From nobody Mon Feb 14 15:07:02 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id D18A119B4223; Mon, 14 Feb 2022 15:07:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jy6yG5Lxmz3D4w; Mon, 14 Feb 2022 15:07:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1644851222; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RBTh6p2sppS+huyDccJDrBMaLiUfbN2qGxtVKQLiuD0=; b=jp/FiiqBXsFsqpU5jTqMRE8APTYVv9QBR9Nm3FOfLPhCp3M0NKhBw1YMD3DNBbqC+2FNqp DI9LYVSE9xg0RsYYaEh4oUWhrnGj+sWhq/3ebSQXTthiMkztWAlUjGUYgBqypjP3DrRiHi hYr9YZ6P0lBRIW1ZtCRlUdR9Y0n5Bu1iHOsjQuVx3ffvCCO03VbWuxcxfFAUY6YQ9ztVd6 zzGE0NGLhOAmbaF7Gtx0PS7odcx0OqbilM8QZV9V3JU5NFQYwNBcWEfRBpyMqsg8GFUwyU 4otqUF1uuCueOCzfQTAbETckPqPjeL+Fq0v3CBNLKwVc1Hdi1mR2aIA+oHertA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8E41910F46; Mon, 14 Feb 2022 15:07:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21EF72il060060; Mon, 14 Feb 2022 15:07:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21EF72UR060059; Mon, 14 Feb 2022 15:07:02 GMT (envelope-from git) Date: Mon, 14 Feb 2022 15:07:02 GMT Message-Id: <202202141507.21EF72UR060059@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 893be9d8ac16 - main - sleepqueue: Address a lock order reversal List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 893be9d8ac161c4cc96e9f3f12f1260355dd123b Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1644851222; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RBTh6p2sppS+huyDccJDrBMaLiUfbN2qGxtVKQLiuD0=; b=sqTVJicJBgtLCVOcTSfPv0n85+c7oQaMz0kHeNHQA2Pfa1xVDoNroKwDjbMyPyGefE+9B4 CWUAMS4E3wc+imnNTROi6zSGQmSQ/qWURY4V9DRcdEuD+z4OqU7rtXEPaX+YQ1EH4cAGwM oHbtqtSEaYCxD4/vf3loWrlvgEM5z/NNpu3br1Gt3f5nVyhe/7haZXgR5Mhs8NKooYIoNG fS67F5be5iRrGKB4RN0eCCiuzQrF7IPhi+dfVeUCtJHObV1OBVj93XaHr2KOV8esf2KHKX JQ/UBUuHmlE/lAC+cnURl5DA+4/3KwXaAq9CvljhVEqxf1WadNNwdJhQNUZZCw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1644851222; a=rsa-sha256; cv=none; b=ozzsow2IQ0+6vEC1vYlHZsoqJ+GGJPwVv5SXfcziLGWPvGzKJCsZQaJztUSFN7OGOcmO1g Pyizx0VYnzBedYeROg90C+EFOqtaBt7nBtPCRmKyvMEO/fhruZYZ6qTkhyIUQi3YE9u+Vy tcwq7RLn/YYF7s9LA0vOsy+JSrGyz7h+PxCcQLOoNH28ssD2erdeZBA/h4CMxQ+fIqaQ0Q Rhi5Bz8Yc6KFtbRVPmLs74atUh5whjRy2mxOT3bVpDQ84E2EAX6mEn+i115rSAW6jbB/CX ywzQrlYuTFmv9UZNCEtTBXRLgoXByQpm/KHg5GstLFPpDW0mshsa6StGEVrePA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=893be9d8ac161c4cc96e9f3f12f1260355dd123b commit 893be9d8ac161c4cc96e9f3f12f1260355dd123b Author: Mark Johnston AuthorDate: 2022-02-14 14:38:53 +0000 Commit: Mark Johnston CommitDate: 2022-02-14 15:06:47 +0000 sleepqueue: Address a lock order reversal After commit 74cf7cae4d22 ("softclock: Use dedicated ithreads for running callouts."), there is a lock order reversal between the per-CPU callout lock and the scheduler lock. softclock_thread() locks callout lock then the scheduler lock, when preparing to switch off-CPU, and sleepq_remove_thread() stops the timed sleep callout while potentially holding a scheduler lock. In the latter case, it's the thread itself that's locked, and if the thread is sleeping then its lock will be a sleepqueue lock, but if it's still in the process of going to sleep it'll be a scheduler lock. We could perhaps change softclock_thread() to try to acquire locks in the opposite order, but that'd require dropping and re-acquiring the callout lock, which seems expensive for an operation that will happen quite frequently. We can instead perhaps avoid stopping the td_slpcallout callout if the thread is still going to sleep, which is what this patch does. This will result in a spurious call to sleepq_timeout(), but some counters suggest that this is very rare. PR: 261198 Fixes: 74cf7cae4d22 ("softclock: Use dedicated ithreads for running callouts.") Reported and tested by: thj Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34204 --- sys/kern/subr_sleepqueue.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/sys/kern/subr_sleepqueue.c b/sys/kern/subr_sleepqueue.c index 36832ef96ba4..af5a001b46fb 100644 --- a/sys/kern/subr_sleepqueue.c +++ b/sys/kern/subr_sleepqueue.c @@ -833,7 +833,8 @@ sleepq_remove_thread(struct sleepqueue *sq, struct thread *td) td->td_sleepqueue = LIST_FIRST(&sq->sq_free); LIST_REMOVE(td->td_sleepqueue, sq_hash); - if ((td->td_flags & TDF_TIMEOUT) == 0 && td->td_sleeptimo != 0) + if ((td->td_flags & TDF_TIMEOUT) == 0 && td->td_sleeptimo != 0 && + td->td_lock == &sc->sc_lock) { /* * We ignore the situation where timeout subsystem was * unable to stop our callout. The struct thread is @@ -843,8 +844,16 @@ sleepq_remove_thread(struct sleepqueue *sq, struct thread *td) * sleepq_timeout() ensure that the thread does not * get spurious wakeups, even if the callout was reset * or thread reused. + * + * We also cannot safely stop the callout if a scheduler + * lock is held since softclock_thread() forces a lock + * order of callout lock -> scheduler lock. The thread + * lock will be a scheduler lock only if the thread is + * preparing to go to sleep, so this is hopefully a rare + * scenario. */ callout_stop(&td->td_slpcallout); + } td->td_wmesg = NULL; td->td_wchan = NULL;