From patchwork Tue Mar 10 07:28:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?SsO8cmdlbiBHcm/Dnw==?= X-Patchwork-Id: 11428599 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5753114E3 for ; Tue, 10 Mar 2020 07:30:32 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 3C79A24655 for ; Tue, 10 Mar 2020 07:30:32 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3C79A24655 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1jBZKG-0001dl-Mk; Tue, 10 Mar 2020 07:29:16 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1jBZKF-0001dA-Pp for xen-devel@lists.xenproject.org; Tue, 10 Mar 2020 07:29:15 +0000 X-Inumbo-ID: cfbf8984-62a0-11ea-ad1e-12813bfff9fa Received: from mx2.suse.de (unknown [195.135.220.15]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id cfbf8984-62a0-11ea-ad1e-12813bfff9fa; Tue, 10 Mar 2020 07:29:01 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 43CC0AE34; Tue, 10 Mar 2020 07:28:59 +0000 (UTC) From: Juergen Gross To: xen-devel@lists.xenproject.org Date: Tue, 10 Mar 2020 08:28:52 +0100 Message-Id: <20200310072853.27567-6-jgross@suse.com> X-Mailer: git-send-email 2.16.4 In-Reply-To: <20200310072853.27567-1-jgross@suse.com> References: <20200310072853.27567-1-jgross@suse.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v4 5/6] xen/rcu: add assertions to debug build X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Julien Grall , Wei Liu , Andrew Cooper , Ian Jackson , George Dunlap , Jan Beulich Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Xen's RCU implementation relies on no softirq handling taking place while being in a RCU critical section. Add ASSERT()s in debug builds in order to catch any violations. For that purpose modify rcu_read_[un]lock() to use a dedicated percpu counter instead of preempt_[en|dis]able() as this enables to test that condition in __do_softirq() (ASSERT_NOT_IN_ATOMIC() is not usable there due to __cpu_up() calling process_pending_softirqs() while holding the cpu hotplug lock). Dropping the now no longer needed #include of preempt.h in rcupdate.h requires adding it in some sources. While at it switch the rcu_read_[un]lock() implementation to static inline functions instead of macros. Signed-off-by: Juergen Gross --- V3: - add barriers to rcu_[en|dis]able() (Roger Pau Monné) - add rcu_quiesce_allowed() to ASSERT_NOT_IN_ATOMIC (Roger Pau Monné) - convert macros to static inline functions - add sanity check in rcu_read_unlock() V4: - use barrier() in rcu_[en|dis]able() (Julien Grall) --- xen/common/multicall.c | 1 + xen/common/preempt.c | 5 ++++- xen/common/rcupdate.c | 4 ++++ xen/common/softirq.c | 2 ++ xen/common/wait.c | 1 + xen/include/xen/rcupdate.h | 45 +++++++++++++++++++++++++++++++++++++++++---- 6 files changed, 53 insertions(+), 5 deletions(-) diff --git a/xen/common/multicall.c b/xen/common/multicall.c index 5a199ebf8f..67f1a23485 100644 --- a/xen/common/multicall.c +++ b/xen/common/multicall.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include diff --git a/xen/common/preempt.c b/xen/common/preempt.c index 3b4178fd44..8a351e644b 100644 --- a/xen/common/preempt.c +++ b/xen/common/preempt.c @@ -21,13 +21,15 @@ #include #include +#include #include DEFINE_PER_CPU(unsigned int, __preempt_count); bool_t in_atomic(void) { - return preempt_count() || in_irq() || !local_irq_is_enabled(); + return preempt_count() || in_irq() || !local_irq_is_enabled() || + !rcu_quiesce_allowed(); } #ifndef NDEBUG @@ -36,5 +38,6 @@ void ASSERT_NOT_IN_ATOMIC(void) ASSERT(!preempt_count()); ASSERT(!in_irq()); ASSERT(local_irq_is_enabled()); + ASSERT(rcu_quiesce_allowed()); } #endif diff --git a/xen/common/rcupdate.c b/xen/common/rcupdate.c index 27d597bbeb..d1cc2f0a98 100644 --- a/xen/common/rcupdate.c +++ b/xen/common/rcupdate.c @@ -46,6 +46,10 @@ #include #include +#ifndef NDEBUG +DEFINE_PER_CPU(unsigned int, rcu_lock_cnt); +#endif + /* Global control variables for rcupdate callback mechanism. */ static struct rcu_ctrlblk { long cur; /* Current batch number. */ diff --git a/xen/common/softirq.c b/xen/common/softirq.c index 30beb27ae9..fd90b8511d 100644 --- a/xen/common/softirq.c +++ b/xen/common/softirq.c @@ -30,6 +30,8 @@ static void __do_softirq(unsigned long ignore_mask, bool rcu_allowed) unsigned int i, cpu; unsigned long pending; + ASSERT(!rcu_allowed || rcu_quiesce_allowed()); + for ( ; ; ) { /* diff --git a/xen/common/wait.c b/xen/common/wait.c index 24716e7676..9cdb174036 100644 --- a/xen/common/wait.c +++ b/xen/common/wait.c @@ -19,6 +19,7 @@ * along with this program; If not, see . */ +#include #include #include #include diff --git a/xen/include/xen/rcupdate.h b/xen/include/xen/rcupdate.h index 31c8b86d13..0f32b3c7d8 100644 --- a/xen/include/xen/rcupdate.h +++ b/xen/include/xen/rcupdate.h @@ -32,12 +32,42 @@ #define __XEN_RCUPDATE_H #include +#include #include #include -#include +#include #define __rcu +#ifndef NDEBUG +DECLARE_PER_CPU(unsigned int, rcu_lock_cnt); + +static inline void rcu_quiesce_disable(void) +{ + this_cpu(rcu_lock_cnt)++; + barrier(); +} + +static inline void rcu_quiesce_enable(void) +{ + barrier(); + this_cpu(rcu_lock_cnt)--; +} + +static inline bool rcu_quiesce_allowed(void) +{ + return !this_cpu(rcu_lock_cnt); +} + +#else +static inline void rcu_quiesce_disable(void) { } +static inline void rcu_quiesce_enable(void) { } +static inline bool rcu_quiesce_allowed(void) +{ + return true; +} +#endif + /** * struct rcu_head - callback structure for use with RCU * @next: next update requests in a list @@ -91,16 +121,23 @@ typedef struct _rcu_read_lock rcu_read_lock_t; * will be deferred until the outermost RCU read-side critical section * completes. * - * It is illegal to block while in an RCU read-side critical section. + * It is illegal to process softirqs while in an RCU read-side critical section. */ -#define rcu_read_lock(x) ({ ((void)(x)); preempt_disable(); }) +static inline void rcu_read_lock(rcu_read_lock_t *lock) +{ + rcu_quiesce_disable(); +} /** * rcu_read_unlock - marks the end of an RCU read-side critical section. * * See rcu_read_lock() for more information. */ -#define rcu_read_unlock(x) ({ ((void)(x)); preempt_enable(); }) +static inline void rcu_read_unlock(rcu_read_lock_t *lock) +{ + ASSERT(!rcu_quiesce_allowed()); + rcu_quiesce_enable(); +} /* * So where is rcu_write_lock()? It does not exist, as there is no