I'll start with the most simple question: Is it possible that with 128 writer threads, we are able to keep the list of work constantly growing, and the ptlrpcd will happily continue working for long periods of time without ever hitting schedule point?

Oleg

Could you please advise?

Thanks

Peter

So is this just the case of clients being really slow with adler32 checksums?
When you load lustre modules, speeds of different checksum algorithms are printed into debug logs, so perhaps peek there to see if you can choose a different checksum algorithm that's ligher on your cpus?

Currently preference is taken based on server performance a that's considered more imprtant, but your case might be different.
I assume you are not really keen on disabling the checksums altogether.

I guess some schedules might help too, but that would just get rid of the warning

My patch at http://review.whamcloud.com/9990 improves the checksum logging a bit - it moves the performance numbers into the D_CONFIG so that the checksum performance is always logged at startup (one time only), and increases the checksum size to better reflect RPC sizes.

So is this just the case of clients being really slow with adler32 checksums?

No, as far as I know that is not a problem. Early in BG/Q's life the ptlrpcd was parallelized so that we can distribute the checksumming load across (edit) more ptlrpcds, and checksumming performance has not, to the best of my knowledge, been a problem.

The problem is that we a have a kernel thread that ran in excess of 67 seconds without ever calling schedule(). Why did that happen?

My patch at http://review.whamcloud.com/9990 improves the checksum logging a bit

I applied the patch, but I'm not getting anything useful. It always says zero for all hash types:

Using crypto hash: crc32 (crc32-table) speed 0 MB/s

Each of those lines in the log is repeated 10s to hundreds of times for each hash type. Here's a summary:

$ grep "Using crypto" log | cut -b 98- | uniq -c
    338 Using crypto hash: adler32 (adler32-zlib) speed 0 MB/s
     84 Using crypto hash: crc32 (crc32-table) speed 0 MB/s
     78 Using crypto hash: md5 (md5-generic) speed 0 MB/s
     24 Using crypto hash: sha1 (sha1-generic) speed 0 MB/s
     68 Using crypto hash: crc32c (crc32c-generic) speed 0 MB/s

Ah, the one message that I really needed already moved to D_CONFIG on master, so Andreas' patch didn't touch that one for me. I fixed that and found:

Crypto hash algorithm adler32 speed = 341 MB/s

341 * 67 seconds is over 22 GBs. So if you think that the ptlrpcd is spending the entire time on adler32, then I would argue that checksumming over 22 GB without a schedule() is not particularly reasonable.

Chris, just to clarify, is the core problem that the ptlrpcd thread is generating the watchdog dump, or is the problem that the ptlrpcd thread on this code is hogging this core and other threads need to run on that specific core?

It seems fairly straight forward to add a schedule in the main loop so other processes get a chance to run and that the watchdog does not get triggered. If the problem is that there is just too much work being done on the core, then that would need more work to try and improve the ptlrpcd scheduling of the checksum work.

Also, is there no other checksum type available than adler32? On my very old Pentium system it still has a few choices (all software):

Crypto hash algorithm adler32 speed = 694 MB/s
Crypto hash algorithm crc32 speed = 165 MB/s
Crypto hash algorithm crc32c speed = 402 MB/s

Are there are patches for newer kernels that implement CPU-optimized PPC checksum codes in the kernel?

Chris, just to clarify, is the core problem that the ptlrpcd thread is generating the watchdog dump

Yes, that is the primary problem. It is never good kernel programming practice to have a process with unbounded run time monopolizing a CPU.

is there no other checksum type available than adler32?

There were others, but we use adler32, and it was also the fastest. Here is the fuller list on the BG/Q client:

Crypto hash algorithm adler32 speed = 341 MB/s
Crypto hash algorithm crc32 speed = 82 MB/s
Crypto hash algorithm md5 speed = 78 MB/s
Crypto hash algorithm sha1 speed = 23 MB/s
Crypto hash algorithm crc32c speed = 67 MB/s

The print statements say "-1 MB/s" for the unsupported algorithms. That print statement could be improved as well. Here is the unfiltered results for reference:

00000001:01000000:0.0F:1400027577.586961:2224:3144:0:(linux-crypto.c:127:cfs_crypto_hash_alloc()) Failed to alloc crypto hash null
00000001:01000000:0.0:1400027577.586977:1792:3144:0:(linux-crypto.c:297:cfs_crypto_performance_test()) Crypto hash algorithm null, err = -2
00000001:01000000:0.0:1400027577.586988:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm null speed = -1 MB/s
00000001:01000000:0.0:1400027578.587671:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm adler32 speed = 341 MB/s
00000001:01000000:0.0:1400027579.580961:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm crc32 speed = 82 MB/s
00000001:01000000:0.0:1400027580.586248:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm md5 speed = 78 MB/s
00000001:01000000:0.0:1400027581.593861:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm sha1 speed = 23 MB/s
00000001:01000000:0.0:1400027584.015726:2224:3144:0:(linux-crypto.c:127:cfs_crypto_hash_alloc()) Failed to alloc crypto hash sha256
00000001:01000000:0.0:1400027584.015738:1792:3144:0:(linux-crypto.c:297:cfs_crypto_performance_test()) Crypto hash algorithm sha256, err = -2
00000001:01000000:0.0:1400027584.015750:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm sha256 speed = -1 MB/s
00000001:01000000:0.0:1400027584.031881:2224:3144:0:(linux-crypto.c:127:cfs_crypto_hash_alloc()) Failed to alloc crypto hash sha384
00000001:01000000:0.0:1400027584.031893:1792:3144:0:(linux-crypto.c:297:cfs_crypto_performance_test()) Crypto hash algorithm sha384, err = -2
00000001:01000000:0.0:1400027584.031905:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm sha384 speed = -1 MB/s
00000001:01000000:0.0:1400027584.048161:2224:3144:0:(linux-crypto.c:127:cfs_crypto_hash_alloc()) Failed to alloc crypto hash sha512
00000001:01000000:0.0:1400027584.048173:1792:3144:0:(linux-crypto.c:297:cfs_crypto_performance_test()) Crypto hash algorithm sha512, err = -2
00000001:01000000:0.0:1400027584.048184:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm sha512 speed = -1 MB/s
00000001:01000000:0.0:1400027585.047812:1792:3144:0:(linux-crypto.c:305:cfs_crypto_performance_test()) Crypto hash algorithm crc32c speed = 67 MB/s

If the problem is that there is just too much work being done on the core, then that would need more work to try and improve the ptlrpcd scheduling of the checksum work.

By the way, there is some question in my mind about whether the work load is being sanely distributed across the 16 ptlrpcd. It seems odd to me that only one or two of the ptlrpcd spin at 100% like this. But I think we can leave that issue to a future ticket.

I was looking at the code for ptlrpcd() to add a schedule() call, or cpu_relax(). I need to look into that more closely, but it needs to be done in any case.

It may be that the reason that core #0 and core #1 are handling more work with ptlrpcd is because the BG/L scheduler is not running any user processes on this core. The ptlrpcd() thread will grab RPCs to process from other neighboring cores the local one is idle and if the others are busy. This allows the "producer" threads to keep working and the ptlrpcd can run on an otherwise idle core to offload checksums and other request handling work.

Whether this load balancing is working optimally is up for discussion.

I actually saw a few similar tickets, so I looked into ptlrpcd and found some suspicious code, here is a patch could be helpful: http://review.whamcloud.com/#/c/10351/

It may be that the reason that core #0 and core #1 are handling more work with ptlrpcd is because the BG/L scheduler is not running any user processes on this core.

Andreas, I think you are confusing this ticket's symptoms with LU-5043. That issue is resolved.

In this ticket core 0 and 1 are not handling more work. When ptlrpcd gets stuck working for minutes at a time without a single schedule it can be just about any CPU and any of the ptlrpcd. But so far it I have never seen more than 2 (maybe 3?) out of the 16 ptlrpcd threads spinning like this at any particular time. This is why I suspect load balancing issues in Lustre; but admittedly my current visibility into what is going on is fairly limited.

Also, the "BG/L scheduler" is just Linux on PPC. I don't think there are any bluegene-specific scheduler changes in this kernel.

I actually saw a few similar tickets, so I looked into ptlrpcd and found some suspicious code, here is a patch could be helpful: http://review.whamcloud.com/#/c/10351/

Thanks Liang! I think that is the general idea.

But I think maybe the approach should be a little different. Since ptlrpc_check_set() is used a number of places, and ptlrpcd() is the one place that wants everything to be different, I think perhaps ptlrpcd() just needs its own function to walk the queue of work. Maybe it shouldn't even use the ptlrpc_request_set(), and instead have a list more specific to its own needs. But I could be missing something there.

I made a simpler cond_resched() patch that is only intended for testing, but I'll share it here for reference:

http://review.whamcloud.com/10358

In limited testing, so far the soft lockups are gone as expected. Load on CPUs looks pretty even, with no runaway Lustre threads monopolizing cores. Better still, write throughput is up 40%! Read performance looks improved as well.

I have seen a couple of these console messages on the clients while using test patch 10358.

2014-05-16 14:51:42.541470 {RMP16Ma135918551} [mmcs]{10}.6.1: Lustre: 3876:0:(service.c:1889:ptlrpc_server_handle_req_in()) @@@ Slow req_in handling 6s  req@c0000002450f32c0 x1465655019342052/t0(0) o104->LOV_OSC_UUID@172.20.20.18@o2ib500:0/0 lens 296/0 e 0
 to 0 dl 0 ref 1 fl New:/0/ffffffff rc 0/-1

That thread was ldlm_bl_19.

The client is still probably faster and better behaved then it has been in the past.

Hi, after looking into code again, I suspect the major reason is ptlrpcd_check() is a too expensive condition for l_wait_event():

• l_wait_event() will call condition callback (it's ptlrpcd_check in this case) for three times in each loop
• ptlrpcd_check() will usually scan the whole request list for twice: the first time in ptlrpc_check_set(), the second time is for finishing completed requests
• which means ptlrpcd() will scan all requests 3 * 2 = 6 times in each loop, it could be very time consuming. Even worse, more longer it takes, more likely that it can't sleep because more requests/replies may come

So I changed my patch in this way:

• only call cond_resched() in mainloop of ptlrpcd, because very likely, we just call into ptlrpcd_check() again and again
• ptlrpc_check_set() will put completed request at the head of ptlrpc_request_set::set_requests
• ptlrpcd_check() only needs to scan small part of ptlrpc_request_set::set_requests while finishing completed requests
• adding "wakeup version" ptlrpc_request_set::set_wake_ver
  • this version number increases whenever there is a wakeup call for ptlrpc_request_set
  • ptlrpcd will check set::set_wake_ver in ptlrpcd_check(), if it's different with the version that ptlrpcd has already checked/saved, then ptlrpcd needs to save the new version number and call into ptlrpc_check_set(), otherwise ptlrpcd can skip scan
  • With this change, ptlrpcd_check() could be a lot cheaper if it's called for more than once in the same loop (very short interval).

Peter/Andreas/Oleg, I will be on vacation for most of the next two weeks, so I probably can't update my patch on time, if it makes any sense to you, could you please find someone to take over it, or feel free to abandon it and take a different approach if it's not correct, thanks.

Liang, generally speaking I think there are some good improvements that you are working on. However, I do not think that they address the fundamental bug of this ticket, which is this:

The processing time in ptlrpc_check_set() is unbounded.

Reducing the number of times the list is scanned by a factor of 6 would be good, but that will still leave the ptlrpcd using the CPU for far too long without a schedule. "Way too long" divided by six is still "too long". We must either somehow bound the time spent in ptlrpc_check_set(), or we must call cond_sched() while processing the list.

Andreas had a couple of questions about my testing patch, http://review.whamcloud.com/#/c/10358/ that I will answer here so they hopefully have a better chance of informing the final patch.

  cfs_list_for_each_safe(tmp, next, &set->set_requests) {
	  struct ptlrpc_request *req =
	  cfs_list_entry(tmp, struct ptlrpc_request,
	  rq_set_chain);
	  struct obd_import *imp = req->rq_import;
	  int unregistered = 0;
	  int rc = 0;
+
+        if (resched_allowed)
+                cond_resched();

Any reason not to allow reschedule for all callers and just drop the parameter?

Allowing it for all callers would certainly be cleaner code. But ensuring that lustre never does anything stupid, like holding a spin lock while calling ptlrpc_check_set(), would require a much much larger code audit on my part. I have seen ptlrpc_check_set() appear in far too many backtraces over the past few years to make the change without greater understanding. It looked safe to schedule from the ptlrpcd() path, but I just don't know about the others.

You folks probably have a better idea then I do if it would be safe to cond_resched() in all cases.

It would also make more sense to do this after processing the RPC instead of before (no point to reschedule before doing any work)

I did consider that as well. The problem is that ptlrpc_check_set() has nearly 20 continue statements. I don't see a clear way to ensure that our CPU time is bounded, and therefore correct, without putting the cond_resched() first. And if the very first cond_resched() results in a real schedule before we do any rpc processing, then clearly the thread exhausted its time slice already and should be rescheduled.

I actually tested with a very similar patch, only inserted unconditional cond_resched() before calling RPC completion handler (which is the real expensive place i suspect).
It passed my real rigorous testing on the race-crazy setup and so I think it's totally fine to do it for all callers.

What do you think?

We do not allow of calling ptlrpc_check_next holding a spinlock anyway.

Can you prove that it is correct? I see quite a few continue statements before ptlrpc_req_interpret().

What would be the worst case time between cond_resched() calls? Is it bounded?

By putting the cond_resched() at the beginning of the loop, we bound the maximum time that we exceed our run time to just over the maximum time it takes to process a single element of the list. Lets call that X.

If we put the cond_resched() the processing time for each element is assumed to be less than X, so lets call that Y. But now we'll need to process N elements before a cond_resched(), so lets call the processing time Y*N.

Yes, Y is probably less than X. But N is unknown and potentially quite large. Yes, Y*N may often be less than X. But this is computer science, we need to know the worst case and handle it reasonably. In the worst case, Y*N may be much, much larger than X.

This all assumes that that ptlrpc_req_interpret() and other calls are not buggy and not unbounded in run time. But that is fine for now, lets just focus on making ptlrpc_check_set() correct before addressing other problems.

Since N is unknown, we need to assume it is large. That means we need the cond_resched() at the top of the loop.

Is

unlikely(test_thread_flag(TIF_NEED_RESCHED)

too high of a price to pay to ensure proper run time?

If you think it is too expensive, then we need to audit more code and put protections in place to limit N.

As we just discussed on the call - I guess it's more future-proof to just do cond_resched at every iteration. Since we already allow to sleep in the interpret callbacks, this should patch into a basically a oneliner

I updated my patch to be that one-liner, plus comments:

http://review.whamcloud.com/#/c/10358/

Landed for 2.6