From: Paolo Bonzini <pbonzini@redhat.com>
To: Stefan Hajnoczi <stefanha@gmail.com>
Cc: david.edmondson@oracle.com, kwolf@redhat.com,
qemu-devel@nongnu.org, qemu-block@nongnu.org
Subject: Re: [PATCH 4/6] coroutine-lock: reimplement CoRwlock to fix downgrade bug
Date: Wed, 24 Mar 2021 17:40:23 +0100 [thread overview]
Message-ID: <94d7cc02-6da9-1160-9c02-45146671638e@redhat.com> (raw)
In-Reply-To: <YFtlm2+gainm8rox@stefanha-x1.localdomain>
On 24/03/21 17:15, Stefan Hajnoczi wrote:
> On Wed, Mar 17, 2021 at 07:00:11PM +0100, Paolo Bonzini wrote:
>> +static void qemu_co_rwlock_maybe_wake_one(CoRwlock *lock)
>> +{
>> + CoRwTicket *tkt = QSIMPLEQ_FIRST(&lock->tickets);
>> + Coroutine *co = NULL;
>> +
>> + /*
>> + * Setting lock->owners here prevents rdlock and wrlock from
>> + * sneaking in between unlock and wake.
>> + */
>> +
>> + if (tkt) {
>> + if (tkt->read) {
>> + if (lock->owners >= 0) {
>> + lock->owners++;
>> + co = tkt->co;
>> + }
>> + } else {
>> + if (lock->owners == 0) {
>> + lock->owners = -1;
>> + co = tkt->co;
>> + }
>> + }
>> + }
>> +
>> + if (co) {
>> + QSIMPLEQ_REMOVE_HEAD(&lock->tickets, next);
>> + qemu_co_mutex_unlock(&lock->mutex);
>> + aio_co_wake(co);
>
> I find it hard to reason about QSIMPLEQ_EMPTY(&lock->tickets) callers
> that execute before co is entered. They see an empty queue even though a
> coroutine is about to run. Updating owners above ensures that the code
> correctly tracks the state of the rwlock, but I'm not 100% confident
> about this aspect of the code.
Good point. The invariant when lock->mutex is released should be
clarified; a better way to phrase the comment above "if (tkt)" is:
The invariant when lock->mutex is released is that every ticket is
tracked in either lock->owners or lock->tickets. By updating
lock->owners here, rdlock/wrlock/upgrade will block even if they execute
between qemu_co_mutex_unlock and aio_co_wake.
>> - self->locks_held--;
>> + lock->owners--;
>> + QSIMPLEQ_INSERT_TAIL(&lock->tickets, &my_ticket, next);
>> + qemu_co_rwlock_maybe_wake_one(lock);
>> + qemu_coroutine_yield();
>> + assert(lock->owners == -1);
>
> lock->owners is read outside lock->mutex here. Not sure if this can
> cause problems.
True. It is okay though because lock->owners cannot change until this
coroutine unlocks. A worse occurrence of the issue is in rdlock:
assert(lock->owners >= 1);
/* Possibly wake another reader, which will wake the next in
line. */
qemu_co_mutex_lock(&lock->mutex);
where the assert should be moved after taking the lock, or possibly
changed to use qatomic_read. (I prefer the former).
> locks_held is kept unchanged across qemu_coroutine_yield() even though
> the read lock has been released. rdlock() and wrlock() only increment
> locks_held after acquiring the rwlock.
>
> In practice I don't think it matters, but it seems inconsistent. If
> locks_held is supposed to track tickets (not just coroutines currently
> holding a lock), then rdlock() and wrlock() should increment before
> yielding.
locks_held (unlike owners) is not part of the lock, it's part of the
Coroutine and only used for debugging (asserting that terminating
coroutines are not holding any lock).
Paolo
next prev parent reply other threads:[~2021-03-24 16:42 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-17 18:00 [PATCH v5 0/6] coroutine rwlock downgrade fix, minor VDI changes Paolo Bonzini
2021-03-17 18:00 ` [PATCH 1/6] block/vdi: When writing new bmap entry fails, don't leak the buffer Paolo Bonzini
2021-03-24 14:25 ` Max Reitz
2021-03-17 18:00 ` [PATCH 2/6] block/vdi: Don't assume that blocks are larger than VdiHeader Paolo Bonzini
2021-03-24 14:25 ` Max Reitz
2021-03-17 18:00 ` [PATCH 3/6] coroutine/mutex: Store the coroutine in the CoWaitRecord only once Paolo Bonzini
2021-03-17 18:00 ` [PATCH 4/6] coroutine-lock: reimplement CoRwlock to fix downgrade bug Paolo Bonzini
2021-03-24 16:15 ` Stefan Hajnoczi
2021-03-24 16:40 ` Paolo Bonzini [this message]
2021-03-17 18:00 ` [PATCH 5/6] test-coroutine: add rwlock upgrade test Paolo Bonzini
2021-03-17 18:19 ` David Edmondson
2021-03-17 18:00 ` [PATCH 6/6] test-coroutine: Add rwlock downgrade test Paolo Bonzini
2021-03-24 14:26 ` [PATCH v5 0/6] coroutine rwlock downgrade fix, minor VDI changes Max Reitz
2021-03-24 16:23 ` Stefan Hajnoczi
2021-03-24 16:43 ` Paolo Bonzini
-- strict thread matches above, loose matches on Subject: below --
2021-03-17 12:16 [PATCH v4 " Paolo Bonzini
2021-03-17 12:16 ` [PATCH 4/6] coroutine-lock: reimplement CoRwLock to fix downgrade bug Paolo Bonzini
2021-03-17 15:17 ` David Edmondson
2021-03-17 17:19 ` Paolo Bonzini
2021-03-17 17:47 ` David Edmondson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=94d7cc02-6da9-1160-9c02-45146671638e@redhat.com \
--to=pbonzini@redhat.com \
--cc=david.edmondson@oracle.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).