| Message ID | 20240327152229.25847-8-jgross@suse.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | xen/spinlock: make recursive spinlocks a dedicated type | expand |
On 27.03.2024 16:22, Juergen Gross wrote: > @@ -36,14 +36,21 @@ void queue_write_lock_slowpath(rwlock_t *lock); > > static inline bool _is_write_locked_by_me(unsigned int cnts) > { > - BUILD_BUG_ON(_QW_CPUMASK < NR_CPUS); > + BUILD_BUG_ON((_QW_CPUMASK + 1) < NR_CPUS); > + BUILD_BUG_ON(NR_CPUS * _QR_BIAS > INT_MAX); > return (cnts & _QW_WMASK) == _QW_LOCKED && > (cnts & _QW_CPUMASK) == smp_processor_id(); > } > > static inline bool _can_read_lock(unsigned int cnts) > { > - return !(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts); > + /* > + * If write locked by the caller, no other readers are possible. > + * Not allowing the lock holder to read_lock() another 32768 times ought > + * to be fine. > + */ > + return cnts <= INT_MAX && > + (!(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts)); > } What is the 32768 in the comment relating to? INT_MAX is quite a bit higher, yet the comparison against it is the only thing you add. Whereas the reader count is, with the sign bit unused, 17 bits, though (bits 14..30). I think even in such a comment rather than using a literal number the corresponding expression would better be stated. Jan
On 02.04.24 16:52, Jan Beulich wrote: > On 27.03.2024 16:22, Juergen Gross wrote: >> @@ -36,14 +36,21 @@ void queue_write_lock_slowpath(rwlock_t *lock); >> >> static inline bool _is_write_locked_by_me(unsigned int cnts) >> { >> - BUILD_BUG_ON(_QW_CPUMASK < NR_CPUS); >> + BUILD_BUG_ON((_QW_CPUMASK + 1) < NR_CPUS); >> + BUILD_BUG_ON(NR_CPUS * _QR_BIAS > INT_MAX); >> return (cnts & _QW_WMASK) == _QW_LOCKED && >> (cnts & _QW_CPUMASK) == smp_processor_id(); >> } >> >> static inline bool _can_read_lock(unsigned int cnts) >> { >> - return !(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts); >> + /* >> + * If write locked by the caller, no other readers are possible. >> + * Not allowing the lock holder to read_lock() another 32768 times ought >> + * to be fine. >> + */ >> + return cnts <= INT_MAX && >> + (!(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts)); >> } > > What is the 32768 in the comment relating to? INT_MAX is quite a bit higher, > yet the comparison against it is the only thing you add. Whereas the reader > count is, with the sign bit unused, 17 bits, though (bits 14..30). I think You missed: #define _QR_SHIFT (_QW_SHIFT + 2) /* Reader count shift */ So the reader's shift is 16, resulting in 15 bits for the reader count. > even in such a comment rather than using a literal number the corresponding > expression would better be stated. Hmm, you mean replacing the 32768 with INT_MAX >> _QR_SHIFT? This would be fine with me. Juergen
On 02.04.2024 17:29, Jürgen Groß wrote: > On 02.04.24 16:52, Jan Beulich wrote: >> On 27.03.2024 16:22, Juergen Gross wrote: >>> @@ -36,14 +36,21 @@ void queue_write_lock_slowpath(rwlock_t *lock); >>> >>> static inline bool _is_write_locked_by_me(unsigned int cnts) >>> { >>> - BUILD_BUG_ON(_QW_CPUMASK < NR_CPUS); >>> + BUILD_BUG_ON((_QW_CPUMASK + 1) < NR_CPUS); >>> + BUILD_BUG_ON(NR_CPUS * _QR_BIAS > INT_MAX); >>> return (cnts & _QW_WMASK) == _QW_LOCKED && >>> (cnts & _QW_CPUMASK) == smp_processor_id(); >>> } >>> >>> static inline bool _can_read_lock(unsigned int cnts) >>> { >>> - return !(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts); >>> + /* >>> + * If write locked by the caller, no other readers are possible. >>> + * Not allowing the lock holder to read_lock() another 32768 times ought >>> + * to be fine. >>> + */ >>> + return cnts <= INT_MAX && >>> + (!(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts)); >>> } >> >> What is the 32768 in the comment relating to? INT_MAX is quite a bit higher, >> yet the comparison against it is the only thing you add. Whereas the reader >> count is, with the sign bit unused, 17 bits, though (bits 14..30). I think > > You missed: > > #define _QR_SHIFT (_QW_SHIFT + 2) /* Reader count shift */ Oops. No I idea how I managed to skip this, when something like this was exactly what I was expecting to find. > So the reader's shift is 16, resulting in 15 bits for the reader count. > >> even in such a comment rather than using a literal number the corresponding >> expression would better be stated. > > Hmm, you mean replacing the 32768 with INT_MAX >> _QR_SHIFT? This would be > fine with me. Happy to do so while committing, provided earlier patches get unblocked first: Reviewed-by: Jan Beulich <jbeulich@suse.com> Jan
diff --git a/xen/include/xen/rwlock.h b/xen/include/xen/rwlock.h index 65d88b0ef4..232782801d 100644 --- a/xen/include/xen/rwlock.h +++ b/xen/include/xen/rwlock.h @@ -23,12 +23,12 @@ typedef struct { #define rwlock_init(l) (*(l) = (rwlock_t)RW_LOCK_UNLOCKED) /* Writer states & reader shift and bias. */ -#define _QW_CPUMASK 0xfffU /* Writer CPU mask */ -#define _QW_SHIFT 12 /* Writer flags shift */ -#define _QW_WAITING (1U << _QW_SHIFT) /* A writer is waiting */ -#define _QW_LOCKED (3U << _QW_SHIFT) /* A writer holds the lock */ -#define _QW_WMASK (3U << _QW_SHIFT) /* Writer mask */ -#define _QR_SHIFT 14 /* Reader count shift */ +#define _QW_SHIFT 14 /* Writer flags shift */ +#define _QW_CPUMASK ((1U << _QW_SHIFT) - 1) /* Writer CPU mask */ +#define _QW_WAITING (1U << _QW_SHIFT) /* A writer is waiting */ +#define _QW_LOCKED (3U << _QW_SHIFT) /* A writer holds the lock */ +#define _QW_WMASK (3U << _QW_SHIFT) /* Writer mask */ +#define _QR_SHIFT (_QW_SHIFT + 2) /* Reader count shift */ #define _QR_BIAS (1U << _QR_SHIFT) void queue_read_lock_slowpath(rwlock_t *lock); @@ -36,14 +36,21 @@ void queue_write_lock_slowpath(rwlock_t *lock); static inline bool _is_write_locked_by_me(unsigned int cnts) { - BUILD_BUG_ON(_QW_CPUMASK < NR_CPUS); + BUILD_BUG_ON((_QW_CPUMASK + 1) < NR_CPUS); + BUILD_BUG_ON(NR_CPUS * _QR_BIAS > INT_MAX); return (cnts & _QW_WMASK) == _QW_LOCKED && (cnts & _QW_CPUMASK) == smp_processor_id(); } static inline bool _can_read_lock(unsigned int cnts) { - return !(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts); + /* + * If write locked by the caller, no other readers are possible. + * Not allowing the lock holder to read_lock() another 32768 times ought + * to be fine. + */ + return cnts <= INT_MAX && + (!(cnts & _QW_WMASK) || _is_write_locked_by_me(cnts)); } /*
The rwlock handling is limiting the number of cpus to 4095 today. The main reason is the use of the atomic_t data type for the main lock handling, which needs 2 bits for the locking state (writer waiting or write locked), 12 bits for the id of a possible writer, and a 12 bit counter for readers. The limit isn't 4096 due to an off by one sanity check. The atomic_t data type is 32 bits wide, so in theory 15 bits for the writer's cpu id and 15 bits for the reader count seem to be fine, but via read_trylock() more readers than cpus are possible. This means that it is possible to raise the number of cpus to 16384 without changing the rwlock_t data structure. In order to avoid the reader count wrapping to zero, don't let read_trylock() succeed in case the highest bit of the reader's count is set already. This leaves enough headroom for non-recursive readers to enter without risking a wrap. While at it calculate _QW_CPUMASK and _QR_SHIFT from _QW_SHIFT and add a sanity check for not overflowing the atomic_t data type. Signed-off-by: Juergen Gross <jgross@suse.com> --- V5: - new patch V6: - add comment to _can_read_lock() (Jan Beulich) --- xen/include/xen/rwlock.h | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-)