From: Mark Rutland <mark.rutland@arm.com>
To: Christopher Lameter <cl@linux.com>
Cc: Tejun Heo <tj@kernel.org>,
linux-kernel@vger.kernel.org, Arnd Bergmann <arnd@arndb.de>,
Peter Zijlstra <peterz@infradead.org>,
Pranith Kumar <bobby.prani@gmail.com>,
linux-arch@vger.kernel.org
Subject: Re: [PATCH] percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
Date: Tue, 26 Sep 2017 18:28:31 +0100 [thread overview]
Message-ID: <20170926172830.GF15480@leverpostej> (raw)
In-Reply-To: <alpine.DEB.2.20.1709260143330.21864@nuc-kabylake>
Hi,
On Tue, Sep 26, 2017 at 01:47:27AM -0500, Christopher Lameter wrote:
> On Mon, 25 Sep 2017, Tejun Heo wrote:
> > On Mon, Sep 25, 2017 at 04:33:02PM +0100, Mark Rutland wrote:
> > > Unfortunately, the generic this_cpu_read(), which is intended to be
> > > irq-safe, is not:
> > >
> > > #define this_cpu_generic_read(pcp) \
> > > ({ \
> > > typeof(pcp) __ret; \
> > > preempt_disable_notrace(); \
> > > __ret = raw_cpu_generic_read(pcp); \
> > > preempt_enable_notrace(); \
> > > __ret; \
> > > })
> >
> > I see. Yeah, that looks like the bug there.
>
> This is a single fetch operation of a value that needs to be atomic. It
> really does not matter if an interrupt happens before or after that load
> because it could also occur before or after the preempt_enable/disable
> without the code being able to distinguish that case.
Unfortunately, this instance is not necessarily a single fetch operation,
given that the access is a plain C load from a pointer:
#define raw_cpu_generic_read(pcp) \
({ \
*raw_cpu_ptr(&(pcp)); \
})
... and thus the compiler is at liberty to tear the access across
multiple instructions. It probably won't, and it would almost certainly
be stupid to do so, but for better or worse we have no guarantee.
> The fetch of a scalar value from memory is an atomic operation and that is
> required from all arches.
Sure, where we ensure said fetch is a single access (e.g. with
READ_ONCE()). Otherwise the compiler is at liberty to tear the access
(e.g. if it fuses it with nearby accesses into a memcpy).
> There is an exception for double word fetches. Maybe we would need to
> special code that case but so far this does not seem to have been an
> issue.
I've sent a v2 which fixes both cases, only disabling interrupts for
those doubleword fetches, and otherwise using READ_ONCE() to prevent
tearing.
Thanks,
Mark.
prev parent reply other threads:[~2017-09-26 17:30 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-25 13:24 [PATCH] percpu: make this_cpu_generic_read() atomic w.r.t. interrupts Mark Rutland
2017-09-25 15:18 ` Tejun Heo
2017-09-25 15:33 ` Mark Rutland
2017-09-25 15:44 ` Tejun Heo
2017-09-26 6:47 ` Christopher Lameter
2017-09-26 7:47 ` Thomas Gleixner
2017-09-26 16:42 ` Christopher Lameter
2017-09-27 9:01 ` Thomas Gleixner
2017-09-27 10:10 ` Mark Rutland
2017-09-26 17:28 ` Mark Rutland [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170926172830.GF15480@leverpostej \
--to=mark.rutland@arm.com \
--cc=arnd@arndb.de \
--cc=bobby.prani@gmail.com \
--cc=cl@linux.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox