Re: [patch V6 12/37] x86/entry: Provide idtentry_entry/exit_cond_rcu()
From: Andy Lutomirski
Date: Tue May 19 2020 - 20:27:14 EST
On Tue, May 19, 2020 at 2:20 PM Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
>
> Andy Lutomirski <luto@xxxxxxxxxx> writes:
> > On Tue, May 19, 2020 at 1:20 PM Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> >> Thomas Gleixner <tglx@xxxxxxxxxxxxx> writes:
> >> It's about this:
> >>
> >> rcu_nmi_enter()
> >> {
> >> if (!rcu_is_watching()) {
> >> make it watch;
> >> } else if (!in_nmi()) {
> >> do_magic_nohz_dyntick_muck();
> >> }
> >>
> >> So if we do all irq/system vector entries conditional then the
> >> do_magic() gets never executed. After that I got lost...
> >
> > I'm also baffled by that magic, but I'm also not suggesting doing this
> > to *all* entries -- just the not-super-magic ones that use
> > idtentry_enter().
> >
> > Paul, what is this code actually trying to do?
>
> Citing Paul from IRC:
>
> "The way things are right now, you can leave out the rcu_irq_enter()
> if this is not a nohz_full CPU.
>
> Or if this is a nohz_full CPU, and the tick is already
> enabled, in that case you could also leave out the rcu_irq_enter().
>
> Or even if this is a nohz_full CPU and it does not have the tick
> enabled, if it has been in the kernel less than a few tens of
> milliseconds, still OK to avoid invoking rcu_irq_enter()
>
> But my guess is that it would be a lot simpler to just always call
> it.
>
> Hope that helps.
Maybe?
Unless I've missed something, the effect here is that #PF hitting in
an RCU-watching context will skip rcu_irq_enter(), whereas all IRQs
(because you converted them) as well as other faults and traps will
call rcu_irq_enter().
Once upon a time, we did this horrible thing where, on entry from user
mode, we would turn on interrupts while still in CONTEXT_USER, which
means we could get an IRQ in an extended quiescent state. This means
that the IRQ code had to end the EQS so that IRQ handlers could use
RCU. But I killed this a few years ago -- x86 Linux now has a rule
that, if IF=1, we are *not* in an EQS with the sole exception of the
idle code.
In my dream world, we would never ever get IRQs while in an EQS -- we
would do MWAIT with IF=0 and we would exit the EQS before taking the
interrupt. But I guess we still need to support HLT, which means we
have this mess.
But I still think we can plausibly get rid of the conditional. If we
get an IRQ or (egads!) a fault in idle context, we'll have
!__rcu_is_watching(), but, AFAICT, we also have preemption off. So it
should be okay to do rcu_irq_enter(). OTOH, if we get an IRQ or a
fault anywhere else, then we either have a severe bug in the RCU code
itself and the RCU code faulted (in which case we get what we deserve)
or RCU is watching and all is well. This means that the rule will be
that, if preemption is on, it's fine to schedule inside an
idtentry_begin()/idtentry_end() pair.
The remaining bit is just the urgent thing, and I don't understand
what's going on. Paul, could we split out the urgent logic all by
itself so that the IRQ handlers could do rcu_poke_urgent()? Or am I
entirely misunderstanding its purpose?