From: Juergen Gross <jgross@suse.com>
To: xen-devel@lists.xenproject.org
Cc: Juergen Gross <jgross@suse.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Julien Grall <julien@xen.org>, Wei Liu <wl@xen.org>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>,
George Dunlap <george.dunlap@citrix.com>,
Jan Beulich <jbeulich@suse.com>
Subject: [Xen-devel] [PATCH v3 5/6] xen/rcu: add assertions to debug build
Date: Wed, 4 Mar 2020 07:32:11 +0100 [thread overview]
Message-ID: <20200304063212.20843-6-jgross@suse.com> (raw)
In-Reply-To: <20200304063212.20843-1-jgross@suse.com>
Xen's RCU implementation relies on no softirq handling taking place
while being in a RCU critical section. Add ASSERT()s in debug builds
in order to catch any violations.
For that purpose modify rcu_read_[un]lock() to use a dedicated percpu
counter instead of preempt_[en|dis]able() as this enables to test
that condition in __do_softirq() (ASSERT_NOT_IN_ATOMIC() is not
usable there due to __cpu_up() calling process_pending_softirqs()
while holding the cpu hotplug lock).
Dropping the now no longer needed #include of preempt.h in rcupdate.h
requires adding it in some sources.
While at it switch the rcu_read_[un]lock() implementation to static
inline functions instead of macros.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V3:
- add barriers to rcu_[en|dis]able() (Roger Pau Monné)
- add rcu_quiesce_allowed() to ASSERT_NOT_IN_ATOMIC (Roger Pau Monné)
- convert macros to static inline functions
- add sanity check in rcu_read_unlock()
---
xen/common/multicall.c | 1 +
xen/common/preempt.c | 5 ++++-
xen/common/rcupdate.c | 4 ++++
xen/common/softirq.c | 2 ++
xen/common/wait.c | 1 +
xen/include/xen/rcupdate.h | 45 +++++++++++++++++++++++++++++++++++++++++----
6 files changed, 53 insertions(+), 5 deletions(-)
diff --git a/xen/common/multicall.c b/xen/common/multicall.c
index 5a199ebf8f..67f1a23485 100644
--- a/xen/common/multicall.c
+++ b/xen/common/multicall.c
@@ -10,6 +10,7 @@
#include <xen/multicall.h>
#include <xen/guest_access.h>
#include <xen/perfc.h>
+#include <xen/preempt.h>
#include <xen/trace.h>
#include <asm/current.h>
#include <asm/hardirq.h>
diff --git a/xen/common/preempt.c b/xen/common/preempt.c
index 3b4178fd44..8a351e644b 100644
--- a/xen/common/preempt.c
+++ b/xen/common/preempt.c
@@ -21,13 +21,15 @@
#include <xen/preempt.h>
#include <xen/irq.h>
+#include <xen/rcupdate.h>
#include <asm/system.h>
DEFINE_PER_CPU(unsigned int, __preempt_count);
bool_t in_atomic(void)
{
- return preempt_count() || in_irq() || !local_irq_is_enabled();
+ return preempt_count() || in_irq() || !local_irq_is_enabled() ||
+ !rcu_quiesce_allowed();
}
#ifndef NDEBUG
@@ -36,5 +38,6 @@ void ASSERT_NOT_IN_ATOMIC(void)
ASSERT(!preempt_count());
ASSERT(!in_irq());
ASSERT(local_irq_is_enabled());
+ ASSERT(rcu_quiesce_allowed());
}
#endif
diff --git a/xen/common/rcupdate.c b/xen/common/rcupdate.c
index 27d597bbeb..d1cc2f0a98 100644
--- a/xen/common/rcupdate.c
+++ b/xen/common/rcupdate.c
@@ -46,6 +46,10 @@
#include <xen/cpu.h>
#include <xen/stop_machine.h>
+#ifndef NDEBUG
+DEFINE_PER_CPU(unsigned int, rcu_lock_cnt);
+#endif
+
/* Global control variables for rcupdate callback mechanism. */
static struct rcu_ctrlblk {
long cur; /* Current batch number. */
diff --git a/xen/common/softirq.c b/xen/common/softirq.c
index 30beb27ae9..fd90b8511d 100644
--- a/xen/common/softirq.c
+++ b/xen/common/softirq.c
@@ -30,6 +30,8 @@ static void __do_softirq(unsigned long ignore_mask, bool rcu_allowed)
unsigned int i, cpu;
unsigned long pending;
+ ASSERT(!rcu_allowed || rcu_quiesce_allowed());
+
for ( ; ; )
{
/*
diff --git a/xen/common/wait.c b/xen/common/wait.c
index 24716e7676..9cdb174036 100644
--- a/xen/common/wait.c
+++ b/xen/common/wait.c
@@ -19,6 +19,7 @@
* along with this program; If not, see <http://www.gnu.org/licenses/>.
*/
+#include <xen/preempt.h>
#include <xen/sched.h>
#include <xen/softirq.h>
#include <xen/wait.h>
diff --git a/xen/include/xen/rcupdate.h b/xen/include/xen/rcupdate.h
index 31c8b86d13..9f6d420898 100644
--- a/xen/include/xen/rcupdate.h
+++ b/xen/include/xen/rcupdate.h
@@ -34,10 +34,40 @@
#include <xen/cache.h>
#include <xen/spinlock.h>
#include <xen/cpumask.h>
-#include <xen/preempt.h>
+#include <xen/percpu.h>
+#include <asm/atomic.h>
#define __rcu
+#ifndef NDEBUG
+DECLARE_PER_CPU(unsigned int, rcu_lock_cnt);
+
+static inline void rcu_quiesce_disable(void)
+{
+ this_cpu(rcu_lock_cnt)++;
+ arch_lock_acquire_barrier();
+}
+
+static inline void rcu_quiesce_enable(void)
+{
+ arch_lock_release_barrier();
+ this_cpu(rcu_lock_cnt)--;
+}
+
+static inline bool rcu_quiesce_allowed(void)
+{
+ return !this_cpu(rcu_lock_cnt);
+}
+
+#else
+static inline void rcu_quiesce_disable(void) { }
+static inline void rcu_quiesce_enable(void) { }
+static inline bool rcu_quiesce_allowed(void)
+{
+ return true;
+}
+#endif
+
/**
* struct rcu_head - callback structure for use with RCU
* @next: next update requests in a list
@@ -91,16 +121,23 @@ typedef struct _rcu_read_lock rcu_read_lock_t;
* will be deferred until the outermost RCU read-side critical section
* completes.
*
- * It is illegal to block while in an RCU read-side critical section.
+ * It is illegal to process softirqs while in an RCU read-side critical section.
*/
-#define rcu_read_lock(x) ({ ((void)(x)); preempt_disable(); })
+static inline void rcu_read_lock(rcu_read_lock_t *lock)
+{
+ rcu_quiesce_disable();
+}
/**
* rcu_read_unlock - marks the end of an RCU read-side critical section.
*
* See rcu_read_lock() for more information.
*/
-#define rcu_read_unlock(x) ({ ((void)(x)); preempt_enable(); })
+static inline void rcu_read_unlock(rcu_read_lock_t *lock)
+{
+ ASSERT(!rcu_quiesce_allowed());
+ rcu_quiesce_enable();
+}
/*
* So where is rcu_write_lock()? It does not exist, as there is no
--
2.16.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2020-03-04 6:32 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-04 6:32 [Xen-devel] [PATCH v3 0/6] xen/rcu: let rcu work better with core scheduling Juergen Gross
2020-03-04 6:32 ` [Xen-devel] [PATCH v3 1/6] xen/rcu: use rcu softirq for forcing quiescent state Juergen Gross
2020-03-04 6:32 ` [Xen-devel] [PATCH v3 2/6] xen/rcu: don't use stop_machine_run() for rcu_barrier() Juergen Gross
2020-03-04 6:32 ` [Xen-devel] [PATCH v3 3/6] xen: add process_pending_softirqs_norcu() for keyhandlers Juergen Gross
2020-03-04 6:32 ` [Xen-devel] [PATCH v3 4/6] xen/rcu: fix rcu_lock_domain() Juergen Gross
2020-03-04 6:32 ` Juergen Gross [this message]
2020-03-04 13:42 ` [Xen-devel] [PATCH v3 5/6] xen/rcu: add assertions to debug build Julien Grall
2020-03-06 14:35 ` Jürgen Groß
2020-03-06 16:08 ` Julien Grall
2020-03-04 6:32 ` [Xen-devel] [PATCH v3 6/6] xen/rcu: add per-lock counter in debug builds Juergen Gross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200304063212.20843-6-jgross@suse.com \
--to=jgross@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.