On Mon, Apr 20, 2020 at 12:23 PM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote:
> On Mon, Apr 20, 2020 at 02:22:11PM -0400, Daniel Jordan wrote:
> > On Tue, Apr 14, 2020 at 05:43:50PM -0700, Michel Lespinasse wrote:
> > > diff --git a/kernel/bpf/stackmap.c b/kernel/bpf/stackmap.c
> > > index 11d41f0c7005..998968659892 100644
> > > --- a/kernel/bpf/stackmap.c
> > > +++ b/kernel/bpf/stackmap.c
> > > @@ -317,7 +316,7 @@ static void stack_map_get_build_id_offset(struct bpf_stack_build_id *id_offs,
> > > * with build_id.
> > > */
> > > if (!user || !current || !current->mm || irq_work_busy ||
> > > - mmap_read_trylock(current->mm) == 0) {
> > > + !mmap_read_trylock_non_owner(current->mm)) {
> > > /* cannot access current->mm, fall back to ips */
> > > for (i = 0; i < trace_nr; i++) {
> > > id_offs[i].status = BPF_STACK_BUILD_ID_IP;
> > > @@ -342,16 +341,10 @@ static void stack_map_get_build_id_offset(struct bpf_stack_build_id *id_offs,
> > > }
> > >
> > > if (!work) {
> > > - mmap_read_unlock(current->mm);
> > > + mmap_read_unlock_non_owner(current->mm);
> >
> > These 'non_owner' calls are not intuitive because current _is the owner, so the
> > v3 version seems better, even if it adds a special wrapper for rwsem_release.
> >
> > Though it makes some sense if you think, "we're consistently using the
> > non_owner APIs because there's a legitimate use somewhere else," so I'm fine
> > either way.
>
> I'm not really a big fan of v3 nor v4. What I'd like to see is a
> 'transfer of ownership' API. This could be to a different task, IRQ work,
> RCU, softirq, timer, ...
>
> That would let us track locking dependencies across complex flows, eg this
> wouldn't be warned about right now:
>
> rcu_work():
> lock(C)
> kfree(B)
> unlock(A)
> unlock(C)
>
> thread 1:
> lock(A)
> call_rcu(B)
>
> thread 2:
> lock(C)
> synchronize_rcu()
> unlock(C)
>
> but if we had an API that transferred ownership of A to RCU, then we'd
> see the C->RCU->A->C cycle.
>
> This is perhaps a bit much work to require of Laurent in order to get
> this patchset merged, but something to think about.
I think fundamentally, lockdep is better suited at handling locks that
are owned by a given task. I think extending lockdep just for the bpf
stacktrace use case would be way overkill ?
But yes, I agree that declining ownership as we do here leaves us open
to having lock dependency issues that lockdep won't diagnose.
--
Michel "Walken" Lespinasse
A program is never fully debugged until the last user dies.
