[PATCH RFC v2 riscv/for-next 0/5] Enable ftrace with kernel preemption for RISC-V
Andy Chiu
andy.chiu at sifive.com
Tue Sep 13 02:42:47 PDT 2022
This patch removes dependency of dynamic ftrace from calling
stop_machine(), and makes it compatiable with kernel preemption.
Originally, we ran into stack corruptions, or execution of partially
updated instructions when starting or stopping ftrace on a fully
preemptible kernel configuration. The reason is that kernel periodically
calls rcu_momentary_dyntick_idle() on cores waiting for the code-patching
core running in ftrace. Though rcu_momentary_dyntick_idle() itself is
marked as notrace, it would call a bunch of tracable functions if we
configured the kernel as preemptible. For example, these are some functions
that happened to have a symbol and have not been marked as notrace on a
RISC-V preemptible kernel compiled with GCC-11:
- __rcu_report_exp_rnp()
- rcu_report_exp_cpu_mult()
- rcu_preempt_deferred_qs()
- rcu_preempt_need_deferred_qs()
- rcu_preempt_deferred_qs_irqrestore()
Thus, this make it not ideal for us to rely on stop_machine() and
handly marked "notrace"s to perform runtime code patching. To remove
such dependency, we must make updates of code seemed atomic on running
cores. This might not be obvious for RISC-V since it usaually uses a pair
of AUIPC + JALR to perform a long jump, which cannot be modified and
executed concurrently if we consider preemptions. As such, this patch
proposed a way to make it possible. It embeds a 32-bit rel-address data
into instructions of each ftrace prologue and jumps indirectly. In this
way, we could store and load the address atomically so that the code
patching core could run simutaneously with the rest of running cores.
After applying the patchset, we compiled a preemptible kernel with all
tracers and ftrace-selftest enabled, and booted it on a 2-core QEMU virt
machine. The kernel could boot up successfully, passing all ftrace
testsuits. Besides, we ran a script that randomly pick a tracer on every
0~5 seconds. The kernel has sustained over 20K rounds of the test. In
contrast, a preemptible kernel without our patch would panic in few
rounds on the same machine.
Though we ran into errors when using hwlat or irqsoff tracers together
with cpu-online stressor from stress-ng on a preemptible kernel. We
believe the reason may be that percpu workers of the tracers are being
queued into unbounded workqueue when cpu get offlined and patches will go
through tracing tree.
Additionally, we found patching of tracepoints unsafe since the
instructions being patched are not naturally aligned. This may result in
2 half-word stores, which breaks atomicity, during the code patching.
changes in patch v2:
- Enforce alignments on all functions with a compiler workaround.
- Support 64bit addressing for ftrace targets if xlen == 64
- Initialize ftrace target addresses to avoid calling bad address in a
hypothesized case.
- Use LGPTR instead of SZPTR since .align is log-scaled for
mcount-dyn.S
- Require the nop instruction of all jump_labels aligns naturally on
4B.
Andy Chiu (5):
riscv: align ftrace to 4 Byte boundary and increase ftrace prologue
size
riscv: export patch_insn_write
riscv: ftrace: use indirect jump to work with kernel preemption
riscv: ftrace: do not use stop_machine to update code
riscv: align arch_static_branch function
arch/riscv/Makefile | 2 +-
arch/riscv/include/asm/ftrace.h | 24 ----
arch/riscv/include/asm/jump_label.h | 2 +
arch/riscv/include/asm/patch.h | 1 +
arch/riscv/kernel/ftrace.c | 179 ++++++++++++++++++++--------
arch/riscv/kernel/mcount-dyn.S | 69 ++++++++---
arch/riscv/kernel/patch.c | 4 +-
7 files changed, 188 insertions(+), 93 deletions(-)
--
2.36.0
More information about the linux-riscv
mailing list