03aa000>] ? i915_init+0x0/0x96 [i915] [<ffffffff81245216>] __pci_register_driver+0x56/0xd0 [<ffffffffa02f1264>] drm_pci_init+0xe4/0xf0 [drm] [<ffffffffa03aa000>] ? i915_init+0x0/0x96 [i915] [<ffffffffa02e84a8>] drm_init+0x58/0x70 [drm] [<ffffffffa03aa094>] i915_init+0x94/0x96 [i915] [<ffffffff81002194>] do_one_initcall+0x44/0x190 [<ffffffff810a066b>] sys_init_module+0xcb/0x210 [<ffffffff8100c012>] system_call_fastpath+0x16/0x1b .. fb-test2 which reproduces above is available on kernel.org bug #26232. To solve this issue, avoid calling lock_fb_info inside fb_set_suspend, and move it out to where needed (callers of fb_set_suspend must call lock_fb_info before if needed). So far, the only place which needs to call lock_fb_info is store_fbstate, all other places which calls fb_set_suspend are suspend/resume hooks that should not need the lock as they should be run only when processes are already frozen in suspend/resume. References: https://bugzilla.kernel.org/show_bug.cgi?id=26232 Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br> Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de> Cc: stable@kernel.org		2011-09-02 17:58:29 +00:00
..
accessibility
acpi	Merge branch 'battery' into release	2011-08-05 22:16:42 -04:00
amba
ata	drivers/ata/sata_dwc_460ex.c: add missing kfree	2011-08-18 23:58:11 -04:00
atm
auxdisplay
base	Merge branch 'pm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm	2011-08-17 13:15:25 -07:00
bcma
block	Merge branch 'stable/for-jens' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen into for-linus	2011-08-09 20:43:26 +02:00
bluetooth
cdrom	drivers/cdrom/cdrom.c: relax check on dvd manufacturer value	2011-08-02 12:43:50 +02:00
char	net: Compute protocol sequence numbers and fragment IDs using MD5.	2011-08-06 18:33:19 -07:00
clk
clocksource
connector	proc_fork_connector: a lockless ->real_parent usage is not safe	2011-07-28 18:26:32 -07:00
cpufreq
cpuidle	cpuidle: stop depending on pm_idle	2011-08-03 19:06:37 -04:00
crypto	n2_crypto: Attach on Niagara-T3.	2011-07-28 01:30:07 -07:00
dca
dio
dma	Merge branch 'fixes' of master.kernel.org:/home/rmk/linux-2.6-arm	2011-08-10 17:37:17 -07:00
edac	i7core_edac: fixed typo in error count calculation	2011-08-18 14:07:15 -07:00
eisa	eisa/pci_eisa.c: fix BUG introduced by `005bdad7b8`	2011-08-04 06:32:51 -10:00
firewire	Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6	2011-08-21 18:13:19 -07:00
firmware	Merge branch 'pstore-efi' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6	2011-08-02 21:18:39 -10:00
gpio	Merge branch 'gpio/next' of git://git.secretlab.ca/git/linux-2.6	2011-08-01 06:13:48 -10:00
gpu	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/drm-intel	2011-08-19 23:07:08 -07:00
hid
hwmon	hwmon: (ibmaem) add missing kfree	2011-08-11 10:14:18 -07:00
hwspinlock
i2c
ide	drivers/ide/cy82c693.c: Add missing pci_dev_put	2011-08-04 01:30:34 -07:00
idle
ieee802154
infiniband	Merge branches 'ipoib' and 'iser' into for-next	2011-08-17 10:57:43 -07:00
input	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input	2011-08-03 22:00:09 -10:00
iommu
isdn	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2011-07-28 05:58:19 -07:00
leds
lguest
macintosh
mca
md	dm table: set flush capability based on underlying devices	2011-08-02 12:32:08 +01:00
media	Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6	2011-07-30 00:08:53 -07:00
memstick
message	Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6	2011-07-30 08:36:02 -10:00
mfd	mfd: Fix mismatch in twl4030 mutex lock-unlock	2011-07-31 23:28:27 +02:00
misc	mmc: cb710: fix possible pci_dev leak in cb710_pci_configure()	2011-08-13 14:50:23 -04:00
mmc	mmc: dw_mmc: Fix DDR mode support.	2011-08-13 14:50:32 -04:00
mtd
net	Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless	2011-08-11 23:09:46 -07:00
nfc
nubus
of	Revert "dt: add of_alias_scan and of_alias_get_id"	2011-08-04 11:26:24 +01:00
oprofile
parisc
parport
pci	pci: fix new kernel-doc warning in pci.c	2011-08-20 18:02:32 -07:00
pcmcia	Merge git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6	2011-07-31 06:23:08 -10:00
platform	acer-wmi: support Lenovo ideapad S205 wifi switch	2011-08-05 15:21:52 -04:00
pnp
power	Merge git://git.infradead.org/battery-2.6	2011-07-31 06:24:50 -10:00
pps
ps3
ptp
rapidio
regulator	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6	2011-08-01 14:05:46 -10:00
rtc	Merge branch 'timers-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip	2011-08-17 10:28:33 -07:00
s390	[S390] qdio: Use kstrtoul_from_user	2011-08-03 16:44:21 +02:00
sbus
scsi	Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6	2011-07-30 08:36:02 -10:00
sfi
sh	Merge branch 'sh-latest' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-3.x	2011-08-01 06:10:16 -10:00
sn
spi	spi/pl022: remove function cannot exit	2011-08-02 14:54:11 +01:00
ssb
staging	Merge branch 'pan-fixes' of git://linuxtv.org/pinchartl/fbdev into fbdev-next	2011-08-24 09:20:02 +00:00
target	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2011-08-03 15:12:09 -10:00
tc
telephony
thermal	thermal: make THERMAL_HWMON implementation fully internal	2011-08-02 14:51:57 -04:00
tty	sh: Fix boot crash related to SCI	2011-08-07 15:51:45 -07:00
uio
usb	USB: Serial: Add PID(0xF7C0) to FTDI SIO driver for a zeitcontrol-device	2011-08-10 22:11:45 -07:00
uwb
vhost
video	fb: avoid possible deadlock caused by fb_set_suspend	2011-09-02 17:58:29 +00:00
virt
virtio
vlynq
w1
watchdog	watchdog: Cleanup WATCHDOG_CORE help text	2011-08-02 08:23:07 +00:00
xen	xen: self-balloon needs module.h	2011-08-16 07:23:34 -07:00
zorro
Kconfig
Makefile