From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm0-f72.google.com (mail-wm0-f72.google.com [74.125.82.72]) by kanga.kvack.org (Postfix) with ESMTP id B8DC76B0253 for ; Tue, 7 Feb 2017 07:37:11 -0500 (EST) Received: by mail-wm0-f72.google.com with SMTP id r18so25168174wmd.1 for ; Tue, 07 Feb 2017 04:37:11 -0800 (PST) Received: from mx2.suse.de (mx2.suse.de. [195.135.220.15]) by mx.google.com with ESMTPS id l66si12036549wma.43.2017.02.07.04.37.10 for (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 07 Feb 2017 04:37:10 -0800 (PST) Date: Tue, 7 Feb 2017 13:37:08 +0100 From: Michal Hocko Subject: Re: mm: deadlock between get_online_cpus/pcpu_alloc Message-ID: <20170207123708.GO5065@dhcp22.suse.cz> References: <20170206220530.apvuknbagaf2rdlw@techsingularity.net> <20170207084855.GC5065@dhcp22.suse.cz> <20170207094300.cuxfqi35wflk5nr5@techsingularity.net> <2cdef192-1939-d692-1224-8ff7d7ff7203@suse.cz> <20170207102809.awh22urqmfrav5r6@techsingularity.net> <20170207103552.GH5065@dhcp22.suse.cz> <20170207113435.6xthczxt2cx23r4t@techsingularity.net> <20170207114327.GI5065@dhcp22.suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170207114327.GI5065@dhcp22.suse.cz> Sender: owner-linux-mm@kvack.org List-ID: To: Mel Gorman Cc: Vlastimil Babka , Dmitry Vyukov , Tejun Heo , Christoph Lameter , "linux-mm@kvack.org" , LKML , Thomas Gleixner , Ingo Molnar , Peter Zijlstra , syzkaller , Andrew Morton On Tue 07-02-17 12:43:27, Michal Hocko wrote: > On Tue 07-02-17 11:34:35, Mel Gorman wrote: > > On Tue, Feb 07, 2017 at 11:35:52AM +0100, Michal Hocko wrote: > > > On Tue 07-02-17 10:28:09, Mel Gorman wrote: > > > > On Tue, Feb 07, 2017 at 10:49:28AM +0100, Vlastimil Babka wrote: > > > > > On 02/07/2017 10:43 AM, Mel Gorman wrote: > > > > > > If I'm reading this right, a hot-remove will set the pool POOL_DISASSOCIATED > > > > > > and unbound. A workqueue queued for draining get migrated during hot-remove > > > > > > and a drain operation will execute twice on a CPU -- one for what was > > > > > > queued and a second time for the CPU it was migrated from. It should still > > > > > > work with flush_work which doesn't appear to block forever if an item > > > > > > got migrated to another workqueue. The actual drain workqueue function is > > > > > > using the CPU ID it's currently running on so it shouldn't get confused. > > > > > > > > > > Is the worker that will process this migrated workqueue also guaranteed > > > > > to be pinned to a cpu for the whole work, though? drain_local_pages() > > > > > needs that guarantee. > > > > > > > > > > > > > It should be by running on a workqueue handler bound to that CPU (queued > > > > on wq->cpu_pwqs in __queue_work) > > > > > > Are you sure? The comment in kernel/workqueue.c says > > > * While DISASSOCIATED, the cpu may be offline and all workers have > > > * %WORKER_UNBOUND set and concurrency management disabled, and may > > > * be executing on any CPU. The pool behaves as an unbound one. > > > > > > I might be misreadig but an unbound pool can be handled by workers which > > > are not pinned on any cpu AFAIU. > > > > Right. The unbind operation can set a mask that is any allowable CPU and > > the final process_work is not done in a context that prevents > > preemption. > > > > diff --git a/mm/page_alloc.c b/mm/page_alloc.c > > index 3b93879990fd..7af165d308c4 100644 > > --- a/mm/page_alloc.c > > +++ b/mm/page_alloc.c > > @@ -2342,7 +2342,14 @@ void drain_local_pages(struct zone *zone) > > > > static void drain_local_pages_wq(struct work_struct *work) > > { > > + /* > > + * Ordinarily a drain operation is bound to a CPU but may be unbound > > + * after a CPU hotplug operation so it's necessary to disable > > + * preemption for the drain to stabilise the CPU ID. > > + */ > > + preempt_disable(); > > drain_local_pages(NULL); > > + preempt_enable_no_resched(); > > } > > > > /* > [...] > > @@ -6711,7 +6714,16 @@ static int page_alloc_cpu_dead(unsigned int cpu) > > { > > > > lru_add_drain_cpu(cpu); > > + > > + /* > > + * A per-cpu drain via a workqueue from drain_all_pages can be > > + * rescheduled onto an unrelated CPU. That allows the hotplug > > + * operation and the drain to potentially race on the same > > + * CPU. Serialise hotplug versus drain using pcpu_drain_mutex > > + */ > > + mutex_lock(&pcpu_drain_mutex); > > drain_pages(cpu); > > + mutex_unlock(&pcpu_drain_mutex); > > You cannot put sleepable lock inside the preempt disbaled section... > We can make it a spinlock right? Scratch that! For some reason I thought that cpu notifiers are run in an atomic context. Now that I am checking the code again it turns out I was wrong. __cpu_notify uses __raw_notifier_call_chain so this is not an atomic context. Anyway, shouldn't be it sufficient to disable preemption on drain_local_pages_wq? The CPU hotplug callback will not preempt us and so we cannot work on the same cpus, right? -- Michal Hocko SUSE Labs -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org