All of lore.kernel.org
 help / color / mirror / Atom feed
From: Thomas Gleixner <tglx@linutronix.de>
To: Frederic Weisbecker <frederic@kernel.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
	Anna-Maria Behnsen <anna-maria@linutronix.de>,
	Benjamin Segall <bsegall@google.com>,
	Eric Dumazet <edumazet@google.com>,
	Andrey Vagin <avagin@openvz.org>,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	Peter Zijlstra <peterz@infradead.org>
Subject: Re: [patch V2 01/17] posix-timers: Initialise timer before adding it to the hash table
Date: Thu, 06 Mar 2025 09:10:09 +0100	[thread overview]
Message-ID: <875xkm60m6.ffs@tglx> (raw)
In-Reply-To: <Z8iJBXFQLUkcndsI@localhost.localdomain>

On Wed, Mar 05 2025 at 18:25, Frederic Weisbecker wrote:
> Le Sun, Mar 02, 2025 at 08:36:44PM +0100, Thomas Gleixner a écrit :
> Looking at this more or less lockless whole thing again, is the
> ordering between creation and subsequent operations sufficiently guaranteed?
>
>     T0                                                T1
> ---------                                             -----------
> do_timer_create()
>     posix_timer_add()
>         spin_lock(hash_lock)
>         // A
>         timer->it_id = ...
>         spin_unlock(hash_lock)
>     // Initialize timer fields
>     // B
>     new_timer->.... = ....
>     common_timer_create()
>         // C
>         hrtimer_init()
>     spin_lock(current->sighand)
>     // D
>     WRITE_ONCE(new_timer->it_signal, current->signal)
>     spin_unlock(current->sighand)
>                                                       do_timer_settime()
>                                                           lock_timer()
>                                                               // observes A && D
>                                                               posix_timer_by_id()
>                                                               spin_lock_irqsave(&timr->it_lock)
>                                                               // recheck ok
>                                                               if (timr->it_signal == current->signal)
>                                                                   return timr
>                                                               common_timer_get()
>                                                                   // fiddle with timer fields
>                                                                   // but doesn't observe B
>                                                                   // for example doesn't observe SIGEV_NONE
>                                                                   sig_none = timr->it_sigev_notify == SIGEV_NONE;
>                                                                   ...
>                                                                   // doesn't observe C
>                                                                   // hrtimer_init() isn't visible yet
>                                                                   // It might mess up after the hrtimer_start()
>                                                                   hrtimer_start()

Pretty far fetched and I did not think it fully through whether it can
really happen. But that's trivial enough to solve without this
hlist_hashed() indirection:

+      spin_lock(new_timer->lock);
       spin_lock(current->sighand);
       WRITE_ONCE(new_timer->it_signal, current->signal);
       spin_unlock(current->sighand);
+      spin_unlock(new_timer->lock);

Simply because the release of timer::lock guarantees that the memory
operations before the release have been completed before the release
completes.

Consequently the other CPU must observe a consistent set A - D after it
acquired the lock.

No?

Thanks,

        tglx

  reply	other threads:[~2025-03-06  8:10 UTC|newest]

Thread overview: 43+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-03-02 19:36 [patch V2 00/17] posix-timers: Rework the global hash table and provide a sane mechanism for CRIU Thomas Gleixner
2025-03-02 19:36 ` [patch V2 01/17] posix-timers: Initialise timer before adding it to the hash table Thomas Gleixner
2025-03-05 17:25   ` Frederic Weisbecker
2025-03-06  8:10     ` Thomas Gleixner [this message]
2025-03-06  8:47       ` Frederic Weisbecker
2025-03-07 13:46   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 02/17] posix-timers: Add cond_resched() to posix_timer_add() search loop Thomas Gleixner
2025-03-05 20:54   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 03/17] posix-timers: Cleanup includes Thomas Gleixner
2025-03-05 20:57   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 04/17] posix-timers: Remove a few paranoid warnings Thomas Gleixner
2025-03-05 22:11   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 05/17] posix-timers: Remove SLAB_PANIC from kmem cache Thomas Gleixner
2025-03-07 14:05   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 06/17] posix-timers: Use guards in a few places Thomas Gleixner
2025-03-07 14:16   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 07/17] posix-timers: Simplify lock/unlock_timer() Thomas Gleixner
2025-03-07 22:16   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 08/17] posix-timers: Rework timer removal Thomas Gleixner
2025-03-04 10:10   ` Pavel Tikhomirov
2025-03-04 10:20     ` Pavel Tikhomirov
2025-03-04 14:06       ` Thomas Gleixner
2025-03-07 23:03   ` Frederic Weisbecker
2025-03-08  8:34     ` Thomas Gleixner
2025-03-08 22:48       ` Frederic Weisbecker
2025-03-09  8:21         ` Thomas Gleixner
2025-03-02 19:36 ` [patch V2 09/17] posix-timers: Make lock_timer() use guard() Thomas Gleixner
2025-03-04 14:08   ` [patch V2a " Thomas Gleixner
2025-03-02 19:36 ` [patch V2 10/17] posix-timers: Make signal_struct::next_posix_timer_id an atomic_t Thomas Gleixner
2025-03-03 20:21   ` Cyrill Gorcunov
2025-03-03 21:24     ` Thomas Gleixner
2025-03-04 17:56       ` Cyrill Gorcunov
2025-03-04 20:30         ` Thomas Gleixner
2025-03-04 22:16           ` Cyrill Gorcunov
2025-03-05  7:31             ` Thomas Gleixner
2025-03-05  8:28               ` Cyrill Gorcunov
2025-03-02 19:37 ` [patch V2 11/17] posix-timers: Improve hash table performance Thomas Gleixner
2025-03-02 19:37 ` [patch V2 12/17] posix-timers: Switch to jhash32() Thomas Gleixner
2025-03-02 19:37 ` [patch V2 13/17] posix-timers: Avoid false cacheline sharing Thomas Gleixner
2025-03-02 19:37 ` [patch V2 14/17] posix-timers: Make per process list RCU safe Thomas Gleixner
2025-03-02 19:37 ` [patch V2 15/17] posix-timers: Dont iterate /proc/$PID/timers with sighand::siglock held Thomas Gleixner
2025-03-02 19:37 ` [patch V2 16/17] posix-timers: Provide a mechanism to allocate a given timer ID Thomas Gleixner
2025-03-02 19:37 ` [patch V2 17/17] selftests/timers/posix-timers: Add a test for exact allocation mode Thomas Gleixner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=875xkm60m6.ffs@tglx \
    --to=tglx@linutronix.de \
    --cc=anna-maria@linutronix.de \
    --cc=avagin@openvz.org \
    --cc=bsegall@google.com \
    --cc=edumazet@google.com \
    --cc=frederic@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=peterz@infradead.org \
    --cc=ptikhomirov@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.