From: Peter Zijlstra <peterz@infradead.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Vineet Gupta <Vineet.Gupta1@synopsys.com>,
Thomas Gleixner <tglx@linutronix.de>,
Christian Ruppert <christian.ruppert@abilis.com>,
Pierrick Hascoet <pierrick.hascoet@abilis.com>,
Frederic Weisbecker <fweisbec@gmail.com>,
Steven Rostedt <srostedt@redhat.com>,
Ingo Molnar <mingo@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] [PATCH] Gaurantee spinlocks implicit barrier for !PREEMPT_COUNT
Date: Mon, 08 Apr 2013 15:37:54 +0200 [thread overview]
Message-ID: <1365428274.2609.160.camel@laptop> (raw)
In-Reply-To: <CA+55aFyFWjpSVQM6M266tKrG_ZXJzZ-nYejpmXYQXbrr42mGPQ@mail.gmail.com>
On Sun, 2013-04-07 at 21:48 -0700, Linus Torvalds wrote:
> That said, thinking about barriers and preemption made me realize that
> we do have a potential issue between: (a) non-preemption UP kernel
> (with no barriers in the preempt_enable/disable()) and (b)
> architectures that use inline asm without a memory clobber for
> get_user/put_user(). That includes x86.
>
> The reason is that I could imagine code like
>
> if (get_user(val, addr))
> return -EFAULT;
> preempt_disable();
> ... do something percpu ..
> preempt_enable();
>
> and it turns out that for non-preempt UP, we don't tell the compiler
> anywhere that it can't move the get_user past the preempt_disable. But
> the get_user() can cause a preemption point because of a page fault,
> obviously.
>
> I suspect that the best way to fix this ends up relying on the gcc
> "asm volatile" rules, and make the rule be that:
> - preempt_disable/enable have to generate an asm volatile() string
> (preferably just a ASM comment saying "preempt disable/enable")
> - get_user/put_user doesn't need to add a memory clobber, but needs
> to be done with an asm volatile too.
>
> Then the gcc "no reordering of volatile asms" should make the above be
> ok, without having to add an actual compiler memory barrier.
>
> Ingo? Peter? I'm not sure anybody really uses UP+no-preempt on x86,
> but it does seem to be a bug.. Comments?
Right, stuff between preempt_disable() and preempt_enable() is supposed
to appear atomic wrt scheduling contexts, allowing any schedule to
happen in between would violate this.
I'm not seeing how this would be UP only though, I can see the same
thing happening on SMP+no-preempt.
Also, is {get,put}_user() the only construct that can do this? If so,
using the "asm volatile" rules as described might be the best way,
otherwise making the PREEMPT_COUNT=n operations be compiler barriers
seems like the safer option.
That said, I can't remember ever having seen a BUG like this, even
though !PREEMPT is (or at least was) the most popular distro setting.
next prev parent reply other threads:[~2013-04-08 13:38 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-29 10:33 [PATCH] timer: Fix possible issues with non serialized timer_pending( ) Vineet Gupta
2013-04-03 7:20 ` Vineet Gupta
2013-04-03 8:53 ` Christian Ruppert
2013-04-03 12:36 ` Thomas Gleixner
2013-04-03 13:03 ` Christian Ruppert
2013-04-03 13:10 ` [RFC] Add implicit barriers to irqsave/restore class of functions Christian Ruppert
2013-04-03 13:29 ` Vineet Gupta
2013-04-04 8:26 ` Christian Ruppert
2013-04-04 16:13 ` Peter Zijlstra
2013-04-05 4:27 ` Vineet Gupta
2013-04-03 14:11 ` [PATCH] [PATCH] Gaurantee spinlocks implicit barrier for !PREEMPT_COUNT Vineet Gupta
2013-04-04 15:28 ` Christian Ruppert
2013-04-05 4:36 ` Vineet Gupta
2013-04-06 13:34 ` Vineet Gupta
2013-04-06 16:13 ` Linus Torvalds
2013-04-06 18:01 ` Linus Torvalds
2013-04-06 19:54 ` Jacquiot, Aurelien
2013-04-09 16:33 ` [PATCH] tile: comment assumption about __insn_mtspr for <asm/irqflags.h> Chris Metcalf
2013-04-08 4:20 ` [PATCH] [PATCH] Gaurantee spinlocks implicit barrier for !PREEMPT_COUNT Vineet Gupta
2013-04-08 4:48 ` Linus Torvalds
2013-04-08 13:37 ` Peter Zijlstra [this message]
2013-04-08 14:31 ` Steven Rostedt
2013-04-08 14:50 ` Linus Torvalds
2013-04-08 14:59 ` Steven Rostedt
2013-04-08 15:07 ` Linus Torvalds
2013-04-09 14:32 ` Linus Torvalds
2013-04-10 7:12 ` Peter Zijlstra
2013-04-08 14:05 ` Steven Rostedt
2013-04-08 4:49 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1365428274.2609.160.camel@laptop \
--to=peterz@infradead.org \
--cc=Vineet.Gupta1@synopsys.com \
--cc=christian.ruppert@abilis.com \
--cc=fweisbec@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=pierrick.hascoet@abilis.com \
--cc=srostedt@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox