On Thu, Mar 23, 2023 at 09:17:33AM -0700, Yosry Ahmed wrote: > On Thu, Mar 23, 2023 at 9:10 AM Shakeel Butt <shakeelb@xxxxxxxxxx> wrote: > > > > On Thu, Mar 23, 2023 at 8:46 AM Shakeel Butt <shakeelb@xxxxxxxxxx> wrote: > > > > > > On Thu, Mar 23, 2023 at 8:43 AM Yosry Ahmed <yosryahmed@xxxxxxxxxx> wrote: > > > > > > > > On Thu, Mar 23, 2023 at 8:40 AM Shakeel Butt <shakeelb@xxxxxxxxxx> wrote: > > > > > > > > > > On Thu, Mar 23, 2023 at 6:36 AM Yosry Ahmed <yosryahmed@xxxxxxxxxx> wrote: > > > > > > > > > > > [...] > > > > > > > > > > > > > > > > > 2. Are we really calling rstat flush in irq context? > > > > > > > > > > > > > > > > I think it is possible through the charge/uncharge path: > > > > > > > > memcg_check_events()->mem_cgroup_threshold()->mem_cgroup_usage(). I > > > > > > > > added the protection against flushing in an interrupt context for > > > > > > > > future callers as well, as it may cause a deadlock if we don't disable > > > > > > > > interrupts when acquiring cgroup_rstat_lock. > > > > > > > > > > > > > > > > > 3. The mem_cgroup_flush_stats() call in mem_cgroup_usage() is only > > > > > > > > > done for root memcg. Why is mem_cgroup_threshold() interested in root > > > > > > > > > memcg usage? Why not ignore root memcg in mem_cgroup_threshold() ? > > > > > > > > > > > > > > > > I am not sure, but the code looks like event notifications may be set > > > > > > > > up on root memcg, which is why we need to check thresholds. > > > > > > > > > > > > > > This is something we should deprecate as root memcg's usage is ill defined. > > > > > > > > > > > > Right, but I think this would be orthogonal to this patch series. > > > > > > > > > > > > > > > > I don't think we can make cgroup_rstat_lock a non-irq-disabling lock > > > > > without either breaking a link between mem_cgroup_threshold and > > > > > cgroup_rstat_lock or make mem_cgroup_threshold work without disabling > > > > > irqs. > > > > > > > > > > So, this patch can not be applied before either of those two tasks are > > > > > done (and we may find more such scenarios). > > > > > > > > > > > > Could you elaborate why? > > > > > > > > My understanding is that with an in_task() check to make sure we only > > > > acquire cgroup_rstat_lock from non-irq context it should be fine to > > > > acquire cgroup_rstat_lock without disabling interrupts. > > > > > > From mem_cgroup_threshold() code path, cgroup_rstat_lock will be taken > > > with irq disabled while other code paths will take cgroup_rstat_lock > > > with irq enabled. This is a potential deadlock hazard unless > > > cgroup_rstat_lock is always taken with irq disabled. > > > > Oh you are making sure it is not taken in the irq context through > > should_skip_flush(). Hmm seems like a hack. Normally it is recommended > > to actually remove all such users instead of silently > > ignoring/bypassing the functionality. +1 It shouldn't silently skip the requested operation, rather it shouldn't be requested from an incompatible context. > > So, how about removing mem_cgroup_flush_stats() from > > mem_cgroup_usage(). It will break the known chain which is taking > > cgroup_rstat_lock with irq disabled and you can add > > WARN_ON_ONCE(!in_task()). > > This changes the behavior in a more obvious way because: > 1. The memcg_check_events()->mem_cgroup_threshold()->mem_cgroup_usage() > path is also exercised in a lot of paths outside irq context, this > will change the behavior for any event thresholds on the root memcg. > With proposed skipped flushing in irq context we only change the > behavior in a small subset of cases. Can you do /* Note: stale usage data when called from irq context!! */ if (in_task()) mem_cgroup_flush_stats() directly in the callsite? Maybe even include the whole callchain in the comment that's currently broken and needs fixing/removing.