From: Jan Kiszka <jan.kiszka@domain.hid>
To: Philippe Gerum <rpm@xenomai.org>
Cc: adeos-main <adeos-main@gna.org>
Subject: Re: [Adeos-main] Flaw in x86-32 syscall/irq return path - and maybe more
Date: Mon, 15 Nov 2010 20:54:07 +0100 [thread overview]
Message-ID: <4CE18FDF.4010700@domain.hid> (raw)
In-Reply-To: <4CE18A9F.5030007@domain.hid>
[-- Attachment #1: Type: text/plain, Size: 2229 bytes --]
Am 15.11.2010 20:31, Jan Kiszka wrote:
> Hi Philippe,
>
> debugging some variant of I-pipe over an x86-32 target, I think I found
> some fairly old flaw in the IRQ virtualization that causes rescheduling
> delays (up to deadlocks) for Linux:
>
> - we are in sysenter_tail (other exit paths should be affected as well)
> - we DISABLE_INTERRUPTS, but only virtually
> - we go past "testl $_TIF_ALLWORK_MASK, %ecx", nothing to be done
> - an IRQ for Linux arrives, it is pushed to the backlog
> - __ipipe_unstall_iret_root replays the IRQ as the regs we are about to
> return to have IF set (obviously, we return from a syscall)
> - the Linux IRQ handler sets _TIF_NEED_RESCHED, but doesn't perform the
> work on return as __ipipe_sync_stage set the stall flag for the Linux
> domain before calling the handler
> - but now the preempted sysenter return also does no reschedule as it
> already passed the check - bang!
>
> Another variant of this Linux rescheduling issue:
>
> - we are in a lengthy loop inside the kernel, but we are preemptible
> most of the time
> - after disabling Linux IRQs briefly, we are calling
> local_irq_enable() again
> - in the meantime, we received a Linux IRQ which is now pending in the
> backlog
> - __ipipe_unstall_root triggers __ipipe_sync_stage
> - Linux handler is called, sets NEED_RESCHED but does not reschedule
> (see above)
> - we do not test for resched again as we are not returning to user
> space, and that for quite some time - bang!
And this one actually affects x86-64 as well: Here, ret_from_intr checks
for NEED_RESCHED only if IF is set in the flags of the preempted
context. But if the Linux domain is alone, we enter __ipipe_do_root_xirq
with hard IRQs disabled, thus we push this information incorrectly on
the Linux handler stack, preventing the required rescheduling check.
I guess the simplest fix for this is to drop the
"!__ipipe_pipeline_head_p(ipd)" check from __ipipe_sync_stage.
>
> I think both issues are only related to virtualizing DISABLE_INTERRUPTS
> for entry_32.S and I wonder if this doesn't finally qualify for a switch
> to the 64-bit model. Or do you see simpler fixes?
>
Jan
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 259 bytes --]
next prev parent reply other threads:[~2010-11-15 19:54 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-15 19:31 [Adeos-main] Flaw in x86-32 syscall/irq return path - and maybe more Jan Kiszka
2010-11-15 19:54 ` Jan Kiszka [this message]
2010-11-15 20:53 ` Philippe Gerum
2010-11-15 22:23 ` Jan Kiszka
2010-11-15 20:20 ` Philippe Gerum
2010-11-15 22:20 ` Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CE18FDF.4010700@domain.hid \
--to=jan.kiszka@domain.hid \
--cc=adeos-main@gna.org \
--cc=rpm@xenomai.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.