Re: [PATCH v2 2/4] KVM: introduce "xinterface" API for external interaction with guests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gregory Haskins wrote:
> Gregory Haskins wrote:
>> Avi Kivity wrote:
>>> On 10/06/2009 04:22 PM, Gregory Haskins wrote:
>>>>>>>>> +
>>>>>>>>> +static inline void
>>>>>>>>> +_kvm_xinterface_release(struct kref *kref)
>>>>>>>>> +{
>>>>>>>>> +    struct kvm_xinterface *intf;
>>>>>>>>> +    struct module *owner;
>>>>>>>>> +
>>>>>>>>> +    intf = container_of(kref, struct kvm_xinterface, kref);
>>>>>>>>> +
>>>>>>>>> +    owner = intf->owner;
>>>>>>>>> +    rmb();
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>              
>>>>>>>> Why rmb?
>>>>>>>>
>>>>>>>>            
>>>>>>> the intf->ops->release() line may invalidate the intf pointer, so we
>>>>>>> want to ensure that the read completes before the release() is called.
>>>>>>>
>>>>>>> TBH: I'm not 100% its needed, but I was being conservative.
>>>>>>>
>>>>>>>          
>>>>>> rmb()s are only needed if an external agent can issue writes, otherwise
>>>>>> you'd need one after every statement.
>>>>>>        
>>>>> I was following lessons learned here:
>>>>>
>>>>> http://lkml.org/lkml/2009/7/7/175
>>>>>
>>>>> Perhaps mb() or barrier() are more appropriate than rmb()?  I'm CC'ing
>>>>> David Howells in case he has more insight.
>>>>>      
>>>> BTW: In case it is not clear, the rationale as I understand it is we
>>>> worry about the case where one cpu reorders the read to be after the
>>>> ->release(), and another cpu might grab the memory that was kfree()'d
>>>> within the ->release() and scribble something else on it before the read
>>>> completes.
>>>>
>>>> I know rmb() typically needs to be paired with wmb() to be correct, so
>>>> you are probably right to say that the rmb() itself is not appropriate.
>>>>   This problem in general makes my head hurt, which is why I said I am
>>>> not 100% sure of what is required.  As David mentions, perhaps
>>>> "smp_mb()" is more appropriate for this application.  I also speculate
>>>> barrier() may be all that we need.
>>>>    
>>> barrier() is the operation for a compiler barrier.  But it's unneeded
>>> here - unless the compiler can prove that ->release(intf) will not
>>> modify intf->owner it is not allowed to move the access afterwards.  An
>>> indirect function call is generally a barrier() since the compiler can't
>>> assume memory has not been modified.
>>>
>> You're logic
> 
> gak.  or "your logic" even.
> 
>> seems reasonable to me.  I will defer to David, since he
>> brought up the issue with the similar logic originally.
>>
>> Kind Regards,
>> -Greg
>>
> 
> 

Thinking about this some more over lunch, I think we (Avi and I) might
both be wrong (and David is right).  Avi is right that we don't need
rmb() or barrier() for the reasons already stated, but I think David is
right that we need an smp_mb() to ensure the cpu doesn't do the
reordering.  Otherwise a different cpu could invalidate the memory if it
reuses the freed memory in the meantime, iiuc.  IOW: its not a compiler
issue but a cpu issue.

Or am I still confused?

-Greg

Attachment: signature.asc
Description: OpenPGP digital signature


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux