Andrey Ryabinin wrote: > On 03/24/2017 01:53 PM, Tetsuo Handa wrote: > > Commit 5803ed292e63a1bf ("mm: mark all calls into the vmalloc subsystem > > as potentially sleeping") added might_sleep() to remove_vm_area() from > > vfree(), and is causing > > > > [ 2.616064] BUG: sleeping function called from invalid context at mm/vmalloc.c:1480 > > [ 2.616125] in_atomic(): 1, irqs_disabled(): 0, pid: 341, name: plymouthd > > [ 2.616156] 2 locks held by plymouthd/341: > > [ 2.616158] #0: (drm_global_mutex){+.+.+.}, at: [<ffffffffc01c274b>] drm_release+0x3b/0x3b0 [drm] > > [ 2.616256] #1: (&(&tfile->lock)->rlock){+.+...}, at: [<ffffffffc0173038>] ttm_object_file_release+0x28/0x90 [ttm] > > [ 2.616270] CPU: 2 PID: 341 Comm: plymouthd Not tainted 4.11.0-0.rc3.git0.1.kmallocwd.fc25.x86_64+debug #1 > > [ 2.616271] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 07/02/2015 > > [ 2.616273] Call Trace: > > [ 2.616281] dump_stack+0x86/0xc3 > > [ 2.616285] ___might_sleep+0x17d/0x250 > > [ 2.616289] __might_sleep+0x4a/0x80 > > [ 2.616293] remove_vm_area+0x22/0x90 > > [ 2.616296] __vunmap+0x2e/0x110 > > [ 2.616299] vfree+0x42/0x90 > > [ 2.616304] kvfree+0x2c/0x40 > > [ 2.616312] drm_ht_remove+0x1a/0x30 [drm] > > [ 2.616317] ttm_object_file_release+0x50/0x90 [ttm] > > [ 2.616324] vmw_postclose+0x47/0x60 [vmwgfx] > > [ 2.616331] drm_release+0x290/0x3b0 [drm] > > [ 2.616338] __fput+0xf8/0x210 > > [ 2.616342] ____fput+0xe/0x10 > > [ 2.616345] task_work_run+0x85/0xc0 > > [ 2.616351] exit_to_usermode_loop+0xb4/0xc0 > > [ 2.616355] do_syscall_64+0x185/0x1f0 > > [ 2.616359] entry_SYSCALL64_slow_path+0x25/0x25 > > > > warning. > > > > But commit f9e09977671b618a ("mm: turn vmap_purge_lock into a mutex") did > > not make vfree() potentially sleeping because try_purge_vmap_area_lazy() > > is still using mutex_trylock(). Thus, this is a false positive warning. > > > > Commit f9e09977671b618a did not made vfree() sleeping. > Commit 763b218ddfa "mm: add preempt points into __purge_vmap_area_lazy()" > did this, thus it's not a false positive. > > > > ___might_sleep() via cond_resched_lock() in __purge_vmap_area_lazy() from > > try_purge_vmap_area_lazy() from free_vmap_area_noflush() from > > free_unmap_vmap_area() from remove_vm_area() which might trigger same > > false positive warning is remaining. But so far we haven't heard about > > warning from that path. > > And why that would be a false positive? > #define cond_resched_lock(lock) ({ \ ___might_sleep(__FILE__, __LINE__, PREEMPT_LOCK_OFFSET);\ __cond_resched_lock(lock); \ }) cond_resched_lock() calls ___might_sleep() even when __cond_resched_lock() will not call preempt_schedule_common() because should_resched() returns false due to preemption counter being already elevated by holding &(&tfile->lock)->rlock spinlock. If should_resched() is known to return false, calling ___might_sleep() from cond_resched_lock() is a false positive. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>