From: Peter Zijlstra <peterz@infradead.org>
To: Byungchul Park <byungchul.park@lge.com>
Cc: mingo@kernel.org, tglx@linutronix.de, walken@google.com,
boqun.feng@gmail.com, kirill@shutemov.name,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
akpm@linux-foundation.org, willy@infradead.org,
npiggin@gmail.com, kernel-team@lge.com
Subject: Re: [PATCH v7 06/16] lockdep: Detect and handle hist_lock ring buffer overwrite
Date: Tue, 11 Jul 2017 18:12:32 +0200 [thread overview]
Message-ID: <20170711161232.GB28975@worktop> (raw)
In-Reply-To: <1495616389-29772-7-git-send-email-byungchul.park@lge.com>
ARGH!!! please, if there are known holes in patches, put a comment in.
I now had to independently discover this problem during review of the
last patch.
On Wed, May 24, 2017 at 05:59:39PM +0900, Byungchul Park wrote:
> The ring buffer can be overwritten by hardirq/softirq/work contexts.
> That cases must be considered on rollback or commit. For example,
>
> |<------ hist_lock ring buffer size ----->|
> ppppppppppppiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii
> wrapped > iiiiiiiiiiiiiiiiiiiiiii....................
>
> where 'p' represents an acquisition in process context,
> 'i' represents an acquisition in irq context.
>
> On irq exit, crossrelease tries to rollback idx to original position,
> but it should not because the entry already has been invalid by
> overwriting 'i'. Avoid rollback or commit for entries overwritten.
>
> Signed-off-by: Byungchul Park <byungchul.park@lge.com>
> ---
> include/linux/lockdep.h | 20 +++++++++++
> include/linux/sched.h | 4 +++
> kernel/locking/lockdep.c | 92 +++++++++++++++++++++++++++++++++++++++++-------
> 3 files changed, 104 insertions(+), 12 deletions(-)
>
> diff --git a/include/linux/lockdep.h b/include/linux/lockdep.h
> index d531097..a03f79d 100644
> --- a/include/linux/lockdep.h
> +++ b/include/linux/lockdep.h
> @@ -284,6 +284,26 @@ struct held_lock {
> */
> struct hist_lock {
> /*
> + * Id for each entry in the ring buffer. This is used to
> + * decide whether the ring buffer was overwritten or not.
> + *
> + * For example,
> + *
> + * |<----------- hist_lock ring buffer size ------->|
> + * pppppppppppppppppppppiiiiiiiiiiiiiiiiiiiiiiiiiiiii
> + * wrapped > iiiiiiiiiiiiiiiiiiiiiiiiiii.......................
> + *
> + * where 'p' represents an acquisition in process
> + * context, 'i' represents an acquisition in irq
> + * context.
> + *
> + * In this example, the ring buffer was overwritten by
> + * acquisitions in irq context, that should be detected on
> + * rollback or commit.
> + */
> + unsigned int hist_id;
> +
> + /*
> * Seperate stack_trace data. This will be used at commit step.
> */
> struct stack_trace trace;
> diff --git a/include/linux/sched.h b/include/linux/sched.h
> index 5f6d6f4..9e1437c 100644
> --- a/include/linux/sched.h
> +++ b/include/linux/sched.h
> @@ -1756,6 +1756,10 @@ struct task_struct {
> unsigned int xhlock_idx_soft; /* For restoring at softirq exit */
> unsigned int xhlock_idx_hard; /* For restoring at hardirq exit */
> unsigned int xhlock_idx_work; /* For restoring at work exit */
> + unsigned int hist_id;
> + unsigned int hist_id_soft; /* For overwrite check at softirq exit */
> + unsigned int hist_id_hard; /* For overwrite check at hardirq exit */
> + unsigned int hist_id_work; /* For overwrite check at work exit */
> #endif
> #ifdef CONFIG_UBSAN
> unsigned int in_ubsan;
Right, like I wrote in the comment; I don't think you need quite this
much.
The problem only happens if you rewind more than MAX_XHLOCKS_NR;
although I realize it can be an accumulative rewind, which makes it
slightly more tricky.
We can either make the rewind more expensive and make xhlock_valid()
false for each rewound entry; or we can keep the max_idx and account
from there. If we rewind >= MAX_XHLOCKS_NR from the max_idx we need to
invalidate the entire state, which we can do by invaliding
xhlock_valid() or by re-introduction of the hist_gen_id. When we
invalidate the entire state, we can also clear the max_idx.
Given that rewinding _that_ far should be fairly rare (do we have
numbers?) simply iterating the entire thing and setting
xhlock->hlock.instance = NULL, should work I think.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Peter Zijlstra <peterz@infradead.org>
To: Byungchul Park <byungchul.park@lge.com>
Cc: mingo@kernel.org, tglx@linutronix.de, walken@google.com,
boqun.feng@gmail.com, kirill@shutemov.name,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
akpm@linux-foundation.org, willy@infradead.org,
npiggin@gmail.com, kernel-team@lge.com
Subject: Re: [PATCH v7 06/16] lockdep: Detect and handle hist_lock ring buffer overwrite
Date: Tue, 11 Jul 2017 18:12:32 +0200 [thread overview]
Message-ID: <20170711161232.GB28975@worktop> (raw)
In-Reply-To: <1495616389-29772-7-git-send-email-byungchul.park@lge.com>
ARGH!!! please, if there are known holes in patches, put a comment in.
I now had to independently discover this problem during review of the
last patch.
On Wed, May 24, 2017 at 05:59:39PM +0900, Byungchul Park wrote:
> The ring buffer can be overwritten by hardirq/softirq/work contexts.
> That cases must be considered on rollback or commit. For example,
>
> |<------ hist_lock ring buffer size ----->|
> ppppppppppppiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii
> wrapped > iiiiiiiiiiiiiiiiiiiiiii....................
>
> where 'p' represents an acquisition in process context,
> 'i' represents an acquisition in irq context.
>
> On irq exit, crossrelease tries to rollback idx to original position,
> but it should not because the entry already has been invalid by
> overwriting 'i'. Avoid rollback or commit for entries overwritten.
>
> Signed-off-by: Byungchul Park <byungchul.park@lge.com>
> ---
> include/linux/lockdep.h | 20 +++++++++++
> include/linux/sched.h | 4 +++
> kernel/locking/lockdep.c | 92 +++++++++++++++++++++++++++++++++++++++++-------
> 3 files changed, 104 insertions(+), 12 deletions(-)
>
> diff --git a/include/linux/lockdep.h b/include/linux/lockdep.h
> index d531097..a03f79d 100644
> --- a/include/linux/lockdep.h
> +++ b/include/linux/lockdep.h
> @@ -284,6 +284,26 @@ struct held_lock {
> */
> struct hist_lock {
> /*
> + * Id for each entry in the ring buffer. This is used to
> + * decide whether the ring buffer was overwritten or not.
> + *
> + * For example,
> + *
> + * |<----------- hist_lock ring buffer size ------->|
> + * pppppppppppppppppppppiiiiiiiiiiiiiiiiiiiiiiiiiiiii
> + * wrapped > iiiiiiiiiiiiiiiiiiiiiiiiiii.......................
> + *
> + * where 'p' represents an acquisition in process
> + * context, 'i' represents an acquisition in irq
> + * context.
> + *
> + * In this example, the ring buffer was overwritten by
> + * acquisitions in irq context, that should be detected on
> + * rollback or commit.
> + */
> + unsigned int hist_id;
> +
> + /*
> * Seperate stack_trace data. This will be used at commit step.
> */
> struct stack_trace trace;
> diff --git a/include/linux/sched.h b/include/linux/sched.h
> index 5f6d6f4..9e1437c 100644
> --- a/include/linux/sched.h
> +++ b/include/linux/sched.h
> @@ -1756,6 +1756,10 @@ struct task_struct {
> unsigned int xhlock_idx_soft; /* For restoring at softirq exit */
> unsigned int xhlock_idx_hard; /* For restoring at hardirq exit */
> unsigned int xhlock_idx_work; /* For restoring at work exit */
> + unsigned int hist_id;
> + unsigned int hist_id_soft; /* For overwrite check at softirq exit */
> + unsigned int hist_id_hard; /* For overwrite check at hardirq exit */
> + unsigned int hist_id_work; /* For overwrite check at work exit */
> #endif
> #ifdef CONFIG_UBSAN
> unsigned int in_ubsan;
Right, like I wrote in the comment; I don't think you need quite this
much.
The problem only happens if you rewind more than MAX_XHLOCKS_NR;
although I realize it can be an accumulative rewind, which makes it
slightly more tricky.
We can either make the rewind more expensive and make xhlock_valid()
false for each rewound entry; or we can keep the max_idx and account
from there. If we rewind >= MAX_XHLOCKS_NR from the max_idx we need to
invalidate the entire state, which we can do by invaliding
xhlock_valid() or by re-introduction of the hist_gen_id. When we
invalidate the entire state, we can also clear the max_idx.
Given that rewinding _that_ far should be fairly rare (do we have
numbers?) simply iterating the entire thing and setting
xhlock->hlock.instance = NULL, should work I think.
next prev parent reply other threads:[~2017-07-11 16:13 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-24 8:59 [PATCH v7 00/16] lockdep: Implement crossrelease feature Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 01/16] lockdep: Refactor lookup_chain_cache() Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 02/16] lockdep: Add a function building a chain between two classes Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 03/16] lockdep: Change the meaning of check_prev_add()'s return value Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 04/16] lockdep: Make check_prev_add() able to handle external stack_trace Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 05/16] lockdep: Implement crossrelease feature Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-06-13 0:33 ` Byungchul Park
2017-06-13 0:33 ` Byungchul Park
2017-06-22 23:27 ` Byungchul Park
2017-06-22 23:27 ` Byungchul Park
2017-07-11 16:04 ` Peter Zijlstra
2017-07-11 16:04 ` Peter Zijlstra
2017-07-12 2:24 ` Byungchul Park
2017-07-12 2:24 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 06/16] lockdep: Detect and handle hist_lock ring buffer overwrite Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-07-11 16:12 ` Peter Zijlstra [this message]
2017-07-11 16:12 ` Peter Zijlstra
2017-07-12 2:00 ` Byungchul Park
2017-07-12 2:00 ` Byungchul Park
2017-07-12 7:56 ` Peter Zijlstra
2017-07-12 7:56 ` Peter Zijlstra
2017-07-13 2:07 ` Byungchul Park
2017-07-13 2:07 ` Byungchul Park
2017-07-13 8:14 ` Peter Zijlstra
2017-07-13 8:14 ` Peter Zijlstra
2017-07-13 8:57 ` Byungchul Park
2017-07-13 8:57 ` Byungchul Park
2017-07-13 9:50 ` Peter Zijlstra
2017-07-13 9:50 ` Peter Zijlstra
2017-07-13 10:09 ` Byungchul Park
2017-07-13 10:09 ` Byungchul Park
2017-07-13 10:29 ` Peter Zijlstra
2017-07-13 10:29 ` Peter Zijlstra
2017-07-13 11:12 ` Peter Zijlstra
2017-07-13 11:12 ` Peter Zijlstra
2017-07-13 11:23 ` Byungchul Park
2017-07-13 11:23 ` Byungchul Park
2017-07-14 1:41 ` Byungchul Park
2017-07-14 1:41 ` Byungchul Park
2017-07-14 6:42 ` Byungchul Park
2017-07-14 6:42 ` Byungchul Park
2017-07-21 13:54 ` Peter Zijlstra
2017-07-21 13:54 ` Peter Zijlstra
2017-07-25 6:29 ` Byungchul Park
2017-07-25 6:29 ` Byungchul Park
2017-07-25 8:45 ` Peter Zijlstra
2017-07-25 8:45 ` Peter Zijlstra
2017-07-13 11:19 ` Byungchul Park
2017-07-13 11:19 ` Byungchul Park
2017-07-18 1:25 ` Byungchul Park
2017-07-18 1:25 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 07/16] lockdep: Handle non(or multi)-acquisition of a crosslock Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 08/16] lockdep: Avoid adding redundant direct links of crosslocks Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-07-25 15:41 ` Peter Zijlstra
2017-07-25 15:41 ` Peter Zijlstra
2017-07-26 7:16 ` Byungchul Park
2017-07-26 7:16 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 09/16] lockdep: Fix incorrect condition to print bug msgs for MAX_LOCKDEP_CHAIN_HLOCKS Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 10/16] lockdep: Make print_circular_bug() aware of crossrelease Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 11/16] lockdep: Apply crossrelease to completions Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 12/16] pagemap.h: Remove trailing white space Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 13/16] lockdep: Apply crossrelease to PG_locked locks Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 14/16] lockdep: Apply lock_acquire(release) on __Set(__Clear)PageLocked Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 15/16] lockdep: Move data of CONFIG_LOCKDEP_PAGELOCK from page to page_ext Byungchul Park
2017-05-24 8:59 ` Byungchul Park
2017-05-24 8:59 ` [PATCH v7 16/16] lockdep: Crossrelease feature documentation Byungchul Park
2017-05-24 8:59 ` Byungchul Park
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170711161232.GB28975@worktop \
--to=peterz@infradead.org \
--cc=akpm@linux-foundation.org \
--cc=boqun.feng@gmail.com \
--cc=byungchul.park@lge.com \
--cc=kernel-team@lge.com \
--cc=kirill@shutemov.name \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@kernel.org \
--cc=npiggin@gmail.com \
--cc=tglx@linutronix.de \
--cc=walken@google.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.