Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp2730928rwb; Fri, 20 Jan 2023 06:45:48 -0800 (PST) X-Google-Smtp-Source: AMrXdXtioGZH79P6muluc1tE12PdzsI+cRj0NyCHMilZcTm0RcM6TgzblblcmV6XzqH+jCsaY3Kf X-Received: by 2002:aa7:cd89:0:b0:49d:14cf:5f4a with SMTP id x9-20020aa7cd89000000b0049d14cf5f4amr15316210edv.39.1674225947837; Fri, 20 Jan 2023 06:45:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674225947; cv=none; d=google.com; s=arc-20160816; b=Wykw5O3uVgT8xAL2YT9sbl4WnZzJED69QyXnOn+bumnHjwT2L+EDJdLGaBq9L4GEjc 5AxQMUcB9bdM27BSje1iJWXYtWGGMsAKca3FHKVjKGTRQ1LqIsmB7t+gan7mnl1rWDfu IQGGeNxjcvpM54hafekVmjJbceDr1h3BjB5mjy0yDokbbfX7VtsVoBLwVcvQwtl0AdVq Rz/FEXGlo/4Zg5lK8E+FBVNPKD5vJTTADG0VrFlfxiAoMWAyn6PDw1fCbbNGLYLFp4MC e2zN/1YzqFeFheGlA7t9a4vS6pvwFio/ccWdf+ILgSuLjdi2gJ5SaBoMwRF4qUI+C3Dd rr+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-disposition:mime-version:message-id :subject:cc:to:from:date; bh=B7a/E4VaF1eNVjiR9O/r2GhRx2e2+Lzjg6e5fUOP9ak=; b=XAr6ruBEodIq5aGYloGZ+rb62xJ4pf5svtos/Nd6WONQxiI1Jbt9OumkbFx8o6HzP8 yt9wWEbjSAQ+ujAgAYvQt6lMJcY4nZ2ixyfx6dtRnSNs/FfVl2kATHZunXblHED+mhXa pZ5doMpBnA9+Y6YVwq8zjV3kYm3L8+6CM3B0Ht5afMY3AuOXW/mqkPKofSC9L1rGQHLy LJenYwekuk1bKWdG/vTOu4YmltZhbOuXfZNhCDtd3uflK0UV7GQmt4tHRxYD00K6mTAN 4XNhN9w4Z6ZuirhCJ/KrQQ0cU/WDDL/6uqeU9lphhd13mHO7n/Bc5u6zSL2cP529GgYU Laxg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r19-20020a05640251d300b00485220caa05si52851946edd.597.2023.01.20.06.45.34; Fri, 20 Jan 2023 06:45:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230117AbjATOI4 (ORCPT + 49 others); Fri, 20 Jan 2023 09:08:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35158 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229459AbjATOIy (ORCPT ); Fri, 20 Jan 2023 09:08:54 -0500 Received: from outbound-smtp58.blacknight.com (outbound-smtp58.blacknight.com [46.22.136.242]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E4CF1BC8BC for ; Fri, 20 Jan 2023 06:08:50 -0800 (PST) Received: from mail.blacknight.com (pemlinmail05.blacknight.ie [81.17.254.26]) by outbound-smtp58.blacknight.com (Postfix) with ESMTPS id 4E42DFAE01 for ; Fri, 20 Jan 2023 14:08:49 +0000 (GMT) Received: (qmail 32017 invoked from network); 20 Jan 2023 14:08:49 -0000 Received: from unknown (HELO techsingularity.net) (mgorman@techsingularity.net@[84.203.198.246]) by 81.17.254.9 with ESMTPSA (AES256-SHA encrypted, authenticated); 20 Jan 2023 14:08:48 -0000 Date: Fri, 20 Jan 2023 14:08:47 +0000 From: Mel Gorman To: Peter Zijlstra Cc: Sebastian Andrzej Siewior , Thomas Gleixner , Ingo Molnar , Davidlohr Bueso , Linux-RT , LKML Subject: [PATCH v4] locking/rwbase: Mitigate indefinite writer starvation Message-ID: <20230120140847.4pjqf3oinemokcyp@techsingularity.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org rw_semaphore and rwlock are explicitly unfair to writers in the presense of readers by design with a PREEMPT_RT configuration. Commit 943f0edb754f ("locking/rt: Add base code for RT rw_semaphore and rwlock") notes; The implementation is writer unfair, as it is not feasible to do priority inheritance on multiple readers, but experience has shown that real-time workloads are not the typical workloads which are sensitive to writer starvation. While atypical, it's also trivial to block writers with PREEMPT_RT indefinitely without ever making forward progress. Since LTP-20220121, the dio_truncate test case went from having 1 reader to having 16 readers and the number of readers is sufficient to prevent the down_write ever succeeding while readers exist. Eventually the test is killed after 30 minutes as a failure. dio_truncate is not a realtime application but indefinite writer starvation is undesirable. The test case has one writer appending and truncating files A and B while multiple readers read file A. The readers and writer are contending for one file's inode lock which never succeeds as the readers keep reading until the writer is done which never happens. This patch records a timestamp when the first writer is blocked. DL / RT tasks can continue to take the lock for read as long as readers exist indefinitely. Other readers can acquire the read lock unless a writer has been blocked for a minimum of 4ms. This is sufficient to allow the dio_truncate test case to complete within the 30 minutes timeout. [bigeasy@linutronix.de: Fix overflow, close race against reader, match rwsem timeouts, better rt_task handling, simplification] Signed-off-by: Mel Gorman Reviewed-by: Sebastian Andrzej Siewior --- include/linux/rwbase_rt.h | 3 +++ kernel/locking/rwbase_rt.c | 41 ++++++++++++++++++++++++++++++++++++++--- 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/include/linux/rwbase_rt.h b/include/linux/rwbase_rt.h index 1d264dd08625..b969b1d9bb85 100644 --- a/include/linux/rwbase_rt.h +++ b/include/linux/rwbase_rt.h @@ -10,12 +10,14 @@ struct rwbase_rt { atomic_t readers; + unsigned long waiter_timeout; struct rt_mutex_base rtmutex; }; #define __RWBASE_INITIALIZER(name) \ { \ .readers = ATOMIC_INIT(READER_BIAS), \ + .waiter_timeout = 0, \ .rtmutex = __RT_MUTEX_BASE_INITIALIZER(name.rtmutex), \ } @@ -23,6 +25,7 @@ struct rwbase_rt { do { \ rt_mutex_base_init(&(rwbase)->rtmutex); \ atomic_set(&(rwbase)->readers, READER_BIAS); \ + (rwbase)->waiter_timeout = 0; \ } while (0) diff --git a/kernel/locking/rwbase_rt.c b/kernel/locking/rwbase_rt.c index c201aadb9301..24fafe16e008 100644 --- a/kernel/locking/rwbase_rt.c +++ b/kernel/locking/rwbase_rt.c @@ -39,7 +39,10 @@ * major surgery for a very dubious value. * * The risk of writer starvation is there, but the pathological use cases - * which trigger it are not necessarily the typical RT workloads. + * which trigger it are not necessarily the typical RT workloads. SCHED_OTHER + * reader acquisitions will be forced into the slow path if a writer is + * blocked for more than RWBASE_RT_WAIT_TIMEOUT jiffies. New DL / RT readers + * can still starve a writer indefinitely. * * Fast-path orderings: * The lock/unlock of readers can run in fast paths: lock and unlock are only @@ -65,6 +68,27 @@ static __always_inline int rwbase_read_trylock(struct rwbase_rt *rwb) return 0; } +/* + * Allow reader bias for SCHED_OTHER tasks with a pending writer for a + * minimum of 4ms or 1 tick. This matches RWSEM_WAIT_TIMEOUT for the + * generic RWSEM implementation. + */ +#define RWBASE_RT_WAIT_TIMEOUT DIV_ROUND_UP(HZ, 250) + +static bool __sched rwbase_allow_reader_bias(struct rwbase_rt *rwb) +{ + /* + * Allow reader bias if no writer is blocked or for DL / RT tasks. + * Such tasks should be designed to avoid heavy writer contention + * or indefinite starvation. + */ + if (!rwb->waiter_timeout || rt_task(current)) + return true; + + /* Allow reader bias unless a writer timeout has expired. */ + return time_before(jiffies, rwb->waiter_timeout); +} + static int __sched __rwbase_read_lock(struct rwbase_rt *rwb, unsigned int state) { @@ -74,9 +98,11 @@ static int __sched __rwbase_read_lock(struct rwbase_rt *rwb, raw_spin_lock_irq(&rtm->wait_lock); /* * Allow readers, as long as the writer has not completely - * acquired the semaphore for write. + * acquired the semaphore for write and reader bias is still + * allowed. */ - if (atomic_read(&rwb->readers) != WRITER_BIAS) { + if (atomic_read(&rwb->readers) != WRITER_BIAS && + rwbase_allow_reader_bias(rwb)) { atomic_inc(&rwb->readers); raw_spin_unlock_irq(&rtm->wait_lock); return 0; @@ -255,6 +281,7 @@ static int __sched rwbase_write_lock(struct rwbase_rt *rwb, for (;;) { /* Optimized out for rwlocks */ if (rwbase_signal_pending_state(state, current)) { + rwb->waiter_timeout = 0; rwbase_restore_current_state(); __rwbase_write_unlock(rwb, 0, flags); trace_contention_end(rwb, -EINTR); @@ -264,12 +291,20 @@ static int __sched rwbase_write_lock(struct rwbase_rt *rwb, if (__rwbase_write_trylock(rwb)) break; + /* + * Record timeout when reader bias is ignored. Ensure timeout + * is at least 1 in case of overflow. + */ + rwb->waiter_timeout = (jiffies + RWBASE_RT_WAIT_TIMEOUT) | 1; + raw_spin_unlock_irqrestore(&rtm->wait_lock, flags); rwbase_schedule(); raw_spin_lock_irqsave(&rtm->wait_lock, flags); set_current_state(state); } + + rwb->waiter_timeout = 0; rwbase_restore_current_state(); trace_contention_end(rwb, 0); -- Mel Gorman SUSE Labs