From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8F28EC4332F for ; Wed, 12 Oct 2022 08:57:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=lrgyQmk69n9BLvCnjZXXd11PTeOiRZmH6W4uq1G19fI=; b=uIXxVH3maIaEmY jEl/uwUDNnq6YjNJFZ21JAKKqtuLWMRonmEbKCc8cKlUi/Cswl5eMgpxNqt9nFmviX6iHF3iHdLZP CU+6ehSSsbQ6gzjfRpUCLS2B1NwTJRs602RNeaTE01akhYYU1Gds70L9zhB6OtRN6XZaoC0x2g/qo E8dnowK76HLNLL2VLf2uLVtgbw24uQe4fqjiw+FYQA2HFU+hvXRG+QlOhSAEo4rKixsuAXyKU0/Gg J8qXyEcY2DE1VrrJc68py5eeULmO39LgWCeYa5PeLoF2GSabEMJzbX/ecKnKuaRW9Yu4v+25neN/y YecCX1nfUQ01jgfuKJ2g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oiXXD-007RX3-QO; Wed, 12 Oct 2022 08:56:15 +0000 Received: from dfw.source.kernel.org ([2604:1380:4641:c500::1]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oiXX4-007RRP-9o for linux-arm-kernel@lists.infradead.org; Wed, 12 Oct 2022 08:56:08 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9650E61485; Wed, 12 Oct 2022 08:56:05 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 770D5C433D6; Wed, 12 Oct 2022 08:56:03 +0000 (UTC) Date: Wed, 12 Oct 2022 09:55:59 +0100 From: Catalin Marinas To: Sasha Levin Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org, Mark Rutland , Will Deacon , peterz@infradead.org, linux-arm-kernel@lists.infradead.org Subject: Re: [PATCH AUTOSEL 6.0 17/46] arm64: atomics: remove LL/SC trampolines Message-ID: References: <20221011145015.1622882-1-sashal@kernel.org> <20221011145015.1622882-17-sashal@kernel.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20221011145015.1622882-17-sashal@kernel.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221012_015606_490679_1D3F2FE7 X-CRM114-Status: GOOD ( 25.40 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, Oct 11, 2022 at 10:49:45AM -0400, Sasha Levin wrote: > From: Mark Rutland > > [ Upstream commit b2c3ccbd0011bb3b51d0fec24cb3a5812b1ec8ea ] > > When CONFIG_ARM64_LSE_ATOMICS=y, each use of an LL/SC atomic results in > a fragment of code being generated in a subsection without a clear > association with its caller. A trampoline in the caller branches to the > LL/SC atomic with with a direct branch, and the atomic directly branches > back into its trampoline. > > This breaks backtracing, as any PC within the out-of-line fragment will > be symbolized as an offset from the nearest prior symbol (which may not > be the function using the atomic), and since the atomic returns with a > direct branch, the caller's PC may be missing from the backtrace. > > For example, with secondary_start_kernel() hacked to contain > atomic_inc(NULL), the resulting exception can be reported as being taken > from cpus_are_stuck_in_kernel(): > > | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 > | Mem abort info: > | ESR = 0x0000000096000004 > | EC = 0x25: DABT (current EL), IL = 32 bits > | SET = 0, FnV = 0 > | EA = 0, S1PTW = 0 > | FSC = 0x04: level 0 translation fault > | Data abort info: > | ISV = 0, ISS = 0x00000004 > | CM = 0, WnR = 0 > | [0000000000000000] user address but active_mm is swapper > | Internal error: Oops: 96000004 [#1] PREEMPT SMP > | Modules linked in: > | CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.19.0-11219-geb555cb5b794-dirty #3 > | Hardware name: linux,dummy-virt (DT) > | pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) > | pc : cpus_are_stuck_in_kernel+0xa4/0x120 > | lr : secondary_start_kernel+0x164/0x170 > | sp : ffff80000a4cbe90 > | x29: ffff80000a4cbe90 x28: 0000000000000000 x27: 0000000000000000 > | x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000 > | x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000 > | x20: 0000000000000001 x19: 0000000000000001 x18: 0000000000000008 > | x17: 3030383832343030 x16: 3030303030307830 x15: ffff80000a4cbab0 > | x14: 0000000000000001 x13: 5d31666130663133 x12: 3478305b20313030 > | x11: 3030303030303078 x10: 3020726f73736563 x9 : 726f737365636f72 > | x8 : ffff800009ff2ef0 x7 : 0000000000000003 x6 : 0000000000000000 > | x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000100 > | x2 : 0000000000000000 x1 : ffff0000029bd880 x0 : 0000000000000000 > | Call trace: > | cpus_are_stuck_in_kernel+0xa4/0x120 > | __secondary_switched+0xb0/0xb4 > | Code: 35ffffa3 17fffc6c d53cd040 f9800011 (885f7c01) > | ---[ end trace 0000000000000000 ]--- > > This is confusing and hinders debugging, and will be problematic for > CONFIG_LIVEPATCH as these cases cannot be unwound reliably. > > This is very similar to recent issues with out-of-line exception fixups, > which were removed in commits: > > 35d67794b8828333 ("arm64: lib: __arch_clear_user(): fold fixups into body") > 4012e0e22739eef9 ("arm64: lib: __arch_copy_from_user(): fold fixups into body") > 139f9ab73d60cf76 ("arm64: lib: __arch_copy_to_user(): fold fixups into body") > > When the trampolines were introduced in commit: > > addfc38672c73efd ("arm64: atomics: avoid out-of-line ll/sc atomics") > > The rationale was to improve icache performance by grouping the LL/SC > atomics together. This has never been measured, and this theoretical > benefit is outweighed by other factors: > > * As the subsections are collapsed into sections at object file > granularity, these are spread out throughout the kernel and can share > cachelines with unrelated code regardless. > > * GCC 12.1.0 has been observed to place the trampoline out-of-line in > specialised __ll_sc_*() functions, introducing more branching than was > intended. > > * Removing the trampolines has been observed to shrink a defconfig > kernel Image by 64KiB when building with GCC 12.1.0. > > This patch removes the LL/SC trampolines, meaning that the LL/SC atomics > will be inlined into their callers (or placed in out-of line functions > using regular BL/RET pairs). When CONFIG_ARM64_LSE_ATOMICS=y, the LL/SC > atomics are always called in an unlikely branch, and will be placed in a > cold portion of the function, so this should have minimal impact to the > hot paths. > > Other than the improved backtracing, there should be no functional > change as a result of this patch. > > Signed-off-by: Mark Rutland > Cc: Will Deacon > Link: https://lore.kernel.org/r/20220817155914.3975112-2-mark.rutland@arm.com > Signed-off-by: Catalin Marinas > Signed-off-by: Sasha Levin Please also drop this here. Thanks. -- Catalin _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel