* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
[not found] ` <a34049745934652483e3958e0a030a45b6fcfb40.camel@mediatek.com>
2022-05-06 7:47 ` Peter Zijlstra
@ 2022-05-06 7:47 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-06 7:47 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: tglx, valentin.schneider, bristot, wsd_upstream, linux-kernel,
linux-arm-kernel, linux-mediatek, Jonathan.JMChen, Chris.Redpath
On Fri, May 06, 2022 at 12:19:28PM +0800, Jing-Ting Wu wrote:
> Hi all
> Add Chris for status sync.
Please try another posting, that's eminently unreadable garbage due to
line wrapping.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-06 7:47 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-06 7:47 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: tglx, valentin.schneider, bristot, wsd_upstream, linux-kernel,
linux-arm-kernel, linux-mediatek, Jonathan.JMChen, Chris.Redpath
On Fri, May 06, 2022 at 12:19:28PM +0800, Jing-Ting Wu wrote:
> Hi all
> Add Chris for status sync.
Please try another posting, that's eminently unreadable garbage due to
line wrapping.
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-06 7:47 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-06 7:47 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: tglx, valentin.schneider, bristot, wsd_upstream, linux-kernel,
linux-arm-kernel, linux-mediatek, Jonathan.JMChen, Chris.Redpath
On Fri, May 06, 2022 at 12:19:28PM +0800, Jing-Ting Wu wrote:
> Hi all
> Add Chris for status sync.
Please try another posting, that's eminently unreadable garbage due to
line wrapping.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
2022-05-19 12:53 ` Jing-Ting Wu
(?)
@ 2022-05-19 13:47 ` Peter Zijlstra
-1 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:47 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> Hi all
>
>
> There is a race condition between CPU hotplug off flow and
> __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> flow.
How easy can you reproduce; does the below hack make it better?
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 95bac3b094b3..f18ee22b29bc 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -4763,20 +4763,30 @@ struct callback_head balance_push_callback = {
.func = (void (*)(struct callback_head *))balance_push,
};
-static inline struct callback_head *splice_balance_callbacks(struct rq *rq)
+static inline struct callback_head *
+__splice_balance_callbacks(struct rq *rq, bool foo)
{
struct callback_head *head = rq->balance_callback;
lockdep_assert_rq_held(rq);
- if (head)
- rq->balance_callback = NULL;
+ if (head) {
+ if (foo && head == &balance_push_callback)
+ head = NULL;
+ else
+ rq->balance_callback = NULL;
+ }
return head;
}
+static inline struct callback_head *splice_balance_callbacks(struct rq *rq)
+{
+ return __splice_balance_callbacks(rq, true);
+}
+
static void __balance_callbacks(struct rq *rq)
{
- do_balance_callbacks(rq, splice_balance_callbacks(rq));
+ do_balance_callbacks(rq, __splice_balance_callbacks(rq, false));
}
static inline void balance_callbacks(struct rq *rq, struct callback_head *head)
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 13:47 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:47 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> Hi all
>
>
> There is a race condition between CPU hotplug off flow and
> __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> flow.
How easy can you reproduce; does the below hack make it better?
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 95bac3b094b3..f18ee22b29bc 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -4763,20 +4763,30 @@ struct callback_head balance_push_callback = {
.func = (void (*)(struct callback_head *))balance_push,
};
-static inline struct callback_head *splice_balance_callbacks(struct rq *rq)
+static inline struct callback_head *
+__splice_balance_callbacks(struct rq *rq, bool foo)
{
struct callback_head *head = rq->balance_callback;
lockdep_assert_rq_held(rq);
- if (head)
- rq->balance_callback = NULL;
+ if (head) {
+ if (foo && head == &balance_push_callback)
+ head = NULL;
+ else
+ rq->balance_callback = NULL;
+ }
return head;
}
+static inline struct callback_head *splice_balance_callbacks(struct rq *rq)
+{
+ return __splice_balance_callbacks(rq, true);
+}
+
static void __balance_callbacks(struct rq *rq)
{
- do_balance_callbacks(rq, splice_balance_callbacks(rq));
+ do_balance_callbacks(rq, __splice_balance_callbacks(rq, false));
}
static inline void balance_callbacks(struct rq *rq, struct callback_head *head)
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 13:47 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:47 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> Hi all
>
>
> There is a race condition between CPU hotplug off flow and
> __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> flow.
How easy can you reproduce; does the below hack make it better?
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 95bac3b094b3..f18ee22b29bc 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -4763,20 +4763,30 @@ struct callback_head balance_push_callback = {
.func = (void (*)(struct callback_head *))balance_push,
};
-static inline struct callback_head *splice_balance_callbacks(struct rq *rq)
+static inline struct callback_head *
+__splice_balance_callbacks(struct rq *rq, bool foo)
{
struct callback_head *head = rq->balance_callback;
lockdep_assert_rq_held(rq);
- if (head)
- rq->balance_callback = NULL;
+ if (head) {
+ if (foo && head == &balance_push_callback)
+ head = NULL;
+ else
+ rq->balance_callback = NULL;
+ }
return head;
}
+static inline struct callback_head *splice_balance_callbacks(struct rq *rq)
+{
+ return __splice_balance_callbacks(rq, true);
+}
+
static void __balance_callbacks(struct rq *rq)
{
- do_balance_callbacks(rq, splice_balance_callbacks(rq));
+ do_balance_callbacks(rq, __splice_balance_callbacks(rq, false));
}
static inline void balance_callbacks(struct rq *rq, struct callback_head *head)
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
2022-05-19 13:14 ` Peter Zijlstra
(?)
@ 2022-05-19 13:19 ` Peter Zijlstra
-1 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:19 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 03:14:52PM +0200, Peter Zijlstra wrote:
> On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> > Hi all
> >
> >
> > There is a race condition between CPU hotplug off flow and
> > __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> > flow.
>
> Oooh, you're using core scheduling and the A/B are SMT siblings?
Hmm, no.. lemme try again.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 13:19 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:19 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 03:14:52PM +0200, Peter Zijlstra wrote:
> On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> > Hi all
> >
> >
> > There is a race condition between CPU hotplug off flow and
> > __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> > flow.
>
> Oooh, you're using core scheduling and the A/B are SMT siblings?
Hmm, no.. lemme try again.
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 13:19 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:19 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 03:14:52PM +0200, Peter Zijlstra wrote:
> On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> > Hi all
> >
> >
> > There is a race condition between CPU hotplug off flow and
> > __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> > flow.
>
> Oooh, you're using core scheduling and the A/B are SMT siblings?
Hmm, no.. lemme try again.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
2022-05-19 12:53 ` Jing-Ting Wu
(?)
@ 2022-05-19 13:14 ` Peter Zijlstra
-1 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:14 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> Hi all
>
>
> There is a race condition between CPU hotplug off flow and
> __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> flow.
Oooh, you're using core scheduling and the A/B are SMT siblings?
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 13:14 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:14 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> Hi all
>
>
> There is a race condition between CPU hotplug off flow and
> __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> flow.
Oooh, you're using core scheduling and the A/B are SMT siblings?
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 13:14 ` Peter Zijlstra
0 siblings, 0 replies; 15+ messages in thread
From: Peter Zijlstra @ 2022-05-19 13:14 UTC (permalink / raw)
To: Jing-Ting Wu
Cc: Daniel Bristot de Oliveira, Valentin Schneider, tglx,
wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Steven Rostedt, Ben Segall, Mel Gorman, Christian Brauner
On Thu, May 19, 2022 at 08:53:15PM +0800, Jing-Ting Wu wrote:
> Hi all
>
>
> There is a race condition between CPU hotplug off flow and
> __sched_setscheduler(), which will cause hang-up in CPU hotplug off
> flow.
Oooh, you're using core scheduling and the A/B are SMT siblings?
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 12:53 ` Jing-Ting Wu
0 siblings, 0 replies; 15+ messages in thread
From: Jing-Ting Wu @ 2022-05-19 12:53 UTC (permalink / raw)
To: Peter Zijlstra, Daniel Bristot de Oliveira, Valentin Schneider, tglx
Cc: wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Dietmar Eggemann, Steven Rostedt, Ben Segall, Mel Gorman,
Christian Brauner
Hi all
There is a race condition between CPU hotplug off flow and
__sched_setscheduler(), which will cause hang-up in CPU hotplug off
flow.
Syndrome:
During hotplug off flow in CPU_A, it blocks on
CPUHP_AP_SCHED_WAIT_EMPTY state when enters rcuwait_wait_event().
In that moment, CPU_A stays in idle and cannot wake up stopper
thread(cpuhp/A) to continue CPU_A hotplug off flow.
Root cause:
Balance_push() callback has been stolen by CPU_B in executing
__sched_setscheduler() func., which should be executed in idle task of
CPU_A to wake up stopper thread (cpuhp/A) through calling
rcuwait_wake_up(&rq->hotplug_wait).
Racing flow as below:
CPU_A is going to hotplug off and set rq->balance_callback =
&balance_push_callback, then CPU_A should use balance_push() to push
the task out and release rq_lock.
But if CPU_B do __sched_setscheduler() before CPU_A switch to
swapper/A, CPU_B use splice_balance_callbacks() to steal rq-
>balance_callback and set the CPU_A rq->balance_callback = NULL.
Due to rq->balance_callback is NULL,
so swapper/A could not do balance_push() at CPU_A,
Due to rq(rq_A) != this_rq(rq_B),
so swapper/A could not do rcuwait_wake_up() at CPU_B.
Racing flow:
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
State: CPUHP_AP_ACTIVE
sched_cpu_deactivate()
-> balance_push_set(cpu, true)
-> rq_A->balance_callback = &balance_push_callback
=> CPU_A set rq_A balance_callback here.
State: CPUHP_AP_SCHED_WAIT_EMPTY
sched_cpu_wait_empty()
-> balance_hotplug_wait()
-> rcuwait_wait_event(&rq->hotplug_wait)
=> CPU_A do while loop to push task out from CPU_A,
until swapper/A wake up cpuhp/A.
-> schedule()
-> rq_lock(rq, &rf)
-> context_switch()
-> finish_lock_switch()
-> __balance_callbacks(rq_A)
-> do_balance_callbacks(rq,
splice_balance_callbacks(rq))
-> balance_push(rq_A)
-> raw_spin_rq_unlock_irq(rq_A)
=> CPU_A release rq_A lock.
CPU_A release rq_A lock, CPU_B can get rq_A lock.
-----------------------------------------------------------------------
CPU_B (do __sched_setscheduler(), set rq_A->balance_callback = NULL)
-----------------------------------------------------------------------
__sched_setscheduler(p) => task_rq(p) is rq_A
-> task_rq_lock(rq_A)
-> splice_balance_callbacks(rq_A)
-> if (head)
rq_A->balance_callback = NULL
=> CPU_B steal rq_A->balance_callback.
-> task_rq_unlock(rq_A)
CPU_B release rq_A lock, CPU_A can get rq_A lock and switch to
swapper/A.
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
switch to swapper/A:
schedule()
-> rq_lock(rq, &rf)
-> context_switch()
-> finish_lock_switch()
-> __balance_callbacks(rq_A)
-> do_balance_callbacks(rq, NULL)
=> Because rq_A->balance_callback = NULL,
swapper/A could not do rcuwait_wake_up().
-> raw_spin_rq_unlock_irq(rq_A)
-----------------------------------------------------------------------
CPU_B (do __sched_setscheduler(), set rq_A->balance_callback = NULL)
-----------------------------------------------------------------------
balance_callbacks(rq_A, head)
-> balance_push(rq_A)
-> rq->balance_callback = &balance_push_callback;
-> if (rq != this_rq())
return;
=> Because rq = rq_A, this_rq = rq_B,
swapper/A could not do rcuwait_wake_up().
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
rcuwait_wait_event(&rq->hotplug_wait)
=> swapper/A could not do rcuwait_wake_up(),
it cannot wake up stopper thread(cpuhp/A),
so system could not exit the while loop at rcuwait_wait_event.
Do you have any suggestion or solution for this issue?
Thank you.
Best regards,
Jing-Ting Wu
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 12:53 ` Jing-Ting Wu
0 siblings, 0 replies; 15+ messages in thread
From: Jing-Ting Wu @ 2022-05-19 12:53 UTC (permalink / raw)
To: Peter Zijlstra, Daniel Bristot de Oliveira, Valentin Schneider, tglx
Cc: wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Dietmar Eggemann, Steven Rostedt, Ben Segall, Mel Gorman,
Christian Brauner
Hi all
There is a race condition between CPU hotplug off flow and
__sched_setscheduler(), which will cause hang-up in CPU hotplug off
flow.
Syndrome:
During hotplug off flow in CPU_A, it blocks on
CPUHP_AP_SCHED_WAIT_EMPTY state when enters rcuwait_wait_event().
In that moment, CPU_A stays in idle and cannot wake up stopper
thread(cpuhp/A) to continue CPU_A hotplug off flow.
Root cause:
Balance_push() callback has been stolen by CPU_B in executing
__sched_setscheduler() func., which should be executed in idle task of
CPU_A to wake up stopper thread (cpuhp/A) through calling
rcuwait_wake_up(&rq->hotplug_wait).
Racing flow as below:
CPU_A is going to hotplug off and set rq->balance_callback =
&balance_push_callback, then CPU_A should use balance_push() to push
the task out and release rq_lock.
But if CPU_B do __sched_setscheduler() before CPU_A switch to
swapper/A, CPU_B use splice_balance_callbacks() to steal rq-
>balance_callback and set the CPU_A rq->balance_callback = NULL.
Due to rq->balance_callback is NULL,
so swapper/A could not do balance_push() at CPU_A,
Due to rq(rq_A) != this_rq(rq_B),
so swapper/A could not do rcuwait_wake_up() at CPU_B.
Racing flow:
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
State: CPUHP_AP_ACTIVE
sched_cpu_deactivate()
-> balance_push_set(cpu, true)
-> rq_A->balance_callback = &balance_push_callback
=> CPU_A set rq_A balance_callback here.
State: CPUHP_AP_SCHED_WAIT_EMPTY
sched_cpu_wait_empty()
-> balance_hotplug_wait()
-> rcuwait_wait_event(&rq->hotplug_wait)
=> CPU_A do while loop to push task out from CPU_A,
until swapper/A wake up cpuhp/A.
-> schedule()
-> rq_lock(rq, &rf)
-> context_switch()
-> finish_lock_switch()
-> __balance_callbacks(rq_A)
-> do_balance_callbacks(rq,
splice_balance_callbacks(rq))
-> balance_push(rq_A)
-> raw_spin_rq_unlock_irq(rq_A)
=> CPU_A release rq_A lock.
CPU_A release rq_A lock, CPU_B can get rq_A lock.
-----------------------------------------------------------------------
CPU_B (do __sched_setscheduler(), set rq_A->balance_callback = NULL)
-----------------------------------------------------------------------
__sched_setscheduler(p) => task_rq(p) is rq_A
-> task_rq_lock(rq_A)
-> splice_balance_callbacks(rq_A)
-> if (head)
rq_A->balance_callback = NULL
=> CPU_B steal rq_A->balance_callback.
-> task_rq_unlock(rq_A)
CPU_B release rq_A lock, CPU_A can get rq_A lock and switch to
swapper/A.
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
switch to swapper/A:
schedule()
-> rq_lock(rq, &rf)
-> context_switch()
-> finish_lock_switch()
-> __balance_callbacks(rq_A)
-> do_balance_callbacks(rq, NULL)
=> Because rq_A->balance_callback = NULL,
swapper/A could not do rcuwait_wake_up().
-> raw_spin_rq_unlock_irq(rq_A)
-----------------------------------------------------------------------
CPU_B (do __sched_setscheduler(), set rq_A->balance_callback = NULL)
-----------------------------------------------------------------------
balance_callbacks(rq_A, head)
-> balance_push(rq_A)
-> rq->balance_callback = &balance_push_callback;
-> if (rq != this_rq())
return;
=> Because rq = rq_A, this_rq = rq_B,
swapper/A could not do rcuwait_wake_up().
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
rcuwait_wait_event(&rq->hotplug_wait)
=> swapper/A could not do rcuwait_wake_up(),
it cannot wake up stopper thread(cpuhp/A),
so system could not exit the while loop at rcuwait_wait_event.
Do you have any suggestion or solution for this issue?
Thank you.
Best regards,
Jing-Ting Wu
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler()
@ 2022-05-19 12:53 ` Jing-Ting Wu
0 siblings, 0 replies; 15+ messages in thread
From: Jing-Ting Wu @ 2022-05-19 12:53 UTC (permalink / raw)
To: Peter Zijlstra, Daniel Bristot de Oliveira, Valentin Schneider, tglx
Cc: wsd_upstream, linux-kernel, linux-arm-kernel, linux-mediatek,
Jonathan.JMChen, chris.redpath, Dietmar Eggemann,
Vincent Donnefort, Ingo Molnar, Juri Lelli, Vincent Guittot,
Dietmar Eggemann, Steven Rostedt, Ben Segall, Mel Gorman,
Christian Brauner
Hi all
There is a race condition between CPU hotplug off flow and
__sched_setscheduler(), which will cause hang-up in CPU hotplug off
flow.
Syndrome:
During hotplug off flow in CPU_A, it blocks on
CPUHP_AP_SCHED_WAIT_EMPTY state when enters rcuwait_wait_event().
In that moment, CPU_A stays in idle and cannot wake up stopper
thread(cpuhp/A) to continue CPU_A hotplug off flow.
Root cause:
Balance_push() callback has been stolen by CPU_B in executing
__sched_setscheduler() func., which should be executed in idle task of
CPU_A to wake up stopper thread (cpuhp/A) through calling
rcuwait_wake_up(&rq->hotplug_wait).
Racing flow as below:
CPU_A is going to hotplug off and set rq->balance_callback =
&balance_push_callback, then CPU_A should use balance_push() to push
the task out and release rq_lock.
But if CPU_B do __sched_setscheduler() before CPU_A switch to
swapper/A, CPU_B use splice_balance_callbacks() to steal rq-
>balance_callback and set the CPU_A rq->balance_callback = NULL.
Due to rq->balance_callback is NULL,
so swapper/A could not do balance_push() at CPU_A,
Due to rq(rq_A) != this_rq(rq_B),
so swapper/A could not do rcuwait_wake_up() at CPU_B.
Racing flow:
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
State: CPUHP_AP_ACTIVE
sched_cpu_deactivate()
-> balance_push_set(cpu, true)
-> rq_A->balance_callback = &balance_push_callback
=> CPU_A set rq_A balance_callback here.
State: CPUHP_AP_SCHED_WAIT_EMPTY
sched_cpu_wait_empty()
-> balance_hotplug_wait()
-> rcuwait_wait_event(&rq->hotplug_wait)
=> CPU_A do while loop to push task out from CPU_A,
until swapper/A wake up cpuhp/A.
-> schedule()
-> rq_lock(rq, &rf)
-> context_switch()
-> finish_lock_switch()
-> __balance_callbacks(rq_A)
-> do_balance_callbacks(rq,
splice_balance_callbacks(rq))
-> balance_push(rq_A)
-> raw_spin_rq_unlock_irq(rq_A)
=> CPU_A release rq_A lock.
CPU_A release rq_A lock, CPU_B can get rq_A lock.
-----------------------------------------------------------------------
CPU_B (do __sched_setscheduler(), set rq_A->balance_callback = NULL)
-----------------------------------------------------------------------
__sched_setscheduler(p) => task_rq(p) is rq_A
-> task_rq_lock(rq_A)
-> splice_balance_callbacks(rq_A)
-> if (head)
rq_A->balance_callback = NULL
=> CPU_B steal rq_A->balance_callback.
-> task_rq_unlock(rq_A)
CPU_B release rq_A lock, CPU_A can get rq_A lock and switch to
swapper/A.
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
switch to swapper/A:
schedule()
-> rq_lock(rq, &rf)
-> context_switch()
-> finish_lock_switch()
-> __balance_callbacks(rq_A)
-> do_balance_callbacks(rq, NULL)
=> Because rq_A->balance_callback = NULL,
swapper/A could not do rcuwait_wake_up().
-> raw_spin_rq_unlock_irq(rq_A)
-----------------------------------------------------------------------
CPU_B (do __sched_setscheduler(), set rq_A->balance_callback = NULL)
-----------------------------------------------------------------------
balance_callbacks(rq_A, head)
-> balance_push(rq_A)
-> rq->balance_callback = &balance_push_callback;
-> if (rq != this_rq())
return;
=> Because rq = rq_A, this_rq = rq_B,
swapper/A could not do rcuwait_wake_up().
-----------------------------------------------------------------------
CPU_A (Hotplug down)
-----------------------------------------------------------------------
rcuwait_wait_event(&rq->hotplug_wait)
=> swapper/A could not do rcuwait_wake_up(),
it cannot wake up stopper thread(cpuhp/A),
so system could not exit the while loop at rcuwait_wait_event.
Do you have any suggestion or solution for this issue?
Thank you.
Best regards,
Jing-Ting Wu
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2022-05-19 14:39 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <6013fb81cdb18892b75c796ab0e6756ee0e9cf71.camel@mediatek.com>
[not found] ` <a34049745934652483e3958e0a030a45b6fcfb40.camel@mediatek.com>
2022-05-06 7:47 ` [Bug] Race condition between CPU hotplug off flow and __sched_setscheduler() Peter Zijlstra
2022-05-06 7:47 ` Peter Zijlstra
2022-05-06 7:47 ` Peter Zijlstra
2022-05-19 12:53 Jing-Ting Wu
2022-05-19 12:53 ` Jing-Ting Wu
2022-05-19 12:53 ` Jing-Ting Wu
2022-05-19 13:14 ` Peter Zijlstra
2022-05-19 13:14 ` Peter Zijlstra
2022-05-19 13:14 ` Peter Zijlstra
2022-05-19 13:19 ` Peter Zijlstra
2022-05-19 13:19 ` Peter Zijlstra
2022-05-19 13:19 ` Peter Zijlstra
2022-05-19 13:47 ` Peter Zijlstra
2022-05-19 13:47 ` Peter Zijlstra
2022-05-19 13:47 ` Peter Zijlstra
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.