public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Thomas Gleixner <tglx@linutronix.de>
To: Frederic Weisbecker <frederic@kernel.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
	Anna-Maria Behnsen <anna-maria@linutronix.de>,
	Benjamin Segall <bsegall@google.com>,
	Eric Dumazet <edumazet@google.com>,
	Andrey Vagin <avagin@openvz.org>,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	Peter Zijlstra <peterz@infradead.org>
Subject: Re: [patch V2 01/17] posix-timers: Initialise timer before adding it to the hash table
Date: Thu, 06 Mar 2025 09:10:09 +0100	[thread overview]
Message-ID: <875xkm60m6.ffs@tglx> (raw)
In-Reply-To: <Z8iJBXFQLUkcndsI@localhost.localdomain>

On Wed, Mar 05 2025 at 18:25, Frederic Weisbecker wrote:
> Le Sun, Mar 02, 2025 at 08:36:44PM +0100, Thomas Gleixner a écrit :
> Looking at this more or less lockless whole thing again, is the
> ordering between creation and subsequent operations sufficiently guaranteed?
>
>     T0                                                T1
> ---------                                             -----------
> do_timer_create()
>     posix_timer_add()
>         spin_lock(hash_lock)
>         // A
>         timer->it_id = ...
>         spin_unlock(hash_lock)
>     // Initialize timer fields
>     // B
>     new_timer->.... = ....
>     common_timer_create()
>         // C
>         hrtimer_init()
>     spin_lock(current->sighand)
>     // D
>     WRITE_ONCE(new_timer->it_signal, current->signal)
>     spin_unlock(current->sighand)
>                                                       do_timer_settime()
>                                                           lock_timer()
>                                                               // observes A && D
>                                                               posix_timer_by_id()
>                                                               spin_lock_irqsave(&timr->it_lock)
>                                                               // recheck ok
>                                                               if (timr->it_signal == current->signal)
>                                                                   return timr
>                                                               common_timer_get()
>                                                                   // fiddle with timer fields
>                                                                   // but doesn't observe B
>                                                                   // for example doesn't observe SIGEV_NONE
>                                                                   sig_none = timr->it_sigev_notify == SIGEV_NONE;
>                                                                   ...
>                                                                   // doesn't observe C
>                                                                   // hrtimer_init() isn't visible yet
>                                                                   // It might mess up after the hrtimer_start()
>                                                                   hrtimer_start()

Pretty far fetched and I did not think it fully through whether it can
really happen. But that's trivial enough to solve without this
hlist_hashed() indirection:

+      spin_lock(new_timer->lock);
       spin_lock(current->sighand);
       WRITE_ONCE(new_timer->it_signal, current->signal);
       spin_unlock(current->sighand);
+      spin_unlock(new_timer->lock);

Simply because the release of timer::lock guarantees that the memory
operations before the release have been completed before the release
completes.

Consequently the other CPU must observe a consistent set A - D after it
acquired the lock.

No?

Thanks,

        tglx

  reply	other threads:[~2025-03-06  8:10 UTC|newest]

Thread overview: 43+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-03-02 19:36 [patch V2 00/17] posix-timers: Rework the global hash table and provide a sane mechanism for CRIU Thomas Gleixner
2025-03-02 19:36 ` [patch V2 01/17] posix-timers: Initialise timer before adding it to the hash table Thomas Gleixner
2025-03-05 17:25   ` Frederic Weisbecker
2025-03-06  8:10     ` Thomas Gleixner [this message]
2025-03-06  8:47       ` Frederic Weisbecker
2025-03-07 13:46   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 02/17] posix-timers: Add cond_resched() to posix_timer_add() search loop Thomas Gleixner
2025-03-05 20:54   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 03/17] posix-timers: Cleanup includes Thomas Gleixner
2025-03-05 20:57   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 04/17] posix-timers: Remove a few paranoid warnings Thomas Gleixner
2025-03-05 22:11   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 05/17] posix-timers: Remove SLAB_PANIC from kmem cache Thomas Gleixner
2025-03-07 14:05   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 06/17] posix-timers: Use guards in a few places Thomas Gleixner
2025-03-07 14:16   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 07/17] posix-timers: Simplify lock/unlock_timer() Thomas Gleixner
2025-03-07 22:16   ` Frederic Weisbecker
2025-03-02 19:36 ` [patch V2 08/17] posix-timers: Rework timer removal Thomas Gleixner
2025-03-04 10:10   ` Pavel Tikhomirov
2025-03-04 10:20     ` Pavel Tikhomirov
2025-03-04 14:06       ` Thomas Gleixner
2025-03-07 23:03   ` Frederic Weisbecker
2025-03-08  8:34     ` Thomas Gleixner
2025-03-08 22:48       ` Frederic Weisbecker
2025-03-09  8:21         ` Thomas Gleixner
2025-03-02 19:36 ` [patch V2 09/17] posix-timers: Make lock_timer() use guard() Thomas Gleixner
2025-03-04 14:08   ` [patch V2a " Thomas Gleixner
2025-03-02 19:36 ` [patch V2 10/17] posix-timers: Make signal_struct::next_posix_timer_id an atomic_t Thomas Gleixner
2025-03-03 20:21   ` Cyrill Gorcunov
2025-03-03 21:24     ` Thomas Gleixner
2025-03-04 17:56       ` Cyrill Gorcunov
2025-03-04 20:30         ` Thomas Gleixner
2025-03-04 22:16           ` Cyrill Gorcunov
2025-03-05  7:31             ` Thomas Gleixner
2025-03-05  8:28               ` Cyrill Gorcunov
2025-03-02 19:37 ` [patch V2 11/17] posix-timers: Improve hash table performance Thomas Gleixner
2025-03-02 19:37 ` [patch V2 12/17] posix-timers: Switch to jhash32() Thomas Gleixner
2025-03-02 19:37 ` [patch V2 13/17] posix-timers: Avoid false cacheline sharing Thomas Gleixner
2025-03-02 19:37 ` [patch V2 14/17] posix-timers: Make per process list RCU safe Thomas Gleixner
2025-03-02 19:37 ` [patch V2 15/17] posix-timers: Dont iterate /proc/$PID/timers with sighand::siglock held Thomas Gleixner
2025-03-02 19:37 ` [patch V2 16/17] posix-timers: Provide a mechanism to allocate a given timer ID Thomas Gleixner
2025-03-02 19:37 ` [patch V2 17/17] selftests/timers/posix-timers: Add a test for exact allocation mode Thomas Gleixner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=875xkm60m6.ffs@tglx \
    --to=tglx@linutronix.de \
    --cc=anna-maria@linutronix.de \
    --cc=avagin@openvz.org \
    --cc=bsegall@google.com \
    --cc=edumazet@google.com \
    --cc=frederic@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=peterz@infradead.org \
    --cc=ptikhomirov@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox