From owner-svn-src-all@freebsd.org Fri Nov 13 19:14:54 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1EA822EB268; Fri, 13 Nov 2020 19:14:54 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CXp7d3yQDz4mtM; Fri, 13 Nov 2020 19:14:53 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.16.1/8.16.1) with ESMTPS id 0ADJEjMW026842 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 13 Nov 2020 21:14:48 +0200 (EET) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua 0ADJEjMW026842 Received: (from kostik@localhost) by tom.home (8.16.1/8.16.1/Submit) id 0ADJEjDL026841; Fri, 13 Nov 2020 21:14:45 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Fri, 13 Nov 2020 21:14:45 +0200 From: Konstantin Belousov To: Mateusz Guzik Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r367631 - in head/sys: kern sys Message-ID: References: <202011130931.0AD9VwBL082843@repo.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on tom.home X-Rspamd-Queue-Id: 4CXp7d3yQDz4mtM X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Nov 2020 19:14:54 -0000 On Fri, Nov 13, 2020 at 07:30:47PM +0100, Mateusz Guzik wrote: > On 11/13/20, Konstantin Belousov wrote: > > +static u_long vn_lock_pair_pause_cnt; > > +SYSCTL_ULONG(_debug, OID_AUTO, vn_lock_pair_pause, CTLFLAG_RD, > > + &vn_lock_pair_pause_cnt, 0, > > + "Count of vn_lock_pair deadlocks"); > > + > > +static void > > +vn_lock_pair_pause(const char *wmesg) > > +{ > > + atomic_add_long(&vn_lock_pair_pause_cnt, 1); > > + pause(wmesg, prng32_bounded(hz / 10)); > > +} > > + > > +/* > > + * Lock pair of vnodes vp1, vp2, avoiding lock order reversal. > > + * vp1_locked indicates whether vp1 is exclusively locked; if not, vp1 > > + * must be unlocked. Same for vp2 and vp2_locked. One of the vnodes > > + * can be NULL. > > + * > > + * The function returns with both vnodes exclusively locked, and > > + * guarantees that it does not create lock order reversal with other > > + * threads during its execution. Both vnodes could be unlocked > > + * temporary (and reclaimed). > > + */ > > +void > > +vn_lock_pair(struct vnode *vp1, bool vp1_locked, struct vnode *vp2, > > + bool vp2_locked) > > +{ > > + int error; > > + > > + if (vp1 == NULL && vp2 == NULL) > > + return; > > + if (vp1 != NULL) { > > + if (vp1_locked) > > + ASSERT_VOP_ELOCKED(vp1, "vp1"); > > + else > > + ASSERT_VOP_UNLOCKED(vp1, "vp1"); > > + } else { > > + vp1_locked = true; > > + } > > + if (vp2 != NULL) { > > + if (vp2_locked) > > + ASSERT_VOP_ELOCKED(vp2, "vp2"); > > + else > > + ASSERT_VOP_UNLOCKED(vp2, "vp2"); > > + } else { > > + vp2_locked = true; > > + } > > + if (!vp1_locked && !vp2_locked) { > > + vn_lock(vp1, LK_EXCLUSIVE | LK_RETRY); > > + vp1_locked = true; > > + } > > + > > + for (;;) { > > + if (vp1_locked && vp2_locked) > > + break; > > + if (vp1_locked && vp2 != NULL) { > > + if (vp1 != NULL) { > > + error = VOP_LOCK1(vp2, LK_EXCLUSIVE | LK_NOWAIT, > > + __FILE__, __LINE__); > > + if (error == 0) > > + break; > > + VOP_UNLOCK(vp1); > > + vp1_locked = false; > > + vn_lock_pair_pause("vlp1"); > > + } > > + vn_lock(vp2, LK_EXCLUSIVE | LK_RETRY); > > + vp2_locked = true; > > + } > > + if (vp2_locked && vp1 != NULL) { > > + if (vp2 != NULL) { > > + error = VOP_LOCK1(vp1, LK_EXCLUSIVE | LK_NOWAIT, > > + __FILE__, __LINE__); > > + if (error == 0) > > + break; > > + VOP_UNLOCK(vp2); > > + vp2_locked = false; > > + vn_lock_pair_pause("vlp2"); > > + } > > + vn_lock(vp1, LK_EXCLUSIVE | LK_RETRY); > > + vp1_locked = true; > > + } > > + } > > + if (vp1 != NULL) > > + ASSERT_VOP_ELOCKED(vp1, "vp1 ret"); > > + if (vp2 != NULL) > > + ASSERT_VOP_ELOCKED(vp2, "vp2 ret"); > > } > > > > Multiple callers who get here with flipped addresses can end up > failing against each other in an indefinite loop. > > Instead, after initial trylocking fails, the routine should establish > ordering it will follow for itself, for example by sorting by address. > > Then pseudo-code would be: > retry: > vn_lock(lower, ...); > if (!VOP_LOCK(higher, LK_NOWAIT ...)) { > vn_unlock(lower); > vn_lock(higher); > vn_unlock(higher); > goto retry; > } > > Note this also eliminates the pause. I disagree. It will conflict with normal locking order with 50% probability. My code switches between two orders, eventually getting out of this situation.