[v1,2/3] scsi: ufs: Optimize host lock on transfer requests send/compl paths

Current UFS IRQ handler is completely wrapped by host lock, and because
ufshcd_send_command() is also protected by host lock, when IRQ handler
fires, not only the CPU running the IRQ handler cannot send new requests,
the rest CPUs can neither. Move the host lock wrapping the IRQ handler into
specific branches, i.e., ufshcd_uic_cmd_compl(), ufshcd_check_errors(),
ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to further
reduce occpuation of host lock in ufshcd_transfer_req_compl(), host lock is
no longer required to call __ufshcd_transfer_req_compl(). As per test, the
optimization can bring considerable gain to random read/write performance.

Cc: Stanley Chu <stanley.chu@mediatek.com>
Co-developed-by: Asutosh Das <asutoshd@codeaurora.org>
Signed-off-by: Asutosh Das <asutoshd@codeaurora.org>
Signed-off-by: Can Guo <cang@codeaurora.org>
---
 drivers/scsi/ufs/ufshcd.c | 258 ++++++++++++++++++++++------------------------
 drivers/scsi/ufs/ufshcd.h |   2 -
 2 files changed, 126 insertions(+), 134 deletions(-)

On 5/24/2021 1:10 PM, Bart Van Assche wrote:
> On 5/24/21 1:36 AM, Can Guo wrote:
>> Current UFS IRQ handler is completely wrapped by host lock, and because
>> ufshcd_send_command() is also protected by host lock, when IRQ handler
>> fires, not only the CPU running the IRQ handler cannot send new requests,
>> the rest CPUs can neither. Move the host lock wrapping the IRQ handler into
>> specific branches, i.e., ufshcd_uic_cmd_compl(), ufshcd_check_errors(),
>> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to further
>> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host lock is
>> no longer required to call __ufshcd_transfer_req_compl(). As per test, the
>> optimization can bring considerable gain to random read/write performance.
> 

> An additional question is whether it is necessary for v3.0 UFS devices
> to serialize the submission path against the completion path? Multiple
> high-performance SCSI LLDs support hardware with separate submission and
> completion queues and hence do not need any serialization between the
> submission and the completion path. I'm asking this because it is likely
> that sooner or later multiqueue support will be added in the UFS
> specification. Benefiting from multiqueue support will require to rework
> locking in the UFS driver anyway.
> 
Hi Bart,
No it's not necessary to serialize both the paths. I think this series 
attempts to remove this serialization to a certain degree, which is 
what's giving the performance improvement.

Even if multiqueue support would be available in the future, I think 
this change is apt now for the current available specification.

> Thanks,
> 
> Bart.
> 


Thanks,
-asd

On 5/24/21 6:40 PM, Can Guo wrote:
> Agree with all above, and what you ask is right what we are doing in
> the 3rd change - get rid of host lock on dispatch and completion
> paths.
> 
> I agree with using dedicated spin locks for dedicated purposes in
> UFS driver, e.g., clk gating has its own gating_lock and clk scaling
> has its own scaling_lock. But this specific series is only for
> improving performance. We will take your comments into consideration
> and address it in future.
Thanks!

Bart.

> > On 5/24/2021 1:10 PM, Bart Van Assche wrote:

> > > On 5/24/21 1:36 AM, Can Guo wrote:

> > >> Current UFS IRQ handler is completely wrapped by host lock, and

> because

> > >> ufshcd_send_command() is also protected by host lock, when IRQ

> handler

> > >> fires, not only the CPU running the IRQ handler cannot send new

> > requests,

> > >> the rest CPUs can neither. Move the host lock wrapping the IRQ handler

> > into

> > >> specific branches, i.e., ufshcd_uic_cmd_compl(), ufshcd_check_errors(),

> > >> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to

> > further

> > >> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host

> lock

> > is

> > >> no longer required to call __ufshcd_transfer_req_compl(). As per test,

> the

> > >> optimization can bring considerable gain to random read/write

> > performance.

> > >

> >

> > > An additional question is whether it is necessary for v3.0 UFS devices

> > > to serialize the submission path against the completion path? Multiple

> > > high-performance SCSI LLDs support hardware with separate submission

> > and

> > > completion queues and hence do not need any serialization between the

> > > submission and the completion path. I'm asking this because it is likely

> > > that sooner or later multiqueue support will be added in the UFS

> > > specification. Benefiting from multiqueue support will require to rework

> > > locking in the UFS driver anyway.

> > >

> > Hi Bart,

> > No it's not necessary to serialize both the paths. I think this series

> > attempts to remove this serialization to a certain degree, which is

> > what's giving the performance improvement.

Btw, Is this performance improvement is on top of rq_affinity 2 or 1?

Thanks,
Avri

> >

> > Even if multiqueue support would be available in the future, I think

> > this change is apt now for the current available specification.

> I agree - this looks like the harbinger of a major change,

> And going further with respect of hw queues,

> will need the spec support - e.g. doorbell per lane, etc.

> 

> Thanks,

> Avri

> 

> > > Thanks,

> > >

> > > Bart.

> > >

> >

> >

> > Thanks,

> > -asd

> >

> > --

> > The Qualcomm Innovation Center, Inc. is a member of the Code Aurora

> > Forum,

> > Linux Foundation Collaborative Project

On Mon, 2021-05-24 at 01:36 -0700, Can Guo wrote:
> Current UFS IRQ handler is completely wrapped by host lock, and

> because

> 

> ufshcd_send_command() is also protected by host lock, when IRQ

> handler

> 

> fires, not only the CPU running the IRQ handler cannot send new

> requests,

> 

> the rest CPUs can neither. Move the host lock wrapping the IRQ

> handler into

> 

> specific branches, i.e., ufshcd_uic_cmd_compl(),

> ufshcd_check_errors(),

> 

> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to

> further

> 

> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host

> lock is

> 

> no longer required to call __ufshcd_transfer_req_compl(). As per

> test, the

> 

> optimization can bring considerable gain to random read/write

> performance.

> 

> 

> 

> Cc: Stanley Chu <stanley.chu@mediatek.com>

> 

> Co-developed-by: Asutosh Das <asutoshd@codeaurora.org>

> 

> Signed-off-by: Asutosh Das <asutoshd@codeaurora.org>

> 

> Signed-off-by: Can Guo <cang@codeaurora.org>


Can,
The patch looks good to me.
I did a UFS queue limitation test before, observed that once the queue
is full, then the active task number in the queue will get down. For
the Nvme, the scenario is the same. You can refer to the slide 23, and
slide 24 in the pdf:
https://elinux.org/images/6/6c/Linux_Storage_System_Bottleneck_Exploration_V0.3.pdf I don't know if your patch can fix this
issue.

Unfortunately, I cannot verify UTRLCNR usage flow since my platform is
v2.1. But at least my test can prove that the patch doesn't impact the
legacy(UFSHCI is less than v3.0) doorbell usage flow.

Reviewed-by: Bean Huo <beanhuo@micron.com>



Bean

Hi Bean,

On 2021-06-01 00:04, Bean Huo wrote:
> On Mon, 2021-05-24 at 01:36 -0700, Can Guo wrote:

>> Current UFS IRQ handler is completely wrapped by host lock, and

>> because

>> 

>> ufshcd_send_command() is also protected by host lock, when IRQ

>> handler

>> 

>> fires, not only the CPU running the IRQ handler cannot send new

>> requests,

>> 

>> the rest CPUs can neither. Move the host lock wrapping the IRQ

>> handler into

>> 

>> specific branches, i.e., ufshcd_uic_cmd_compl(),

>> ufshcd_check_errors(),

>> 

>> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to

>> further

>> 

>> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host

>> lock is

>> 

>> no longer required to call __ufshcd_transfer_req_compl(). As per

>> test, the

>> 

>> optimization can bring considerable gain to random read/write

>> performance.

>> 

>> 

>> 

>> Cc: Stanley Chu <stanley.chu@mediatek.com>

>> 

>> Co-developed-by: Asutosh Das <asutoshd@codeaurora.org>

>> 

>> Signed-off-by: Asutosh Das <asutoshd@codeaurora.org>

>> 

>> Signed-off-by: Can Guo <cang@codeaurora.org>

> 

> Can,

> The patch looks good to me.

> I did a UFS queue limitation test before, observed that once the queue

> is full, then the active task number in the queue will get down. For

> the Nvme, the scenario is the same. You can refer to the slide 23, and

> slide 24 in the pdf:

> https://elinux.org/images/6/6c/Linux_Storage_System_Bottleneck_Exploration_V0.3.pdf

> I don't know if your patch can fix this

> issue.


I've studied these slides made by you many times, it is really good.
I will do some study later on this. Thanks for the slides.

> 

> Unfortunately, I cannot verify UTRLCNR usage flow since my platform is

> v2.1. But at least my test can prove that the patch doesn't impact the

> legacy(UFSHCI is less than v3.0) doorbell usage flow.

> 


Thanks for your time :).

Regards,
Can Guo.

> Reviewed-by: Bean Huo <beanhuo@micron.com>

> 

> 

> Bean

On 5/28/2021 12:30 AM, Avri Altman wrote:
>>> Hi Bart,

>>> No it's not necessary to serialize both the paths. I think this series

>>> attempts to remove this serialization to a certain degree, which is

>>> what's giving the performance improvement.

> Btw, Is this performance improvement is on top of rq_affinity 2 or 1?

> 

It's on 1.

> Thanks,

> Avri

> 

>>>

>>> Even if multiqueue support would be available in the future, I think

>>> this change is apt now for the current available specification.

>> I agree - this looks like the harbinger of a major change,

>> And going further with respect of hw queues,

>> will need the spec support - e.g. doorbell per lane, etc.

>>

>> Thanks,

>> Avri

>>

>>>> Thanks,

>>>>

>>>> Bart.

>>>>

>>>

>>>

>>> Thanks,

>>> -asd

>>>

>>> --

>>> The Qualcomm Innovation Center, Inc. is a member of the Code Aurora

>>> Forum,

>>> Linux Foundation Collaborative Project



-- 
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
Linux Foundation Collaborative Project

On 5/31/21 9:04 AM, Bean Huo wrote:
> I did a UFS queue limitation test before, observed that once the

> queue is full, then the active task number in the queue will get

> down. For the Nvme, the scenario is the same. You can refer to the

> slide 23, and slide 24 in the pdf: 

> https://elinux.org/images/6/6c/Linux_Storage_System_Bottleneck_Exploration_V0.3.pdf

> I don't know if your patch can fix this issue.


Hi Bean,

That's a very interesting presentation. Unfortunately the overhead for
SCSI in that presentation includes the SCSI core + UFS driver. Given the
use of the host lock in the version of the UFS driver that was used to
prepare that presentation, the overhead introduced by the UFS driver may
be significant. Maybe someone should measure the overhead of the
scsi_debug driver and compare it with the NVMe loopback driver to get a
better idea of how the overhead of these two subsystems compare to each
other?

Bart.

Hi Can,

On Mon, 2021-05-24 at 01:36 -0700, Can Guo wrote:
> Current UFS IRQ handler is completely wrapped by host lock, and because

> ufshcd_send_command() is also protected by host lock, when IRQ handler

> fires, not only the CPU running the IRQ handler cannot send new requests,

> the rest CPUs can neither. Move the host lock wrapping the IRQ handler into

> specific branches, i.e., ufshcd_uic_cmd_compl(), ufshcd_check_errors(),

> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to further

> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host lock is

> no longer required to call __ufshcd_transfer_req_compl(). As per test, the

> optimization can bring considerable gain to random read/write performance.

> 

> Cc: Stanley Chu <stanley.chu@mediatek.com>

> Co-developed-by: Asutosh Das <asutoshd@codeaurora.org>

> Signed-off-by: Asutosh Das <asutoshd@codeaurora.org>

> Signed-off-by: Can Guo <cang@codeaurora.org>


According to my test, the performance indeed has impressive improvement
with this series!

Reviewed-by: Stanley Chu <stanley.chu@mediatek.com>





>  #endif

>  

>  	bool req_abort_skip;

> -	bool in_use;

>  };

>  

>  /**

Hi Stanley,

On 2021-06-03 10:54, Stanley Chu wrote:
> Hi Can,

> 

> On Mon, 2021-05-24 at 01:36 -0700, Can Guo wrote:

>> Current UFS IRQ handler is completely wrapped by host lock, and 

>> because

>> ufshcd_send_command() is also protected by host lock, when IRQ handler

>> fires, not only the CPU running the IRQ handler cannot send new 

>> requests,

>> the rest CPUs can neither. Move the host lock wrapping the IRQ handler 

>> into

>> specific branches, i.e., ufshcd_uic_cmd_compl(), 

>> ufshcd_check_errors(),

>> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to 

>> further

>> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host 

>> lock is

>> no longer required to call __ufshcd_transfer_req_compl(). As per test, 

>> the

>> optimization can bring considerable gain to random read/write 

>> performance.

>> 

>> Cc: Stanley Chu <stanley.chu@mediatek.com>

>> Co-developed-by: Asutosh Das <asutoshd@codeaurora.org>

>> Signed-off-by: Asutosh Das <asutoshd@codeaurora.org>

>> Signed-off-by: Can Guo <cang@codeaurora.org>

> 

> According to my test, the performance indeed has impressive improvement

> with this series!

> 


Thanks a lot for your time and review. :)

Regards,
Can Guo.

> Reviewed-by: Stanley Chu <stanley.chu@mediatek.com>

> 

> 

> 

> 

>>  #endif

>> 

>>  	bool req_abort_skip;

>> -	bool in_use;

>>  };

>> 

>>  /**

On Mon, May 24, 2021 at 07:25:57PM +0800, kernel test robot wrote:
> Hi Can,

> 

> Thank you for the patch! Perhaps something to improve:

> 

> [auto build test WARNING on mkp-scsi/for-next]

> [also build test WARNING on next-20210524]

> [cannot apply to scsi/for-next v5.13-rc3]

> [If your patch is applied to the wrong git tree, kindly drop us a note.

> And when submitting patch, we suggest to use '--base' as documented in

> https://git-scm.com/docs/git-format-patch]

> 

> url:    https://github.com/0day-ci/linux/commits/Can-Guo/Optimize-host-lock-on-TR-send-compl-paths-and-utilize-UTRLCNR/20210524-163847

> base:   https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git for-next

> config: arm64-randconfig-r011-20210524 (attached as .config)

> compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 93d1e5822ed64abd777eb94ea9899e96c4c39fbe)

> reproduce (this is a W=1 build):

>         wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross

>         chmod +x ~/bin/make.cross

>         # install arm64 cross compiling tool for clang build

>         # apt-get install binutils-aarch64-linux-gnu

>         # https://github.com/0day-ci/linux/commit/efe94162bf7973be4ed6496871b9bc9ea54e2819

>         git remote add linux-review https://github.com/0day-ci/linux

>         git fetch --no-tags linux-review Can-Guo/Optimize-host-lock-on-TR-send-compl-paths-and-utilize-UTRLCNR/20210524-163847

>         git checkout efe94162bf7973be4ed6496871b9bc9ea54e2819

>         # save the attached .config to linux build tree

>         COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm64 

> 

> If you fix the issue, kindly add following tag as appropriate

> Reported-by: kernel test robot <lkp@intel.com>

> 

> All warnings (new ones prefixed by >>):


Looks like this build warning never got taken care of before the patch
was accepted because I see it on next-20210608.

> >> drivers/scsi/ufs/ufshcd.c:2959:6: warning: variable 'lrbp' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]

>            if (unlikely(test_bit(tag, &hba->outstanding_reqs))) {

>                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>    include/linux/compiler.h:78:22: note: expanded from macro 'unlikely'

>    # define unlikely(x)    __builtin_expect(!!(x), 0)

>                            ^~~~~~~~~~~~~~~~~~~~~~~~~~

>    drivers/scsi/ufs/ufshcd.c:2981:32: note: uninitialized use occurs here

>                                        (struct utp_upiu_req *)lrbp->ucd_rsp_ptr);

>                                                               ^~~~

>    drivers/scsi/ufs/ufshcd.c:2959:2: note: remove the 'if' if its condition is always false

>            if (unlikely(test_bit(tag, &hba->outstanding_reqs))) {

>            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>    drivers/scsi/ufs/ufshcd.c:2939:25: note: initialize the variable 'lrbp' to silence this warning

>            struct ufshcd_lrb *lrbp;

>                                   ^

>                                    = NULL

>    1 warning generated.

> 

> 

> vim +2959 drivers/scsi/ufs/ufshcd.c

> 

>   2924	

>   2925	/**

>   2926	 * ufshcd_exec_dev_cmd - API for sending device management requests

>   2927	 * @hba: UFS hba

>   2928	 * @cmd_type: specifies the type (NOP, Query...)

>   2929	 * @timeout: time in seconds

>   2930	 *

>   2931	 * NOTE: Since there is only one available tag for device management commands,

>   2932	 * it is expected you hold the hba->dev_cmd.lock mutex.

>   2933	 */

>   2934	static int ufshcd_exec_dev_cmd(struct ufs_hba *hba,

>   2935			enum dev_cmd_type cmd_type, int timeout)

>   2936	{

>   2937		struct request_queue *q = hba->cmd_queue;

>   2938		struct request *req;

>   2939		struct ufshcd_lrb *lrbp;

>   2940		int err;

>   2941		int tag;

>   2942		struct completion wait;

>   2943	

>   2944		down_read(&hba->clk_scaling_lock);

>   2945	

>   2946		/*

>   2947		 * Get free slot, sleep if slots are unavailable.

>   2948		 * Even though we use wait_event() which sleeps indefinitely,

>   2949		 * the maximum wait time is bounded by SCSI request timeout.

>   2950		 */

>   2951		req = blk_get_request(q, REQ_OP_DRV_OUT, 0);

>   2952		if (IS_ERR(req)) {

>   2953			err = PTR_ERR(req);

>   2954			goto out_unlock;

>   2955		}

>   2956		tag = req->tag;

>   2957		WARN_ON_ONCE(!ufshcd_valid_tag(hba, tag));

>   2958	

> > 2959		if (unlikely(test_bit(tag, &hba->outstanding_reqs))) {

>   2960			err = -EBUSY;


Should this goto be adjusted to out_put_tag then drop the out label?

>   2961			goto out;

>   2962		}

>   2963	

>   2964		init_completion(&wait);

>   2965		lrbp = &hba->lrb[tag];

>   2966		WARN_ON(lrbp->cmd);

>   2967		err = ufshcd_compose_dev_cmd(hba, lrbp, cmd_type, tag);

>   2968		if (unlikely(err))

>   2969			goto out_put_tag;

>   2970	

>   2971		hba->dev_cmd.complete = &wait;

>   2972	

>   2973		ufshcd_add_query_upiu_trace(hba, UFS_QUERY_SEND, lrbp->ucd_req_ptr);

>   2974		/* Make sure descriptors are ready before ringing the doorbell */

>   2975		wmb();

>   2976	

>   2977		ufshcd_send_command(hba, tag);

>   2978		err = ufshcd_wait_for_dev_cmd(hba, lrbp, timeout);

>   2979	out:

>   2980		ufshcd_add_query_upiu_trace(hba, err ? UFS_QUERY_ERR : UFS_QUERY_COMP,

>   2981					    (struct utp_upiu_req *)lrbp->ucd_rsp_ptr);

>   2982	

>   2983	out_put_tag:

>   2984		blk_put_request(req);

>   2985	out_unlock:

>   2986		up_read(&hba->clk_scaling_lock);

>   2987		return err;

>   2988	}

>   2989	

> 

> ---

> 0-DAY CI Kernel Test Service, Intel Corporation

> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org


Cheers,
Nathan

Hi Nathan,

On 2021-06-09 01:53, Nathan Chancellor wrote:
> On Mon, May 24, 2021 at 07:25:57PM +0800, kernel test robot wrote:

>> Hi Can,

>> 

>> Thank you for the patch! Perhaps something to improve:

>> 

>> [auto build test WARNING on mkp-scsi/for-next]

>> [also build test WARNING on next-20210524]

>> [cannot apply to scsi/for-next v5.13-rc3]

>> [If your patch is applied to the wrong git tree, kindly drop us a 

>> note.

>> And when submitting patch, we suggest to use '--base' as documented in

>> https://git-scm.com/docs/git-format-patch]

>> 

>> url:    

>> https://github.com/0day-ci/linux/commits/Can-Guo/Optimize-host-lock-on-TR-send-compl-paths-and-utilize-UTRLCNR/20210524-163847

>> base:   https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git 

>> for-next

>> config: arm64-randconfig-r011-20210524 (attached as .config)

>> compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 

>> 93d1e5822ed64abd777eb94ea9899e96c4c39fbe)

>> reproduce (this is a W=1 build):

>>         wget 

>> https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross 

>> -O ~/bin/make.cross

>>         chmod +x ~/bin/make.cross

>>         # install arm64 cross compiling tool for clang build

>>         # apt-get install binutils-aarch64-linux-gnu

>>         # 

>> https://github.com/0day-ci/linux/commit/efe94162bf7973be4ed6496871b9bc9ea54e2819

>>         git remote add linux-review https://github.com/0day-ci/linux

>>         git fetch --no-tags linux-review 

>> Can-Guo/Optimize-host-lock-on-TR-send-compl-paths-and-utilize-UTRLCNR/20210524-163847

>>         git checkout efe94162bf7973be4ed6496871b9bc9ea54e2819

>>         # save the attached .config to linux build tree

>>         COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross 

>> ARCH=arm64

>> 

>> If you fix the issue, kindly add following tag as appropriate

>> Reported-by: kernel test robot <lkp@intel.com>

>> 

>> All warnings (new ones prefixed by >>):

> 

> Looks like this build warning never got taken care of before the patch

> was accepted because I see it on next-20210608.


I am not aware of that it has already accepted to 5.14/scsi-staging.
I will fix it with a new patch.

> 

>> >> drivers/scsi/ufs/ufshcd.c:2959:6: warning: variable 'lrbp' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]

>>            if (unlikely(test_bit(tag, &hba->outstanding_reqs))) {

>>                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>>    include/linux/compiler.h:78:22: note: expanded from macro 

>> 'unlikely'

>>    # define unlikely(x)    __builtin_expect(!!(x), 0)

>>                            ^~~~~~~~~~~~~~~~~~~~~~~~~~

>>    drivers/scsi/ufs/ufshcd.c:2981:32: note: uninitialized use occurs 

>> here

>>                                        (struct utp_upiu_req 

>> *)lrbp->ucd_rsp_ptr);

>>                                                               ^~~~

>>    drivers/scsi/ufs/ufshcd.c:2959:2: note: remove the 'if' if its 

>> condition is always false

>>            if (unlikely(test_bit(tag, &hba->outstanding_reqs))) {

>>            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>>    drivers/scsi/ufs/ufshcd.c:2939:25: note: initialize the variable 

>> 'lrbp' to silence this warning

>>            struct ufshcd_lrb *lrbp;

>>                                   ^

>>                                    = NULL

>>    1 warning generated.

>> 

>> 

>> vim +2959 drivers/scsi/ufs/ufshcd.c

>> 

>>   2924

>>   2925	/**

>>   2926	 * ufshcd_exec_dev_cmd - API for sending device management 

>> requests

>>   2927	 * @hba: UFS hba

>>   2928	 * @cmd_type: specifies the type (NOP, Query...)

>>   2929	 * @timeout: time in seconds

>>   2930	 *

>>   2931	 * NOTE: Since there is only one available tag for device 

>> management commands,

>>   2932	 * it is expected you hold the hba->dev_cmd.lock mutex.

>>   2933	 */

>>   2934	static int ufshcd_exec_dev_cmd(struct ufs_hba *hba,

>>   2935			enum dev_cmd_type cmd_type, int timeout)

>>   2936	{

>>   2937		struct request_queue *q = hba->cmd_queue;

>>   2938		struct request *req;

>>   2939		struct ufshcd_lrb *lrbp;

>>   2940		int err;

>>   2941		int tag;

>>   2942		struct completion wait;

>>   2943

>>   2944		down_read(&hba->clk_scaling_lock);

>>   2945

>>   2946		/*

>>   2947		 * Get free slot, sleep if slots are unavailable.

>>   2948		 * Even though we use wait_event() which sleeps indefinitely,

>>   2949		 * the maximum wait time is bounded by SCSI request timeout.

>>   2950		 */

>>   2951		req = blk_get_request(q, REQ_OP_DRV_OUT, 0);

>>   2952		if (IS_ERR(req)) {

>>   2953			err = PTR_ERR(req);

>>   2954			goto out_unlock;

>>   2955		}

>>   2956		tag = req->tag;

>>   2957		WARN_ON_ONCE(!ufshcd_valid_tag(hba, tag));

>>   2958

>> > 2959		if (unlikely(test_bit(tag, &hba->outstanding_reqs))) {

>>   2960			err = -EBUSY;

> 

> Should this goto be adjusted to out_put_tag then drop the out label?


Right, will fix it with a new change.

Thanks,
Can Guo.

> 

>>   2961			goto out;

>>   2962		}

>>   2963

>>   2964		init_completion(&wait);

>>   2965		lrbp = &hba->lrb[tag];

>>   2966		WARN_ON(lrbp->cmd);

>>   2967		err = ufshcd_compose_dev_cmd(hba, lrbp, cmd_type, tag);

>>   2968		if (unlikely(err))

>>   2969			goto out_put_tag;

>>   2970

>>   2971		hba->dev_cmd.complete = &wait;

>>   2972

>>   2973		ufshcd_add_query_upiu_trace(hba, UFS_QUERY_SEND, 

>> lrbp->ucd_req_ptr);

>>   2974		/* Make sure descriptors are ready before ringing the doorbell 

>> */

>>   2975		wmb();

>>   2976

>>   2977		ufshcd_send_command(hba, tag);

>>   2978		err = ufshcd_wait_for_dev_cmd(hba, lrbp, timeout);

>>   2979	out:

>>   2980		ufshcd_add_query_upiu_trace(hba, err ? UFS_QUERY_ERR : 

>> UFS_QUERY_COMP,

>>   2981					    (struct utp_upiu_req *)lrbp->ucd_rsp_ptr);

>>   2982

>>   2983	out_put_tag:

>>   2984		blk_put_request(req);

>>   2985	out_unlock:

>>   2986		up_read(&hba->clk_scaling_lock);

>>   2987		return err;

>>   2988	}

>>   2989

>> 

>> ---

>> 0-DAY CI Kernel Test Service, Intel Corporation

>> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

> 

> Cheers,

> Nathan

On 5/24/21 1:36 AM, Can Guo wrote:
> @@ -2688,6 +2705,43 @@ static int ufshcd_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *cmd)

> +	case UFSHCD_STATE_EH_SCHEDULED_FATAL:

> +		/*

> +		 * pm_runtime_get_sync() is used at error handling preparation

> +		 * stage. If a scsi cmd, e.g. the SSU cmd, is sent from hba's

> +		 * PM ops, it can never be finished if we let SCSI layer keep

> +		 * retrying it, which gets err handler stuck forever. Neither

> +		 * can we let the scsi cmd pass through, because UFS is in bad

> +		 * state, the scsi cmd may eventually time out, which will get

> +		 * err handler blocked for too long. So, just fail the scsi cmd

> +		 * sent from PM ops, err handler can recover PM error anyways.

> +		 */

> +		if (hba->pm_op_in_progress) {

> +			hba->force_reset = true;

> +			set_host_byte(cmd, DID_BAD_TARGET);

> +			cmd->scsi_done(cmd);

> +			goto out;

> +		}

> +		fallthrough;


Hi Can,

I know that this patch only moves the above code and that the above code
has not been introduced by this patch. Anyway, is my understanding
correct that ufshcd_err_handler() can change the host controller state
from UFSHCD_STATE_EH_SCHEDULED_FATAL into UFSHCD_STATE_RESET and next
into UFSHCD_STATE_OPERATIONAL? If so, if the above code completes a READ
with status DID_BAD_TARGET and if recovery by the error handler
succeeds, will that cause the filesystem above the UFS driver to change
into read-only mode? If the above code completes a WRITE with status
DID_BAD_TARGET, will that cause data corruption? Is there any other
solution to prevent data corruption than merging the
UFSHCD_STATE_EH_SCHEDULED_FATAL and UFSHCD_STATE_EH_SCHEDULED_NON_FATAL
back into a single state and changing the ufshcd_rpm_get_sync(hba) call
in ufshcd_err_handling_prepare() into a pm_runtime_get_noresume() call?

Thanks,

Bart.

Hi Bart,

On 2021-06-17 10:49, Bart Van Assche wrote:
> On 5/24/21 1:36 AM, Can Guo wrote:

>> @@ -2688,6 +2705,43 @@ static int ufshcd_queuecommand(struct Scsi_Host 

>> *host, struct scsi_cmnd *cmd)

>> +	case UFSHCD_STATE_EH_SCHEDULED_FATAL:

>> +		/*

>> +		 * pm_runtime_get_sync() is used at error handling preparation

>> +		 * stage. If a scsi cmd, e.g. the SSU cmd, is sent from hba's

>> +		 * PM ops, it can never be finished if we let SCSI layer keep

>> +		 * retrying it, which gets err handler stuck forever. Neither

>> +		 * can we let the scsi cmd pass through, because UFS is in bad

>> +		 * state, the scsi cmd may eventually time out, which will get

>> +		 * err handler blocked for too long. So, just fail the scsi cmd

>> +		 * sent from PM ops, err handler can recover PM error anyways.

>> +		 */

>> +		if (hba->pm_op_in_progress) {

>> +			hba->force_reset = true;

>> +			set_host_byte(cmd, DID_BAD_TARGET);

>> +			cmd->scsi_done(cmd);

>> +			goto out;

>> +		}

>> +		fallthrough;

> 

> Hi Can,

> 

> I know that this patch only moves the above code and that the above 

> code

> has not been introduced by this patch. Anyway, is my understanding

> correct that ufshcd_err_handler() can change the host controller state

> from UFSHCD_STATE_EH_SCHEDULED_FATAL into UFSHCD_STATE_RESET and next

> into UFSHCD_STATE_OPERATIONAL? If so, if the above code completes a 

> READ

> with status DID_BAD_TARGET and if recovery by the error handler

> succeeds, will that cause the filesystem above the UFS driver to change

> into read-only mode? If the above code completes a WRITE with status

> DID_BAD_TARGET, will that cause data corruption? Is there any other

> solution to prevent data corruption than merging the

> UFSHCD_STATE_EH_SCHEDULED_FATAL and UFSHCD_STATE_EH_SCHEDULED_NON_FATAL

> back into a single state and changing the ufshcd_rpm_get_sync(hba) call

> in ufshcd_err_handling_prepare() into a pm_runtime_get_noresume() call?

> 


Here, when hba->pm_op_in_progress is true, there cannot be READ or WRITE
command since hba is resuming or suspending. When fatal erorr happens, 
the
DID_BAD_TARGET above is intend to let the SSU (or whatever PM requests
blocking suspend/resume) fail fast (neither returning HOST_BUSY nor 
letting
the cmd pass through can achieve such purpose), so that error handling 
prepare
won't get stuck [1] when it calls

lock_system_sleep()
runtime_pm_get_sync()

The reason why I split UFSHCD_STATE_EH_SCHEDULED to 
UFSHCD_STATE_EH_SCHEDULED_FATAL
and UFSHCD_STATE_EH_SCHEDULED_NON_FATAL is that

1. For non-fatal errors, HW can recover by itself, so when host state is
UFSHCD_STATE_EH_SCHEDULED_NON_FATAL, cmd can still passthrough.

2. When non-fatal error (LINE-RESET for example) happens, error handler 
only
needs to do a power mode transition without a full reset. If we only 
have one
state, returning HOST_BUSY will get error handling prepare stuck [1], 
while
fast failing SSU cmds shall make error handler do a full reset (which 
goes
too far for non-fatal errors).

Thanks,

Can Guo.

> Thanks,

> 

> Bart.

On 5/24/21 1:36 AM, Can Guo wrote:
> Current UFS IRQ handler is completely wrapped by host lock, and because

> ufshcd_send_command() is also protected by host lock, when IRQ handler

> fires, not only the CPU running the IRQ handler cannot send new requests,

> the rest CPUs can neither. Move the host lock wrapping the IRQ handler into

> specific branches, i.e., ufshcd_uic_cmd_compl(), ufshcd_check_errors(),

> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to further

> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host lock is

> no longer required to call __ufshcd_transfer_req_compl(). As per test, the

> optimization can bring considerable gain to random read/write performance.


Hi Can,

Since this patch has been applied on the AOSP kernel we see 100%
reproducible lockups appearing on multiple test setups. Examples of call
traces:

blk_execute_rq()
__scsi_execute()
sd_sync_cache()
sd_suspend_common()
sd_suspend_system()
scsi_bus_suspend()
__device_suspend()

blk_execute_rq()
__scsi_execute()
ufshcd_clear_ua_wlun()
ufshcd_err_handling_unprepare()
ufshcd_err_handler()
process_one_work()

Reverting this patch and the next patch from this series solved the
lockups. Do you prefer to revert this patch or do you perhaps want us to
test a potential fix?

Thanks,

Bart.

On 2021-06-29 06:58, Bart Van Assche wrote:
> On 5/24/21 1:36 AM, Can Guo wrote:

>> Current UFS IRQ handler is completely wrapped by host lock, and 

>> because

>> ufshcd_send_command() is also protected by host lock, when IRQ handler

>> fires, not only the CPU running the IRQ handler cannot send new 

>> requests,

>> the rest CPUs can neither. Move the host lock wrapping the IRQ handler 

>> into

>> specific branches, i.e., ufshcd_uic_cmd_compl(), 

>> ufshcd_check_errors(),

>> ufshcd_tmc_handler() and ufshcd_transfer_req_compl(). Meanwhile, to 

>> further

>> reduce occpuation of host lock in ufshcd_transfer_req_compl(), host 

>> lock is

>> no longer required to call __ufshcd_transfer_req_compl(). As per test, 

>> the

>> optimization can bring considerable gain to random read/write 

>> performance.

> 

> Hi Can,

> 

> Since this patch has been applied on the AOSP kernel we see 100%

> reproducible lockups appearing on multiple test setups. Examples of 

> call

> traces:

> 

> blk_execute_rq()

> __scsi_execute()

> sd_sync_cache()

> sd_suspend_common()

> sd_suspend_system()

> scsi_bus_suspend()

> __device_suspend()

> 

> blk_execute_rq()

> __scsi_execute()

> ufshcd_clear_ua_wlun()

> ufshcd_err_handling_unprepare()

> ufshcd_err_handler()

> process_one_work()

> 

> Reverting this patch and the next patch from this series solved the

> lockups. Do you prefer to revert this patch or do you perhaps want us 

> to

> test a potential fix?

> 


Hi Bart,

I am waiting for more infos/logs/dumps on Buganizor to look into it.
With above calltrace snippet, it is hard to figure out what is 
happening.
Besides, we've tested this series before go upstream and we didn't
see such problem.

Thanks,

Can Guo.

> Thanks,

> 

> Bart.

On 6/28/21 10:41 PM, Can Guo wrote:
> I am waiting for more infos/logs/dumps on Buganizor to look into it.

> With above calltrace snippet, it is hard to figure out what is happening.

> Besides, we've tested this series before go upstream and we didn't

> see such problem.


Hi Can,

Jaegeuk has posted a fix as you may have noticed.

Thanks,

Bart.