[PATCH RFC] nvmet-tcp: add new workqueue to surpress lockdep warning

Yi Zhang yi.zhang at redhat.com
Fri Sep 8 01:08:41 PDT 2023 

On Thu, Sep 7, 2023 at 4:12 PM Guoqing Jiang <guoqing.jiang at linux.dev> wrote:
>
> Hi Yi,
>
> On 9/7/23 14:41, Yi Zhang wrote:
> > Tested-by: Yi Zhang <yi.zhang at redhat.com>
> >
> > Confirmed below issue was fixed by this patch:
>
> Thanks a lot for the test!
>
> And I had got another similar lockdep warning about nvmet-rdma.

Yeah, I've filed this one last year, but still not get one solution.
https://lore.kernel.org/linux-rdma/13441b9b-cc13-f0e0-bd46-f14983dadd49@grimberg.me/



>
>
> [ 1218.508847] ======================================================
> [ 1218.508849] WARNING: possible circular locking dependency detected
> [ 1218.508852] 6.5.0-rc3+ #16 Tainted: G           OE
> [ 1218.508854] ------------------------------------------------------
> [ 1218.508856] kworker/1:3/357 is trying to acquire lock:
> [ 1218.508858] ffff8e32b919fc20 (&id_priv->handler_mutex){+.+.}-{3:3},
> at: rdma_destroy_id+0x1c/0x40 [rdma_cm]
> [ 1218.508877]
>                 but task is already holding lock:
> [ 1218.508878] ffffb5dbc0c67e40
> ((work_completion)(&queue->release_work)){+.+.}-{0:0}, at:
> process_one_work+0x236/0x590
> [ 1218.508887]
>                 which lock already depends on the new lock.
>
> [ 1218.508888]
>                 the existing dependency chain (in reverse order) is:
> [ 1218.508890]
>                 -> #3 ((work_completion)(&queue->release_work)){+.+.}-{0:0}:
> [ 1218.508894]        process_one_work+0x28c/0x590
> [ 1218.508898]        worker_thread+0x52/0x3f0
> [ 1218.508901]        kthread+0x109/0x140
> [ 1218.508904]        ret_from_fork+0x46/0x70
> [ 1218.508908]        ret_from_fork_asm+0x1b/0x30
> [ 1218.508911]
>                 -> #2 ((wq_completion)nvmet-wq){+.+.}-{0:0}:
> [ 1218.508915]        __flush_workqueue+0xc5/0x4f0
> [ 1218.508917]        nvmet_rdma_cm_handler+0xa50/0x1080 [nvmet_rdma]
> [ 1218.508924]        cma_cm_event_handler+0x4f/0x170 [rdma_cm]
> [ 1218.508933]        iw_conn_req_handler+0x2ad/0x3f0 [rdma_cm]
> [ 1218.508942]        cm_work_handler+0xbe2/0xe80 [iw_cm]
> [ 1218.508948]        process_one_work+0x2bd/0x590
> [ 1218.508951]        worker_thread+0x52/0x3f0
> [ 1218.508954]        kthread+0x109/0x140
> [ 1218.508956]        ret_from_fork+0x46/0x70
> [ 1218.508959]        ret_from_fork_asm+0x1b/0x30
> [ 1218.508961]
>                 -> #1 (&id_priv->handler_mutex/1){+.+.}-{3:3}:
> [ 1218.508966]        __mutex_lock+0x8d/0xd20
> [ 1218.508969]        mutex_lock_nested+0x1b/0x30
> [ 1218.508971]        iw_conn_req_handler+0x137/0x3f0 [rdma_cm]
> [ 1218.508980]        cm_work_handler+0xbe2/0xe80 [iw_cm]
> [ 1218.508986]        process_one_work+0x2bd/0x590
> [ 1218.508989]        worker_thread+0x52/0x3f0
> [ 1218.508991]        kthread+0x109/0x140
> [ 1218.508993]        ret_from_fork+0x46/0x70
> [ 1218.508996]        ret_from_fork_asm+0x1b/0x30
> [ 1218.508998]
>                 -> #0 (&id_priv->handler_mutex){+.+.}-{3:3}:
> [ 1218.509002]        __lock_acquire+0x1523/0x2590
> [ 1218.509007]        lock_acquire+0xd6/0x2f0
> [ 1218.509009]        __mutex_lock+0x8d/0xd20
> [ 1218.509011]        mutex_lock_nested+0x1b/0x30
> [ 1218.509013]        rdma_destroy_id+0x1c/0x40 [rdma_cm]
> [ 1218.509022]        nvmet_rdma_free_queue+0x38/0xf0 [nvmet_rdma]
> [ 1218.509028]        nvmet_rdma_release_queue_work+0x1a/0x70 [nvmet_rdma]
> [ 1218.509033]        process_one_work+0x2bd/0x590
> [ 1218.509036]        worker_thread+0x52/0x3f0
> [ 1218.509039]        kthread+0x109/0x140
> [ 1218.509040]        ret_from_fork+0x46/0x70
> [ 1218.509043]        ret_from_fork_asm+0x1b/0x30
> [ 1218.509045]
>                 other info that might help us debug this:
>
> [ 1218.509046] Chain exists of:
>                   &id_priv->handler_mutex --> (wq_completion)nvmet-wq
> --> (work_completion)(&queue->release_work)
>
> [ 1218.509052]  Possible unsafe locking scenario:
>
> [ 1218.509053]        CPU0                    CPU1
> [ 1218.509055]        ----                    ----
> [ 1218.509056] lock((work_completion)(&queue->release_work));
> [ 1218.509058] lock((wq_completion)nvmet-wq);
> [ 1218.509061] lock((work_completion)(&queue->release_work));
> [ 1218.509063]   lock(&id_priv->handler_mutex);
> [ 1218.509065]
>                  *** DEADLOCK ***
>
> The happens because nvmet_rdma_cm_handler receives
> RDMA_CM_EVENT_DISCONNECTED
> event then the call chain is triggered.
>
> 1. nvmet_rdma_queue_disconnect -> __nvmet_rdma_queue_disconnect
> 2.                                                             ->
> queue_work(nvmet_wq, &queue->release_work)
> 3. -> nvmet_rdma_release_queue_work
> 4.      -> nvmet_rdma_free_queue
> 5.          -> nvmet_rdma_destroy_queue_ib
> 6.              -> rdma_destroy_id
>
> If cm_handler receives RDMA_CM_EVENT_CONNECT_REQUEST event at the same
> time, which
> means the path nvmet_rdma_queue_connect -> flush_workqueue(nvmet_wq) can
> happen
> between 1 and 6.
>
> Besides make similar change like this patch, another option might be
> check queue state before
> flush workqueue. Thoughts?
>
> --- a/drivers/nvme/target/rdma.c
> +++ b/drivers/nvme/target/rdma.c
> @@ -1582,7 +1582,8 @@ static int nvmet_rdma_queue_connect(struct
> rdma_cm_id *cm_id,
>                  goto put_device;
>          }
>
> -       if (queue->host_qid == 0) {
> +       if (queue->state == NVMET_RDMA_Q_LIVE &&
> +           queue->host_qid == 0) {
>                  /* Let inflight controller teardown complete */
>                  flush_workqueue(nvmet_wq);
>          }
>
> Thanks,
> Guoqing
>


--
Best Regards,
  Yi Zhang

More information about the Linux-nvme mailing list