tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

printk/nbcon: Restore IRQ in atomic flush after each emitted record

The commit d5d399efff6577 ("printk/nbcon: Release nbcon consoles ownership
in atomic flush after each emitted record") prevented stall of a CPU
which lost nbcon console ownership because another CPU entered
an emergency flush.

But there is still the problem that the CPU doing the emergency flush
might cause a stall on its own.

Let's go even further and restore IRQ in the atomic flush after
each emitted record.

It is not a complete solution. The interrupts and/or scheduling might
still be blocked when the emergency atomic flush was called with
IRQs and/or scheduling disabled. But it should remove the following
lockup:

mlx5_core 0000:03:00.0: Shutdown was called
kvm: exiting hardware virtualization
arm-smmu-v3 arm-smmu-v3.10.auto: CMD_SYNC timeout at 0x00000103 [hwprod 0x00000104, hwcons 0x00000102]
smp: csd: Detected non-responsive CSD lock (#1) on CPU#4, waiting 5000000032 ns for CPU#00 do_nothing (kernel/smp.c:1057)
smp: csd: CSD lock (#1) unresponsive.
[...]
Call trace:
pl011_console_write_atomic (./arch/arm64/include/asm/vdso/processor.h:12 drivers/tty/serial/amba-pl011.c:2540) (P)
nbcon_emit_next_record (kernel/printk/nbcon.c:1049)
__nbcon_atomic_flush_pending_con (kernel/printk/nbcon.c:1517)
__nbcon_atomic_flush_pending.llvm.15488114865160659019 (./arch/arm64/include/asm/alternative-macros.h:254 ./arch/arm64/include/asm/cpufeature.h:808 ./arch/arm64/include/asm/irqflags.h:192 kernel/printk/nbcon.c:1562 kernel/printk/nbcon.c:1612)
nbcon_atomic_flush_pending (kernel/printk/nbcon.c:1629)
printk_kthreads_shutdown (kernel/printk/printk.c:?)
syscore_shutdown (drivers/base/syscore.c:120)
kernel_kexec (kernel/kexec_core.c:1045)
__arm64_sys_reboot (kernel/reboot.c:794 kernel/reboot.c:722 kernel/reboot.c:722)
invoke_syscall (arch/arm64/kernel/syscall.c:50)
el0_svc_common.llvm.14158405452757855239 (arch/arm64/kernel/syscall.c:?)
do_el0_svc (arch/arm64/kernel/syscall.c:152)
el0_svc (./arch/arm64/include/asm/alternative-macros.h:254 ./arch/arm64/include/asm/cpufeature.h:808 ./arch/arm64/include/asm/irqflags.h:73 arch/arm64/kernel/entry-common.c:169 arch/arm64/kernel/entry-common.c:182 arch/arm64/kernel/entry-common.c:749)
el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:820)
el0t_64_sync (arch/arm64/kernel/entry.S:600)

In this case, nbcon_atomic_flush_pending() is called from
printk_kthreads_shutdown() with IRQs and scheduling enabled.

Note that __nbcon_atomic_flush_pending_con() is directly called also from
nbcon_device_release() where the disabled IRQs might break PREEMPT_RT
guarantees. But the atomic flush is called only in emergency or panic
situations where the latencies are irrelevant anyway.

An ultimate solution would be a touching of watchdogs. But it would hide
all problems. Let's do it later when anyone reports a stall which does
not have a better solution.

Closes: https://lore.kernel.org/r/sqwajvt7utnt463tzxgwu2yctyn5m6bjwrslsnupfexeml6hkd@v6sqmpbu3vvu
Tested-by: Breno Leitao <leitao@debian.org>
Reviewed-by: John Ogness <john.ogness@linutronix.de>
Link: https://patch.msgid.link/20251212124520.244483-1-pmladek@suse.com
Signed-off-by: Petr Mladek <pmladek@suse.com>

Petr Mladek 9bd18e12 4d38b88f

+18 -20
+18 -20
kernel/printk/nbcon.c
··· 1557 1557 ctxt->allow_unsafe_takeover = nbcon_allow_unsafe_takeover(); 1558 1558 1559 1559 while (nbcon_seq_read(con) < stop_seq) { 1560 - if (!nbcon_context_try_acquire(ctxt, false)) 1561 - return -EPERM; 1562 - 1563 1560 /* 1564 - * nbcon_emit_next_record() returns false when the console was 1565 - * handed over or taken over. In both cases the context is no 1566 - * longer valid. 1561 + * Atomic flushing does not use console driver synchronization 1562 + * (i.e. it does not hold the port lock for uart consoles). 1563 + * Therefore IRQs must be disabled to avoid being interrupted 1564 + * and then calling into a driver that will deadlock trying 1565 + * to acquire console ownership. 1567 1566 */ 1568 - if (!nbcon_emit_next_record(&wctxt, true)) 1569 - return -EAGAIN; 1567 + scoped_guard(irqsave) { 1568 + if (!nbcon_context_try_acquire(ctxt, false)) 1569 + return -EPERM; 1570 1570 1571 - nbcon_context_release(ctxt); 1571 + /* 1572 + * nbcon_emit_next_record() returns false when 1573 + * the console was handed over or taken over. 1574 + * In both cases the context is no longer valid. 1575 + */ 1576 + if (!nbcon_emit_next_record(&wctxt, true)) 1577 + return -EAGAIN; 1578 + 1579 + nbcon_context_release(ctxt); 1580 + } 1572 1581 1573 1582 if (!ctxt->backlog) { 1574 1583 /* Are there reserved but not yet finalized records? */ ··· 1604 1595 static void nbcon_atomic_flush_pending_con(struct console *con, u64 stop_seq) 1605 1596 { 1606 1597 struct console_flush_type ft; 1607 - unsigned long flags; 1608 1598 int err; 1609 1599 1610 1600 again: 1611 - /* 1612 - * Atomic flushing does not use console driver synchronization (i.e. 1613 - * it does not hold the port lock for uart consoles). Therefore IRQs 1614 - * must be disabled to avoid being interrupted and then calling into 1615 - * a driver that will deadlock trying to acquire console ownership. 1616 - */ 1617 - local_irq_save(flags); 1618 - 1619 1601 err = __nbcon_atomic_flush_pending_con(con, stop_seq); 1620 - 1621 - local_irq_restore(flags); 1622 1602 1623 1603 /* 1624 1604 * If there was a new owner (-EPERM, -EAGAIN), that context is