From: Josh Triplett <josh@joshtriplett.org>
To: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: linux-kernel@vger.kernel.org, mingo@elte.hu,
laijs@cn.fujitsu.com, dipankar@in.ibm.com,
akpm@linux-foundation.org, mathieu.desnoyers@polymtl.ca,
niv@us.ibm.com, tglx@linutronix.de, peterz@infradead.org,
rostedt@goodmis.org, Valdis.Kletnieks@vt.edu,
dhowells@redhat.com, eric.dumazet@gmail.com, darren@dvhart.com,
fweisbec@gmail.com, sbw@mit.edu, patches@linaro.org
Subject: Re: [PATCH tip/core/rcu 16/23] rcu: Prevent initialization-time quiescent-state race
Date: Mon, 3 Sep 2012 02:37:42 -0700 [thread overview]
Message-ID: <20120903093742.GE5574@leaf> (raw)
In-Reply-To: <1346350718-30937-16-git-send-email-paulmck@linux.vnet.ibm.com>
On Thu, Aug 30, 2012 at 11:18:31AM -0700, Paul E. McKenney wrote:
> From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
>
> Now the the grace-period initialization procedure is preemptible, it is
> subject to the following race on systems whose rcu_node tree contains
> more than one node:
>
> 1. CPU 31 starts initializing the grace period, including the
> first leaf rcu_node structures, and is then preempted.
>
> 2. CPU 0 refers to the first leaf rcu_node structure, and notes
> that a new grace period has started. It passes through a
> quiescent state shortly thereafter, and informs the RCU core
> of this rite of passage.
>
> 3. CPU 0 enters an RCU read-side critical section, acquiring
> a pointer to an RCU-protected data item.
>
> 4. CPU 31 removes the data item referenced by CPU 0 from the
> data structure, and registers an RCU callback in order to
> free it.
>
> 5. CPU 31 resumes initializing the grace period, including its
> own rcu_node structure. In invokes rcu_start_gp_per_cpu(),
> which advances all callbacks, including the one registered
> in #4 above, to be handled by the current grace period.
>
> 6. The remaining CPUs pass through quiescent states and inform
> the RCU core, but CPU 0 remains in its RCU read-side critical
> section, still referencing the now-removed data item.
>
> 7. The grace period completes and all the callbacks are invoked,
> including the one that frees the data item that CPU 0 is still
> referencing. Oops!!!
>
> This commit therefore moves the callback handling to precede initialization
> of any of the rcu_node structures, thus avoiding this race.
I don't think it makes sense to introduce and subsequently fix a race in
the same patch series. :)
Could you squash this patch into the one moving grace-period
initialization into a kthread?
- Josh Triplett
> Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
> ---
> kernel/rcutree.c | 33 +++++++++++++++++++--------------
> 1 files changed, 19 insertions(+), 14 deletions(-)
>
> diff --git a/kernel/rcutree.c b/kernel/rcutree.c
> index 55f20fd..d435009 100644
> --- a/kernel/rcutree.c
> +++ b/kernel/rcutree.c
> @@ -1028,20 +1028,6 @@ rcu_start_gp_per_cpu(struct rcu_state *rsp, struct rcu_node *rnp, struct rcu_dat
> /* Prior grace period ended, so advance callbacks for current CPU. */
> __rcu_process_gp_end(rsp, rnp, rdp);
>
> - /*
> - * Because this CPU just now started the new grace period, we know
> - * that all of its callbacks will be covered by this upcoming grace
> - * period, even the ones that were registered arbitrarily recently.
> - * Therefore, advance all outstanding callbacks to RCU_WAIT_TAIL.
> - *
> - * Other CPUs cannot be sure exactly when the grace period started.
> - * Therefore, their recently registered callbacks must pass through
> - * an additional RCU_NEXT_READY stage, so that they will be handled
> - * by the next RCU grace period.
> - */
> - rdp->nxttail[RCU_NEXT_READY_TAIL] = rdp->nxttail[RCU_NEXT_TAIL];
> - rdp->nxttail[RCU_WAIT_TAIL] = rdp->nxttail[RCU_NEXT_TAIL];
> -
> /* Set state so that this CPU will detect the next quiescent state. */
> __note_new_gpnum(rsp, rnp, rdp);
> }
> @@ -1068,6 +1054,25 @@ static int rcu_gp_init(struct rcu_state *rsp)
> rsp->gpnum++;
> trace_rcu_grace_period(rsp->name, rsp->gpnum, "start");
> record_gp_stall_check_time(rsp);
> +
> + /*
> + * Because this CPU just now started the new grace period, we
> + * know that all of its callbacks will be covered by this upcoming
> + * grace period, even the ones that were registered arbitrarily
> + * recently. Therefore, advance all RCU_NEXT_TAIL callbacks
> + * to RCU_NEXT_READY_TAIL. When the CPU later recognizes the
> + * start of the new grace period, it will advance all callbacks
> + * one position, which will cause all of its current outstanding
> + * callbacks to be handled by the newly started grace period.
> + *
> + * Other CPUs cannot be sure exactly when the grace period started.
> + * Therefore, their recently registered callbacks must pass through
> + * an additional RCU_NEXT_READY stage, so that they will be handled
> + * by the next RCU grace period.
> + */
> + rdp = __this_cpu_ptr(rsp->rda);
> + rdp->nxttail[RCU_NEXT_READY_TAIL] = rdp->nxttail[RCU_NEXT_TAIL];
> +
> raw_spin_unlock_irqrestore(&rnp->lock, flags);
>
> /* Exclude any concurrent CPU-hotplug operations. */
> --
> 1.7.8
>
next prev parent reply other threads:[~2012-09-03 9:37 UTC|newest]
Thread overview: 85+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-30 18:18 [PATCH tip/core/rcu 0/23] Improvements to RT response on big systems and expedited functions Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 01/23] rcu: Move RCU grace-period initialization into a kthread Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 02/23] rcu: Allow RCU grace-period initialization to be preempted Paul E. McKenney
2012-09-02 1:09 ` Josh Triplett
2012-09-05 1:22 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 03/23] rcu: Move RCU grace-period cleanup into kthread Paul E. McKenney
2012-09-02 1:22 ` Josh Triplett
2012-09-06 13:34 ` Peter Zijlstra
2012-09-06 17:29 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 04/23] rcu: Allow RCU grace-period cleanup to be preempted Paul E. McKenney
2012-09-02 1:36 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 05/23] rcu: Prevent offline CPUs from executing RCU core code Paul E. McKenney
2012-09-02 1:45 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 06/23] rcu: Break up rcu_gp_kthread() into subfunctions Paul E. McKenney
2012-09-02 2:11 ` Josh Triplett
2012-09-06 13:39 ` Peter Zijlstra
2012-09-06 17:32 ` Paul E. McKenney
2012-09-06 18:49 ` Josh Triplett
2012-09-06 19:09 ` Peter Zijlstra
2012-09-06 20:30 ` Paul E. McKenney
2012-09-06 20:30 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 07/23] rcu: Provide OOM handler to motivate lazy RCU callbacks Paul E. McKenney
2012-09-02 2:13 ` Josh Triplett
2012-09-03 9:08 ` Lai Jiangshan
2012-09-05 17:45 ` Paul E. McKenney
2012-09-06 13:46 ` Peter Zijlstra
2012-09-06 13:52 ` Steven Rostedt
2012-09-06 17:41 ` Paul E. McKenney
2012-09-06 17:46 ` Peter Zijlstra
2012-09-06 20:32 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 08/23] rcu: Segregate rcu_state fields to improve cache locality Paul E. McKenney
2012-09-02 2:51 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 09/23] rcu: Move quiescent-state forcing into kthread Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 10/23] rcu: Allow RCU quiescent-state forcing to be preempted Paul E. McKenney
2012-09-02 5:23 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 11/23] rcu: Adjust debugfs tracing for kthread-based quiescent-state forcing Paul E. McKenney
2012-09-02 6:05 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 12/23] rcu: Prevent force_quiescent_state() memory contention Paul E. McKenney
2012-09-02 10:47 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 13/23] rcu: Control grace-period duration from sysfs Paul E. McKenney
2012-09-03 9:30 ` Josh Triplett
2012-09-03 9:31 ` Josh Triplett
2012-09-06 14:15 ` Peter Zijlstra
2012-09-06 17:53 ` Paul E. McKenney
2012-09-06 18:28 ` Peter Zijlstra
2012-09-06 20:37 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 14/23] rcu: Remove now-unused rcu_state fields Paul E. McKenney
2012-09-03 9:31 ` Josh Triplett
2012-09-06 14:17 ` Peter Zijlstra
2012-09-06 18:02 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 15/23] rcu: Make rcutree module parameters visible in sysfs Paul E. McKenney
2012-09-03 9:32 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 16/23] rcu: Prevent initialization-time quiescent-state race Paul E. McKenney
2012-09-03 9:37 ` Josh Triplett [this message]
2012-09-05 18:19 ` Paul E. McKenney
2012-09-05 18:55 ` Josh Triplett
2012-09-05 19:49 ` Paul E. McKenney
2012-09-06 14:21 ` Peter Zijlstra
2012-09-06 16:18 ` Paul E. McKenney
2012-09-06 16:22 ` Peter Zijlstra
2012-08-30 18:18 ` [PATCH tip/core/rcu 17/23] rcu: Fix day-zero grace-period initialization/cleanup race Paul E. McKenney
2012-09-03 9:39 ` Josh Triplett
2012-09-06 14:24 ` Peter Zijlstra
2012-09-06 18:06 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 18/23] rcu: Add random PROVE_RCU_DELAY to grace-period initialization Paul E. McKenney
2012-09-03 9:41 ` Josh Triplett
2012-09-06 14:27 ` Peter Zijlstra
2012-09-06 18:25 ` Paul E. McKenney
2012-08-30 18:18 ` [PATCH tip/core/rcu 19/23] rcu: Adjust for unconditional ->completed assignment Paul E. McKenney
2012-09-03 9:42 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 20/23] rcu: Remove callback acceleration from grace-period initialization Paul E. McKenney
2012-09-03 9:42 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 21/23] rcu: Eliminate signed overflow in synchronize_rcu_expedited() Paul E. McKenney
2012-09-03 9:43 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 22/23] rcu: Reduce synchronize_rcu_expedited() latency Paul E. McKenney
2012-09-03 9:46 ` Josh Triplett
2012-08-30 18:18 ` [PATCH tip/core/rcu 23/23] rcu: Simplify quiescent-state detection Paul E. McKenney
2012-09-03 9:56 ` Josh Triplett
2012-09-06 14:36 ` Peter Zijlstra
2012-09-06 20:01 ` Paul E. McKenney
2012-09-06 21:18 ` Mathieu Desnoyers
2012-09-06 21:31 ` Paul E. McKenney
2012-09-02 1:04 ` [PATCH tip/core/rcu 01/23] rcu: Move RCU grace-period initialization into a kthread Josh Triplett
2012-09-06 13:32 ` Peter Zijlstra
2012-09-06 17:00 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120903093742.GE5574@leaf \
--to=josh@joshtriplett.org \
--cc=Valdis.Kletnieks@vt.edu \
--cc=akpm@linux-foundation.org \
--cc=darren@dvhart.com \
--cc=dhowells@redhat.com \
--cc=dipankar@in.ibm.com \
--cc=eric.dumazet@gmail.com \
--cc=fweisbec@gmail.com \
--cc=laijs@cn.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@polymtl.ca \
--cc=mingo@elte.hu \
--cc=niv@us.ibm.com \
--cc=patches@linaro.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=sbw@mit.edu \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).