| Message ID | 20230818140145.1229805-1-ming.lei@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [V3] lib/group_cpus.c: avoid to acquire cpu hotplug lock in group_cpus_evenly | expand |
On Fri, Aug 18, 2023 at 10:01 PM Ming Lei <ming.lei@redhat.com> wrote: > > group_cpus_evenly() could be part of storage driver's error handler, > such as nvme driver, when may happen during CPU hotplug, in which > storage queue has to drain its pending IOs because all CPUs associated > with the queue are offline and the queue is becoming inactive. And > handling IO needs error handler to provide forward progress. > > Then dead lock is caused: > > 1) inside CPU hotplug handler, CPU hotplug lock is held, and blk-mq's > handler is waiting for inflight IO > > 2) error handler is waiting for CPU hotplug lock > > 3) inflight IO can't be completed in blk-mq's CPU hotplug handler because > error handling can't provide forward progress. > > Solve the deadlock by not holding CPU hotplug lock in group_cpus_evenly(), > in which two stage spreads are taken: 1) the 1st stage is over all present > CPUs; 2) the end stage is over all other CPUs. > > Turns out the two stage spread just needs consistent 'cpu_present_mask', and > remove the CPU hotplug lock by storing it into one local cache. This way > doesn't change correctness, because all CPUs are still covered. > > Cc: Keith Busch <kbusch@kernel.org> > Cc: linux-nvme@lists.infradead.org > Cc: linux-block@vger.kernel.org > Reported-by: Yi Zhang <yi.zhang@redhat.com> > Reported-by: Guangwu Zhang <guazhang@redhat.com> > Tested-by: Guangwu Zhang <guazhang@redhat.com> > Reviewed-by: Chengming Zhou <zhouchengming@bytedance.com> > Signed-off-by: Ming Lei <ming.lei@redhat.com> > --- > V3: > - reuse `npresmsk`, and avoid to allocate new variable, suggested by > Chengming Zhou Hello Thomas and Jens, Ping... Thanks, Ming
Ming! On Fri, Aug 18 2023 at 22:01, Ming Lei wrote: > group_cpus_evenly() could be part of storage driver's error handler, > such as nvme driver, when may happen during CPU hotplug, in which > storage queue has to drain its pending IOs because all CPUs associated > with the queue are offline and the queue is becoming inactive. And > handling IO needs error handler to provide forward progress. > > Then dead lock is caused: > > 1) inside CPU hotplug handler, CPU hotplug lock is held, and blk-mq's > handler is waiting for inflight IO > > 2) error handler is waiting for CPU hotplug lock > > 3) inflight IO can't be completed in blk-mq's CPU hotplug handler because > error handling can't provide forward progress. > > Solve the deadlock by not holding CPU hotplug lock in group_cpus_evenly(), > in which two stage spreads are taken: 1) the 1st stage is over all present > CPUs; 2) the end stage is over all other CPUs. That solves the deadlock, but makes the code racy against a concurrent hot-add operation which modifies cpu_present_mask. IOW, it introduces a data race. The changelog does not explain why this does not matter nor does the comment. Thanks, tglx
Hello Thomas, On Wed, Aug 30, 2023 at 07:44:03PM +0200, Thomas Gleixner wrote: > Ming! > > On Fri, Aug 18 2023 at 22:01, Ming Lei wrote: > > > group_cpus_evenly() could be part of storage driver's error handler, > > such as nvme driver, when may happen during CPU hotplug, in which > > storage queue has to drain its pending IOs because all CPUs associated > > with the queue are offline and the queue is becoming inactive. And > > handling IO needs error handler to provide forward progress. > > > > Then dead lock is caused: > > > > 1) inside CPU hotplug handler, CPU hotplug lock is held, and blk-mq's > > handler is waiting for inflight IO > > > > 2) error handler is waiting for CPU hotplug lock > > > > 3) inflight IO can't be completed in blk-mq's CPU hotplug handler because > > error handling can't provide forward progress. > > > > Solve the deadlock by not holding CPU hotplug lock in group_cpus_evenly(), > > in which two stage spreads are taken: 1) the 1st stage is over all present > > CPUs; 2) the end stage is over all other CPUs. > > That solves the deadlock, but makes the code racy against a concurrent > hot-add operation which modifies cpu_present_mask. IOW, it introduces a > data race. Good catch, we can annotate it with data_race(), and I think here the readonly access to cpu_present_mask is fine, and we have many such usage, such as for_each_present_cpu(). > > The changelog does not explain why this does not matter nor does the > comment. OK, I will document the change, such as: There isn't difference compared with holding cpu hotplug lock, because the cpu hp state is always changed even though cpu_present_mask isn't updated with the lock. And all CPUs are always covered during the spread, the difference is just that it is done in 1st stage or 2nd stage. If you don't object, I will post next version with above change. Thanks, Ming
Ming! On Thu, Aug 31 2023 at 16:15, Ming Lei wrote: > On Wed, Aug 30, 2023 at 07:44:03PM +0200, Thomas Gleixner wrote: > There isn't difference compared with holding cpu hotplug lock, because > the cpu hp state is always changed even though cpu_present_mask isn't > updated with the lock. Updates to cpu_present_mask happen with the cpus lock write locked: acpi_processor_hotadd_init() cpu_maps_update_begin() cpus_write_lock() acpi_map_cpu() generic_processor_info() set_cpu_present(cpu, true); The only CPU mask which is lockless race free accessible is cpus_possible_mask because that one is set up at boot once and never modified afterwards. > And all CPUs are always covered during the spread, the difference > is just that it is done in 1st stage or 2nd stage. I'm not objecting against the approach per se. It just needs proper documentation why this is correct. Thanks, tglx
diff --git a/lib/group_cpus.c b/lib/group_cpus.c index aa3f6815bb12..fffe8a893597 100644 --- a/lib/group_cpus.c +++ b/lib/group_cpus.c @@ -366,13 +366,18 @@ struct cpumask *group_cpus_evenly(unsigned int numgrps) if (!masks) goto fail_node_to_cpumask; - /* Stabilize the cpumasks */ - cpus_read_lock(); build_node_to_cpumask(node_to_cpumask); + /* + * Make a local cache of 'cpu_present_mask', so the two stages + * spread can observe consistent 'cpu_present_mask' without holding + * cpu hotplug lock. + */ + cpumask_copy(npresmsk, cpu_present_mask); + /* grouping present CPUs first */ ret = __group_cpus_evenly(curgrp, numgrps, node_to_cpumask, - cpu_present_mask, nmsk, masks); + npresmsk, nmsk, masks); if (ret < 0) goto fail_build_affinity; nr_present = ret; @@ -387,15 +392,13 @@ struct cpumask *group_cpus_evenly(unsigned int numgrps) curgrp = 0; else curgrp = nr_present; - cpumask_andnot(npresmsk, cpu_possible_mask, cpu_present_mask); + cpumask_andnot(npresmsk, cpu_possible_mask, npresmsk); ret = __group_cpus_evenly(curgrp, numgrps, node_to_cpumask, npresmsk, nmsk, masks); if (ret >= 0) nr_others = ret; fail_build_affinity: - cpus_read_unlock(); - if (ret >= 0) WARN_ON(nr_present + nr_others < numgrps);