owned this note
owned this note
Published
Linked with GitHub
# Lighthouse Deadlock: Rayon & RwLock
There is a possible deadlock between these two processes in Lighthouse:
1. `BeaconChain::on_block`, specifically the call to [`fork_choice.on_block`](https://github.com/sigp/lighthouse/blob/2bc9115a94bfcf1269f83f0a9e7a1321b2a7f70c/beacon_node/beacon_chain/src/beacon_chain.rs#L1500-L1502).
1. `rest_api::validator::publish_attestations`, specifically the [parallel attestation verification routine](https://github.com/sigp/lighthouse/blob/2bc9115a94bfcf1269f83f0a9e7a1321b2a7f70c/beacon_node/rest_api/src/validator.rs#L476-L489).
Whist the cause of the deadlock is not immediately clear, it's due to our use of `rayon` and `RwLock`. First I'll describe this type of deadlock in general, then I'll go into it in detail.
### The deadlock in general
*Note: there's an existing description of the lock here: https://github.com/rayon-rs/rayon/issues/592*
- Related issue on the rayon repo:
The `rayon` library allows us to write code like this:
```rust
use rayon::prelude::*;
let a = vec![0, 1, 3];
let a_doubled = a.par_iter().map(|x| *x * 2).collect();
```
What happens here is rayon magically maintains a long-lived (i.e., `static`) pool of `n` threads, where `n` defaults to the number of CPUs. When you run `collect` on the iter from `into_par_iter`, each element of the iter is (maybe) processed on a different one of those threads in the rayon pool.
Part of the magic of `rayon` is that it completely hides the threadpool and the workers. Hidden in this magic is the ability to accidentally hold a mutex whilst relying on a finite set of workers to complete tasks which might also access the mutex you are holding. In detail:
1. There is a `t1` thread holding a write-lock on `shared`, waiting for some rayon tasks to complete.
1. There is a `t2` thread spawning multiple rayon tasks, each of which try to obtain a read-lock on `shared`.
If the tasks spawned by `t2` equal the number of worker threads, then all threads will be blocked waiting on `t1` to drop the write lock. If `t1` is unable to obtain any workers to complete the par_iter, it will never drop the write lock. The program is locked.
You can see a working (non-deterministic) example of this condition here:
https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=af0f6ad314b983ce132b24272be1431d
## The deadlock in Lighthouse
Looking at some `gdb` backtraces from a locked node, we can identify two functions which together are sufficient to trigger the lock:
### 1. Waiting for tasks to complete, whilst holding a `beacon_chain.fork_choice` write lock
```
Thread 35 (Thread 0x7ff7e91e4700 (LWP 17935)):
#0 0x00007ff887066277 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1 0x0000558e5c7fde37 in rayon_core::latch::LockLatch::wait_and_reset ()
#2 0x0000558e5c6b56a8 in std::thread::local::LocalKey<T>::with ()
#3 0x0000558e5c6a24a4 in rayon_core::registry::in_worker ()
#4 0x0000558e5c69d7ac in rayon::iter::plumbing::bridge_producer_consumer::helper ()
#5 0x0000558e5c69cf56 in <rayon::iter::plumbing::bridge::Callback<C> as rayon::iter::plumbing::ProducerCallback<I>>::callback ()
#6 0x0000558e5c6af128 in <rayon::iter::while_some::WhileSome<I> as rayon::iter::ParallelIterator>::drive_unindexed ()
#7 0x0000558e5c6a56ef in rayon::iter::collect::<impl rayon::iter::ParallelExtend<T> for alloc::vec::Vec<T>>::par_extend ()
#8 0x0000558e5c6ae3ec in rayon::iter::ParallelIterator::collect ()
#9 0x0000558e5c6bd0ce in types::beacon_state::tree_hash_cache::ValidatorsListTreeHashCache::recalculate_tree_hash_root ()
#10 0x0000558e5b720dac in types::beacon_state::tree_hash_cache::BeaconTreeHashCache<T>::recalculate_tree_hash_root ()
#11 0x0000558e5b2b437b in types::beacon_state::BeaconState<T>::update_tree_hash_cache ()
#12 0x0000558e5b616c56 in state_processing::per_slot_processing::per_slot_processing ()
#13 0x0000558e5b29bf4f in store::hot_cold_store::HotColdDB<E,Hot,Cold>::replay_blocks ()
#14 0x0000558e5b2a0335 in store::hot_cold_store::HotColdDB<E,Hot,Cold>::load_hot_state ()
#15 0x0000558e5b2a9bf2 in store::hot_cold_store::HotColdDB<E,Hot,Cold>::get_state ()
#16 0x0000558e5b88f7ec in <beacon_chain::beacon_fork_choice_store::BeaconForkChoiceStore<E,Hot,Cold> as fork_choice::fork_choice_store::ForkChoiceStore<E>>::set_justified_checkpoint ()
#17 0x0000558e5b2fb6a5 in fork_choice::fork_choice::ForkChoice<T,E>::on_block ()
#18 0x0000558e5b91b0db in beacon_chain::beacon_chain::BeaconChain<T>::import_block ()
#19 0x0000558e5b91e27a in beacon_chain::beacon_chain::BeaconChain<T>::process_block ()
#20 0x0000558e5b72b411 in network::beacon_processor::worker::Worker<T>::process_gossip_block ()
#21 0x0000558e5b4174e9 in <tokio::runtime::blocking::task::BlockingTask<T> as core::future::future::Future>::poll ()
#22 0x0000558e5b0d0f74 in <std::panic::AssertUnwindSafe<F> as core::ops::function::FnOnce<()>>::call_once ()
#23 0x0000558e5b05d249 in tokio::runtime::task::harness::Harness<T,S>::poll ()
#24 0x0000558e5c532b27 in tokio::runtime::blocking::pool::Inner::run ()
#25 0x0000558e5c538db8 in tokio::runtime::context::enter ()
#26 0x0000558e5c537ccf in std::sys_common::backtrace::__rust_begin_short_backtrace ()
#27 0x0000558e5c540c42 in core::ops::function::FnOnce::call_once{{vtable-shim}} ()
#28 0x0000558e5c8cfeca in <alloc::boxed::Box<F> as core::ops::function::FnOnce<A>>::call_once () at /rustc/d3fb005a39e62501b8b0b356166e515ae24e2e54/src/liballoc/boxed.rs:1076
#29 <alloc::boxed::Box<F> as core::ops::function::FnOnce<A>>::call_once () at /rustc/d3fb005a39e62501b8b0b356166e515ae24e2e54/src/liballoc/boxed.rs:1076
#30 std::sys::unix::thread::Thread::new::thread_start () at src/libstd/sys/unix/thread.rs:87
#31 0x00007ff88706040b in start_thread () from /lib64/libpthread.so.0
#32 0x00007ff886b84e7f in clone () from /lib64/libc.so.6
```
It's not visible in this trace, but there is a `RwLock::write` being obtained on `beacon_chain.fork_choice` between `#18` and `#17` and we're holding that lock until we can complete all the hashing in `tree_hash_cache::ValidatorsListTreeHashCache::recalculate_tree_hash_root ()`.
### 2. Spawning tasks which read `beacon_chain.fork_choice`
```
Thread 527 (Thread 0x7f4cf7283700 (LWP 13082)):
#0 0x00007f4dc650abf9 in syscall () from /lib64/libc.so.6
#1 0x00005570edcf6de9 in parking_lot::raw_rwlock::RawRwLock::lock_shared_slow ()
#2 0x00005570ecd48e91 in beacon_chain::attestation_verification::VerifiedUnaggregatedAttestation<T>::verify ()
#3 0x00005570ece34eb7 in beacon_chain::beacon_chain::BeaconChain<T>::verify_unaggregated_attestation_for_gossip ()
#4 0x00005570ec81cf69 in core::ops::function::impls::<impl core::ops::function::FnMut<A> for &F>::call_mut ()
#5 0x00005570ec77f941 in rayon::iter::plumbing::Folder::consume_iter ()
#6 0x00005570ec834916 in rayon::iter::plumbing::bridge_producer_consumer::helper ()
#7 0x00005570ecf33152 in <rayon::vec::IntoIter<T> as rayon::iter::IndexedParallelIterator>::with_producer ()
#8 0x00005570ec9b67db in rayon::iter::collect::special_extend ()
#9 0x00005570ecb5e97a in rayon::iter::collect::<impl rayon::iter::ParallelExtend<T> for alloc::vec::Vec<T>>::par_extend ()
#10 0x00005570ec86ee90 in rest_api::validator::publish_attestations ()
#11 0x00005570ec90856a in <tokio::runtime::blocking::task::BlockingTask<T> as core::future::future::Future>::poll ()
#12 0x00005570ec5cc9db in <std::panic::AssertUnwindSafe<F> as core::ops::function::FnOnce<()>>::call_once ()
#13 0x00005570ec56c7de in tokio::runtime::task::harness::Harness<T,S>::poll ()
#14 0x00005570eda22b27 in tokio::runtime::blocking::pool::Inner::run ()
#15 0x00005570eda28db8 in tokio::runtime::context::enter ()
#16 0x00005570eda27ccf in std::sys_common::backtrace::__rust_begin_short_backtrace ()
#17 0x00005570eda30c42 in core::ops::function::FnOnce::call_once{{vtable-shim}} ()
#18 0x00005570eddbfeca in <alloc::boxed::Box<F> as core::ops::function::FnOnce<A>>::call_once ()
at /rustc/d3fb005a39e62501b8b0b356166e515ae24e2e54/src/liballoc/boxed.rs:1076
#19 <alloc::boxed::Box<F> as core::ops::function::FnOnce<A>>::call_once () at /rustc/d3fb005a39e62501b8b0b356166e515ae24e2e54/src/liballoc/boxed.rs:1076
#20 std::sys::unix::thread::Thread::new::thread_start () at src/libstd/sys/unix/thread.rs:87
#21 0x00007f4dc69eb40b in start_thread () from /lib64/libpthread.so.0
#22 0x00007f4dc650fe7f in clone () from /lib64/libc.so.6
```
It's also not visible in this task but, there is a call to `beacon_chain.fork_choice.read()` inside `VerifiedUnaggregatedAttestation<T>::verify ()`.
### A concrete example
Here are the two entry points where this can happen in Lighthouse:
1. `BeaconChain::on_block`, specifically the call to [`fork_choice.on_block`](https://github.com/sigp/lighthouse/blob/2bc9115a94bfcf1269f83f0a9e7a1321b2a7f70c/beacon_node/beacon_chain/src/beacon_chain.rs#L1500-L1502).
1. `rest_api::validator::publish_attestations`, specifically the [parallel attestation verification routine](https://github.com/sigp/lighthouse/blob/2bc9115a94bfcf1269f83f0a9e7a1321b2a7f70c/beacon_node/rest_api/src/validator.rs#L476-L489).
In (1) we're holding `beacon_chain.fork_choice.write()` whilst we do a bunch of tree hashing in rayon. In (2), we're spawning lots of attestation processing in rayon threads which require a `beacon_chain.fork_choice.read()`. If we happen to spawn `n` (num cpus) tasks from (2), they'll all get blocked waiting for a read-lock and then there will be no workers left to complete the hashing that would cause the write-lock to be dropped. A deadlock!
Google Drive
Gist
Clipboard
Sign in with Wallet
