Deadlock demo in acquireShards #5824
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pretty clearly a flawed construct.
```
❯ go test -v -test.run TestDeadlock ./service/history/shard
=== RUN TestDeadlock
controller_test.go:193: time remaining: 9m59.498006333s, avg runtime: 499.157614ms, longest: 501.214333ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m58.954002708s, avg runtime: 542.559293ms, longest: 543.647833ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m58.434399375s, avg runtime: 518.730977ms, longest: 519.447708ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m57.905938917s, avg runtime: 527.407791ms, longest: 528.353042ms, successes: 100, fails: 0
...
controller_test.go:193: time remaining: 9m50.650997167s, avg runtime: 498.004745ms, longest: 499.985292ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m50.172357417s, avg runtime: 477.521516ms, longest: 478.509375ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m49.658607167s, avg runtime: 512.926921ms, longest: 513.583542ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m49.151183708s, avg runtime: 504.016801ms, longest: 507.16975ms, successes: 100, fails: 0
controller_test.go:193: time remaining: 9m48.671873833s, avg runtime: 478.087117ms, longest: 479.052208ms, successes: 100, fails: 0
controller_test.go:147: took too long
controller_test.go:193: time remaining: 9m38.669626958s, avg runtime: 542.430156ms, longest: 544.350417ms, successes: 99, fails: 1
```
Groxx
added a commit
that referenced
this pull request
Mar 29, 2024
Fixing the deadlock demonstrated in #5824. I decided to move the channel-writing entirely before consuming so it's a bit more accidental-change-resistant: some kinds of simple incorrect changes will lead to an _immediate_ deadlock every time, rather than a random chance of one. And if someone _does_ want to move it after and go back to a smaller buffer, more code will have to be changed, so hopefully people will pay more attention to the concurrency risks involved. More generally, the atomic shutdown stuff is _highly_ prone to causing this kind of error because there's no way to wait on it safely, and I would really love for us to get rid of it.
|
closing as this is not intended to be merged |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Demo for #5823, for a flawed construct from the combination of #2888 (concurrently acquire shards) and #3134 (handle shutdown).
It's pretty obviously incorrect:
A cause-sequence that leads to this, starting from a full work channel:
The fix is rather easy: buffer correctly, so the acquire thread cannot fail to notice the shutdown.
Then the test runs like:
goroutine-swapping and atomics add up a fair bit in these micro-benchmarks - it's >20x faster. that's inconsequential in the real code though.