Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp363438ybk; Wed, 20 May 2020 01:24:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJznMjlxk8Nd0lHetHDwRYGmy4kOUP4F7SsN7mxFUNUwKfVySWAOnLa9czqFJj/yHNP/SDMw X-Received: by 2002:a17:906:2e4a:: with SMTP id r10mr3010069eji.116.1589963067431; Wed, 20 May 2020 01:24:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589963067; cv=none; d=google.com; s=arc-20160816; b=eGnNaxyeJgQ2iI6c/vUwn9LJ5fcMAgt1vh8BWPIGMSCDU/f2xn8yxlbCRKZNApqZV/ b6+Ppkffmz/97QfGyto8qQ4IDbQl+ZUF32G6mHStP66uys5pQMv6VABsHaDnRMp6e1xW sX+QJNC1tYvtggVd6U+HKWLXfeAyApA140se6+Fcv+PNMhlGXw08QqlCYudL2/F5JKZP d+rAjRLAePbJfgVZx0Uj1ph+H20kfvphQqGIjmyQwyd7+2QvB2Tos2RRkTPhEZBSJV2W rzQay0zl2+UKTGX3E5pttyxAZEHyuJM9qEiZtbeaZkxioCqr7O15+0CTIMkZ1lF7Jya7 625Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=X96Uw2L+REBtZsBYuhXcIA170g1njmPsYoLuNgo9Yr0=; b=TIjgnnakFyPj9wYY+5pE9mUIB5the4WZOgM5zmFXcts28EyDzwSLQfpFv4vgmek5o8 Oe6/YfFb4RDe+4F/l3/Q+u7CmPhm9JkXFFipPGRlfGEbWonwljWDOlu7sdHMtM0xvZLT MzizyfcfCVfj2B7eDD12pLYcjDPnxQNkPtvZBItns6s0x9SAI7ZVzn4igd/sRvlnspId w4GQEwV2Wlffm70r7EXpJKvzurJ596EcDs22+wKXMoTKyCJwoUJbMkF6TDh7ol7+x46M WmH0nO5Xs0lw8qe4Q1G+qKvmrrQ94z24mJdJdNzepTzjqQHU9u3pf30mXKV8evVVw7mW ezPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yandex-team.ru header.s=default header.b=QzeIZdQr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=yandex-team.ru Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b17si1316516ejd.452.2020.05.20.01.24.04; Wed, 20 May 2020 01:24:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@yandex-team.ru header.s=default header.b=QzeIZdQr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=yandex-team.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726576AbgETIWO (ORCPT + 99 others); Wed, 20 May 2020 04:22:14 -0400 Received: from forwardcorp1o.mail.yandex.net ([95.108.205.193]:46074 "EHLO forwardcorp1o.mail.yandex.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726425AbgETIWN (ORCPT ); Wed, 20 May 2020 04:22:13 -0400 Received: from mxbackcorp1j.mail.yandex.net (mxbackcorp1j.mail.yandex.net [IPv6:2a02:6b8:0:1619::162]) by forwardcorp1o.mail.yandex.net (Yandex) with ESMTP id 36B272E15D2; Wed, 20 May 2020 11:22:10 +0300 (MSK) Received: from vla5-58875c36c028.qloud-c.yandex.net (vla5-58875c36c028.qloud-c.yandex.net [2a02:6b8:c18:340b:0:640:5887:5c36]) by mxbackcorp1j.mail.yandex.net (mxbackcorp/Yandex) with ESMTP id qWncYU4vfQ-M8TSm8Ge; Wed, 20 May 2020 11:22:10 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1589962930; bh=X96Uw2L+REBtZsBYuhXcIA170g1njmPsYoLuNgo9Yr0=; h=In-Reply-To:Message-ID:From:Date:References:To:Subject:Cc; b=QzeIZdQrC/aKYzxPtZYUcPnkBfxq8OMpr6nOxCVO28jq8kqmp/8D/mL+OFRGfhVQ6 x0TGummHXjAQMPenYTs0qb9++h2MDWfh6Ruh9h1tJ04miiw1TvzYG4nWoO86aNvm49 ZqdT9s/RimBRZhSKVEBzoja6HMDA2++ScM42ITJ4= Authentication-Results: mxbackcorp1j.mail.yandex.net; dkim=pass header.i=@yandex-team.ru Received: from dynamic-vpn.dhcp.yndx.net (dynamic-vpn.dhcp.yndx.net [2a02:6b8:b081:704::1:9]) by vla5-58875c36c028.qloud-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id gJswpWQIQn-M8Xe24Cd; Wed, 20 May 2020 11:22:08 +0300 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client certificate not present) Subject: Re: [PATCH] futex: send SIGBUS if argument is not aligned on a four-byte boundary To: Thomas Gleixner , linux-kernel@vger.kernel.org, Ingo Molnar , Peter Zijlstra , Darren Hart Cc: Maxim Samoylov , Linus Torvalds , linux-api@vger.kernel.org References: <158955700764.647498.18025770126733698386.stgit@buzz> <87sgfv5yfv.fsf@nanos.tec.linutronix.de> From: Konstantin Khlebnikov Message-ID: <1fac8d40-fb00-f09f-8b13-2348d0cd74a2@yandex-team.ru> Date: Wed, 20 May 2020 11:22:08 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <87sgfv5yfv.fsf@nanos.tec.linutronix.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-CA Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 20/05/2020 01.53, Thomas Gleixner wrote: > Konstantin Khlebnikov writes: > >> Userspace implementations of mutexes (including glibc) in some cases >> retries operation without checking error code from syscall futex. >> This is good for performance because most errors are impossible when >> locking code trusts itself. > > This argument is blantantly wrong. It's the justification for bad > programming. Code ignoring error returns is simply buggy. I knew you'll love it. =) > >> Some errors which could came from outer code are handled automatically, >> for example invalid address triggers SIGSEGV on atomic fast path. >> >> But one case turns into nasty busy-loop: when address is unaligned. >> futex(FUTEX_WAIT) returns EINVAL immediately and loop goes to retry. > > Why is that something the kernel has to care about? The kernel returns > EINVAl as documented and when user space decides to ignore then it goes > to retry for a full timeslice for nothing. > > You have to come up with a better argument why we want to send a signal > here. > > Along with an argument why SIGBUS is the right thing when a user space > fast path violation results in a SIGSEGV as you stated above. SIGSEGV comes only if address points to unmapped area. This case doesn't need special care unlike to misaligned address. > > Plus a patch which documents this change in the futex man page. Yep, will do. > >> Example which loops inside second call rather than hung peacefully: >> >> #include >> #include >> >> int main(int argc, char **argv) >> { >> char buf[sizeof(pthread_mutex_t) + 1]; >> pthread_mutex_t *mutex = (pthread_mutex_t *)(buf + 1); >> >> pthread_mutex_init(mutex, NULL); >> pthread_mutex_lock(mutex); >> pthread_mutex_lock(mutex); >> } > > And this broken code is a kernel problem because? That's just distilled example how pthread primitives works when application passes misaligned pointer. > >> It seems there is no practical usage for calling syscall futex for >> unaligned address. This may be only bug in user space. Let's help and >> handle this gracefully without adding extra code on fast path. > > How does that help? > > Are you going to stick SIGBUS in _ALL_ syscalls which might be retried > in a loop just because user space fails to evaluate the error code > properly? > > You have to come up with a better argument to justify this change. This particular case is important because buggy code is in glibc. Definitely most frequently used library ever. Musl is buggy too. Bug is here for ages and it took another decade to spread update. In modern containerized setup kernel updates much more frequently. All this hides bugs: application might recover from loop if another thread unlock mutex from atomic fast path. But mutex works as spin-lock wasting cpu time. So, these few lines of code might prevent significant CO2 emission =) > >> This patch sends SIGBUS signal to slay task and break busy-loop. > > I'm pretty sure that I asked you to read and follow documentation > before. If I did not: > > git grep 'This patch' Documentation/process/ Force of habit. =/ Definitely should be in checkpatch.pl > > Thanks, > > tglx