[v2] SUNRPC: Fix a race to wake a sync task

Message ID	a8e4ef3d79aba79bb844539af6d181a794011b1c.1721227179.git.bcodding@redhat.com (mailing list archive)
State	New
Headers	show Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 45F0C2EAE5 for <linux-nfs@vger.kernel.org>; Wed, 17 Jul 2024 14:49:43 +0000 (UTC) From: Benjamin Coddington <bcodding@redhat.com> To: Trond Myklebust <trond.myklebust@hammerspace.com>, Anna Schumaker <anna@kernel.org> Cc: Jeff Layton <jlayton@kernel.org>, linux-nfs@vger.kernel.org Subject: [PATCH v2] SUNRPC: Fix a race to wake a sync task Date: Wed, 17 Jul 2024 10:49:33 -0400 Message-ID: <a8e4ef3d79aba79bb844539af6d181a794011b1c.1721227179.git.bcodding@redhat.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[v2] SUNRPC: Fix a race to wake a sync task \| expand [v2] SUNRPC: Fix a race to wake a sync task

Message ID

a8e4ef3d79aba79bb844539af6d181a794011b1c.1721227179.git.bcodding@redhat.com (mailing list archive)

State

New

Headers

From: Benjamin Coddington <bcodding@redhat.com>
To: Trond Myklebust <trond.myklebust@hammerspace.com>,
	Anna Schumaker <anna@kernel.org>
Cc: Jeff Layton <jlayton@kernel.org>,
	linux-nfs@vger.kernel.org
Subject: [PATCH v2] SUNRPC: Fix a race to wake a sync task
Date: Wed, 17 Jul 2024 10:49:33 -0400
Message-ID: 
 <a8e4ef3d79aba79bb844539af6d181a794011b1c.1721227179.git.bcodding@redhat.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[v2] SUNRPC: Fix a race to wake a sync task | expand

Commit Message

Benjamin Coddington July 17, 2024, 2:49 p.m. UTC

We've observed NFS clients with sync tasks sleeping in __rpc_execute
waiting on RPC_TASK_QUEUED that have not responded to a wake-up from
rpc_make_runnable().  I suspect this problem usually goes unnoticed,
because on a busy client the task will eventually be re-awoken by another
task completion or xprt event.  However, if the state manager is draining
the slot table, a sync task missing a wake-up can result in a hung client.

We've been able to prove that the waker in rpc_make_runnable() successfully
calls wake_up_bit() (ie- there's no race to tk_runstate), but the
wake_up_bit() call fails to wake the waiter.  I suspect the waker is
missing the load of the bit's wait_queue_head, so waitqueue_active() is
false.  There are some very helpful comments about this problem above
wake_up_bit(), prepare_to_wait(), and waitqueue_active().

Fix this by inserting smp_mb__after_atomic() before the wake_up_bit(),
which pairs with prepare_to_wait() calling set_current_state().

Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
---
This v2 drops the comment which matches other barriers in our subsystem, and
backs out the full memory barrier to use the __after_atomic() variant as
Trond suggests.

Though I have not yet completed a full test run, it has survived 16 of the
50 hours I planned for it.  My reproducer rarely takes longer than an hour,
never more than 90 minutes for the last ~10 reproductions.

Thanks for the review and attention.
---
 net/sunrpc/sched.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c
index 6debf4fd42d4..cef623ea1506 100644
--- a/net/sunrpc/sched.c
+++ b/net/sunrpc/sched.c
@@ -369,8 +369,10 @@  static void rpc_make_runnable(struct workqueue_struct *wq,
 	if (RPC_IS_ASYNC(task)) {
 		INIT_WORK(&task->u.tk_work, rpc_async_schedule);
 		queue_work(wq, &task->u.tk_work);
-	} else
+	} else {
+		smp_mb__after_atomic();
 		wake_up_bit(&task->tk_runstate, RPC_TASK_QUEUED);
+	}
 }
 
 /*

[v2] SUNRPC: Fix a race to wake a sync task

Commit Message

Patch