From nobody Wed Jul 24 20:20:23 2024 X-Original-To: freebsd-arm@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WTlkr5fKfz5Qt23 for ; Wed, 24 Jul 2024 20:20:36 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WTlkr3lcVz4Z1n for ; Wed, 24 Jul 2024 20:20:36 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-pj1-x1034.google.com with SMTP id 98e67ed59e1d1-2cb57e25387so186927a91.3 for ; Wed, 24 Jul 2024 13:20:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20230601.gappssmtp.com; s=20230601; t=1721852435; x=1722457235; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=EBS/A41SY9zh6PTQAtretONmuyLFnn98ICkaFnngjLs=; b=TcnpMUUy4ZI/ryip3m3cPz8Rzbw/eFKeR76c6XTbiX1cXmvbYV4xnglZFhOqv4Gh/2 nribLztb4NnMUKMiHG6CTB0uyl+eGVNnmDdg8xK1q/bh1WgXKWs2p9HUOWRorzvt3SXP OfI8ezcqY1M3sPMp1kJ5L66sFqjLNZlwQVKT6PCZqDlj4uasmIU+8ChtJ3LazEIxW9FI 5lIl5mIfvikQDXkZUytVVpia7WTLlUQ6yhb5sW0KPcuGiI5wSSoNrNag/rfu71jxWstj 5suheIc81DXiXjZGQ6rbINDUtmHsX6xoYz/ACnptLVTelrAcXQlWdMbEEOltAxO4M8rO Wyqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721852435; x=1722457235; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EBS/A41SY9zh6PTQAtretONmuyLFnn98ICkaFnngjLs=; b=rpsW4oGk/0kYMwJd0hE5/hqjQm3P77eCKqvC5PTVJfbcYZJDwU+62HMeKnJ8dSB/9d WIcZFDkGrITvrVVrrFIOIPlzWqgaZ0Y30R8/EKLsPlBcXxK+MnpXgCy3FHdUrHN3EDEy weA34bSLUx/g4zSL/pRwdmaZKQedq1DJTiPaEd4KGYfVlz0TQeJebzIK/uTyd09Fsdnq 6m+aQZbk4EHlPFAr5kpGSDv9jjXLfV4LewlpS5e7Rzk/8Eb3BTOZeUe//aKRkepT9LWa KrGIg79ZVB+ah2oqQcX+LvkoXKtoS0utq1GYGvH6hboxtvQoqZO2FylJl92MHyHFsmWI eyvw== X-Forwarded-Encrypted: i=1; AJvYcCUfIZMwhCHgWv39WfnwCGtQpE0mXz2FaaPgDNn0JhNzRBbExPKV9HPWMYt5P4A1Sf8uLYdKz4UIzUFdbGgbFC92gHkEIZqm2g== X-Gm-Message-State: AOJu0YyumFL3R/BZsdrqepvrkkqmmViqqrlcOocsZkLuu++GPMsOT97U zL7CrEi6JjvaI8HMrTqBIb24II4HGGc5nsOT6RuVWs4zmo1pGdPLKppJw9U77xuSaRMY77RGawC KI0ermVzg/T0p5qL3YLCM6zllqH0awB/CaDT+0Q== X-Google-Smtp-Source: AGHT+IEl5v2t0eZJ9owPr6J7pDMgStX6Y/20WMICSexGY1dNbFA/GiBHFoplOUoPszsxW+hfLDq9OVmrHdG42ghMoyA= X-Received: by 2002:a17:90a:7187:b0:2ca:8b71:21f4 with SMTP id 98e67ed59e1d1-2cf237dac2cmr830264a91.18.1721852434748; Wed, 24 Jul 2024 13:20:34 -0700 (PDT) List-Id: Porting FreeBSD to ARM processors List-Archive: https://lists.freebsd.org/archives/freebsd-arm List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arm@FreeBSD.org MIME-Version: 1.0 References: <33251aa3-681f-4d17-afe9-953490afeaf0@gmail.com> <0DD19771-3AAB-469E-981B-1203F1C28233@yahoo.com> <6a969609-fa0e-419d-83d5-e4fcf0f6ec35@freebsd.org> <28484869-05fd-4391-9501-10b93280f7a4@freebsd.org> In-Reply-To: <28484869-05fd-4391-9501-10b93280f7a4@freebsd.org> From: Warner Losh Date: Wed, 24 Jul 2024 14:20:23 -0600 Message-ID: Subject: Re: armv7-on-aarch64 stuck at urdlck To: mmel@freebsd.org Cc: Konstantin Belousov , John F Carr , Mark Millard , FreeBSD Current , "freebsd-arm@freebsd.org" Content-Type: multipart/alternative; boundary="000000000000bab606061e040273" X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4WTlkr3lcVz4Z1n --000000000000bab606061e040273 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Jul 24, 2024 at 11:34=E2=80=AFAM mmel@freebsd.org wrote: > > > On 24.07.2024 17:47, Konstantin Belousov wrote: > > On Wed, Jul 24, 2024 at 01:07:39PM +0000, John F Carr wrote: > >> > >> > >>> On Jul 24, 2024, at 06:50, Konstantin Belousov > wrote: > >>> > >>> On Wed, Jul 24, 2024 at 12:34:57PM +0200, mmel@freebsd.org wrote: > >>>> > >>>> > >>>> On 24.07.2024 12:24, Konstantin Belousov wrote: > >>>>> On Tue, Jul 23, 2024 at 08:11:13PM +0000, John F Carr wrote: > >>>>>> On Jul 23, 2024, at 13:46, Michal Meloun > wrote: > >>>>>>> > >>>>>>> On 23.07.2024 11:36, Konstantin Belousov wrote: > >>>>>>>> On Tue, Jul 23, 2024 at 09:53:41AM +0200, Michal Meloun wrote: > >>>>>>>>> The good news is that I'm finally able to generate a > working/locking > >>>>>>>>> test case. The culprit (at least for me) is if "-mcpu" is used > when > >>>>>>>>> compiling libthr (e.g. indirectly injected via CPUTYPE in > /etc/make.conf). > >>>>>>>>> If it is not used, libthr is broken (regardless of -O level or > debug/normal > >>>>>>>>> build), but -mcpu=3Dcortex-a15 will always produce a working > libthr. > >>>>>>>> I think this is very significant progress. > >>>>>>>> Do you plan to drill down more to see what is going on? > >>>>>>> > >>>>>>> So the problem is now clear, and I fear it may apply to other > architectures as well. > >>>>>>> dlopen_object() (from rtld_elf), > >>>>>>> https://cgit.freebsd.org/src/tree/libexec/rtld-elf/rtld.c#n3766, > >>>>>>> holds the rtld_bind_lock write lock for almost the entire time a > new library is loaded. > >>>>>>> If the code uses a yet unresolved symbol to load the library, the > rtl_bind() function attempts to get read lock of rtld_bind_lock and a > deadlock occurs. > >>>>>>> > >>>>>>> In this case, it round_up() in _thr_stack_fix_protection, > >>>>>>> > https://cgit.freebsd.org/src/tree/lib/libthr/thread/thr_stack.c#n136. > >>>>>>> Issued by __aeabi_uidiv (since not all armv7 processors support H= W > divide). > >>>>>>> > >>>>>>> Unfortunately, I'm not sure how to fix it. The compiler can emit > __aeabi_<> in any place, and I'm not sure if it can resolve all the symbo= ls > used by rtld_eld and libthr beforehand. > >>>>>>> > >>>>>>> > >>>>>>> Michal > >>>>>>> > >>>>>> > >>>>>> In this case (but not for all _aeabi_ functions) we can avoid > division > >>>>>> as long as page size is a power of 2. > >>>>>> > >>>>>> The function is > >>>>>> > >>>>>> static inline size_t > >>>>>> round_up(size_t size) > >>>>>> { > >>>>>> if (size % _thr_page_size !=3D 0) > >>>>>> size =3D ((size / _thr_page_size) + 1) * > >>>>>> _thr_page_size; > >>>>>> return size; > >>>>>> } > >>>>>> > >>>>>> The body can be condensed to > >>>>>> > >>>>>> return (size + _thr_page_size - 1) & ~(_thr_page_size - 1); > >>>>>> > >>>>>> This is shorter in both lines of code and instruction bytes. > >>>>> > >>>>> Lets not allow this to be lost. Could anybody confirm that the pat= ch > >>>>> below fixes the issue? > >>>>> > >>>>> commit d560f4f6690a48476565278fd07ca131bf4eeb3c > >>>>> Author: Konstantin Belousov > >>>>> Date: Wed Jul 24 13:17:55 2024 +0300 > >>>>> > >>>>> rtld: avoid division in __thr_map_stacks_exec() > >>>>> The function is called by rtld with the rtld bind lock > write-locked, > >>>>> when fixing the stack permission during dso load. Not every > ARMv7 CPU > >>>>> supports the div, which causes the recursive entry into rtld t= o > resolve > >>>>> the __aeabi_uidiv symbol, causing self-lock. > >>>>> Workaround the problem by using roundup2() instead of > open-coding less > >>>>> efficient formula. > >>>>> Diagnosed by: mmel > >>>>> Based on submission by: John F Carr > >>>>> Sponsored by: The FreeBSD Foundation > >>>>> MFC after: 1 week > >>>>> > >>> Just realized that it is wrong. Stack size is user-controlled and it > does > >>> not need to be power of two. > >> > >> Your change is correct. _thr_page_size is set to getpagesize(), > >> which is a power of 2. The call to roundup2 takes a user-provided > >> size and rounds it up to a multiple of the system page size. > >> > >> I tested the change and it works. My change also works and > >> should compile to identical code. I forgot there was a standard > >> function to do the rounding. > > Right, my bad, thank you for correcting my thinko. > > > >> > >>> For final resolving of deadlocks, after a full day of digging, I'm > very much > >>>> incline of adding -znow to the linker flags for libthr.so (and mayb= e > also > >>>> for ld-elf.so). The runtime cost of resolving all symbols at startup > is very > >>>> low. Direct pre-solving in _thr_rtld_init() is problematic for the > _aeabi_* > >>>> symbols, since they don't have an official C prototypes, and some ar= e > not > >>>> compatible with C calling conventions. > >>> I do not like it. `-z now' changes (breaks) the ABI and makes some > symbols > >>> not preemtible. > >>> > >>> In the worst case, we would need a call to the asm routine which > causes the > >>> resolution of the _eabi_* symbols on arm. > >>> > >> > >> It would also be possible to link libthr with libgcc.a and use a linke= r > map > >> to hide the _eabi_ symbols. > > In principle yes, but if the ARM ABI states that _eabi symbols must be > used, > > and exported from libc, then this is also some form of ABI breakage. > > I hope that https://reviews.freebsd.org/D46104 is acceptable :) > Can't speak for kib, but it looks good to my eye (though I agree with his naming quibble). And helps avoid -znow, though I could have gone either way on that. It's also simple enough not to be a burden. Warner --000000000000bab606061e040273 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Wed, Jul 24, 2024 at 11:34=E2=80= =AFAM mmel@freebsd.org <meloun.michal@gmail.com> wrote:<= br>


On 24.07.2024 17:47, Konstantin Belousov wrote:
> On Wed, Jul 24, 2024 at 01:07:39PM +0000, John F Carr wrote:
>>
>>
>>> On Jul 24, 2024, at 06:50, Konstantin Belousov <kib@freebsd.org> wrote: >>>
>>> On Wed, Jul 24, 2024 at 12:34:57PM +0200, mmel@freebsd.org wrote:
>>>>
>>>>
>>>> On 24.07.2024 12:24, Konstantin Belousov wrote:
>>>>> On Tue, Jul 23, 2024 at 08:11:13PM +0000, John F Carr = wrote:
>>>>>> On Jul 23, 2024, at 13:46, Michal Meloun <meloun.michal@gmail= .com> wrote:
>>>>>>>
>>>>>>> On 23.07.2024 11:36, Konstantin Belousov wrote= :
>>>>>>>> On Tue, Jul 23, 2024 at 09:53:41AM +0200, = Michal Meloun wrote:
>>>>>>>>> The good news is that I'm finally = able to generate a working/locking
>>>>>>>>> test case.=C2=A0 The culprit (at least= for me) is if "-mcpu" is used when
>>>>>>>>> compiling libthr (e.g. indirectly inje= cted via CPUTYPE in /etc/make.conf).
>>>>>>>>> If it is not used, libthr is broken (r= egardless of -O level or debug/normal
>>>>>>>>> build), but -mcpu=3Dcortex-a15 will al= ways produce a working libthr.
>>>>>>>> I think this is very significant progress.=
>>>>>>>> Do you plan to drill down more to see what= is going on?
>>>>>>>
>>>>>>> So the problem is now clear, and I fear it may= apply to other architectures as well.
>>>>>>> dlopen_object() (from rtld_elf),
>>>>>>> https://= cgit.freebsd.org/src/tree/libexec/rtld-elf/rtld.c#n3766,
>>>>>>> holds the rtld_bind_lock write lock for almost= the entire time a new library is loaded.
>>>>>>> If the code uses a yet unresolved symbol to lo= ad the library, the rtl_bind() function attempts to get read lock of=C2=A0 = rtld_bind_lock and a deadlock occurs.
>>>>>>>
>>>>>>> In this case, it round_up() in _thr_stack_fix_= protection,
>>>>>>> htt= ps://cgit.freebsd.org/src/tree/lib/libthr/thread/thr_stack.c#n136.
>>>>>>> Issued by __aeabi_uidiv (since not all armv7 p= rocessors support HW divide).
>>>>>>>
>>>>>>> Unfortunately, I'm not sure how to fix it.= =C2=A0 The compiler can emit __aeabi_<> in any place, and I'm not= sure if it can resolve all the symbols used by rtld_eld and libthr beforeh= and.
>>>>>>>
>>>>>>>
>>>>>>> Michal
>>>>>>>
>>>>>>
>>>>>> In this case (but not for all _aeabi_ functions) w= e can avoid division
>>>>>> as long as page size is a power of 2.
>>>>>>
>>>>>> The function is
>>>>>>
>>>>>>=C2=A0 =C2=A0 static inline size_t
>>>>>>=C2=A0 =C2=A0 round_up(size_t size)
>>>>>>=C2=A0 =C2=A0 {
>>>>>>=C2=A0 =C2=A0 =C2=A0if (size % _thr_page_size !=3D = 0)
>>>>>>=C2=A0 =C2=A0 =C2=A0size =3D ((size / _thr_page_siz= e) + 1) *
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0_thr_page_size; >>>>>>=C2=A0 =C2=A0 =C2=A0return size;
>>>>>>=C2=A0 =C2=A0 }
>>>>>>
>>>>>> The body can be condensed to
>>>>>>
>>>>>>=C2=A0 =C2=A0 return (size + _thr_page_size - 1) &a= mp; ~(_thr_page_size - 1);
>>>>>>
>>>>>> This is shorter in both lines of code and instruct= ion bytes.
>>>>>
>>>>> Lets not allow this to be lost.=C2=A0 Could anybody co= nfirm that the patch
>>>>> below fixes the issue?
>>>>>
>>>>> commit d560f4f6690a48476565278fd07ca131bf4eeb3c
>>>>> Author: Konstantin Belousov <kib@FreeBSD.org> >>>>> Date:=C2=A0 =C2=A0Wed Jul 24 13:17:55 2024 +0300
>>>>>
>>>>>=C2=A0 =C2=A0 =C2=A0 rtld: avoid division in __thr_map_= stacks_exec()
>>>>>=C2=A0 =C2=A0 =C2=A0 The function is called by rtld wit= h the rtld bind lock write-locked,
>>>>>=C2=A0 =C2=A0 =C2=A0 when fixing the stack permission d= uring dso load.=C2=A0 Not every ARMv7 CPU
>>>>>=C2=A0 =C2=A0 =C2=A0 supports the div, which causes the= recursive entry into rtld to resolve
>>>>>=C2=A0 =C2=A0 =C2=A0 the=C2=A0 __aeabi_uidiv symbol, ca= using self-lock.
>>>>>=C2=A0 =C2=A0 =C2=A0 Workaround the problem by using ro= undup2() instead of open-coding less
>>>>>=C2=A0 =C2=A0 =C2=A0 efficient formula.
>>>>>=C2=A0 =C2=A0 =C2=A0 Diagnosed by:=C2=A0 =C2=A0mmel
>>>>>=C2=A0 =C2=A0 =C2=A0 Based on submission by: John F Car= r <jfc@mit.edu><= br> >>>>>=C2=A0 =C2=A0 =C2=A0 Sponsored by:=C2=A0 =C2=A0The Free= BSD Foundation
>>>>>=C2=A0 =C2=A0 =C2=A0 MFC after:=C2=A0 =C2=A0 =C2=A0 1 w= eek
>>>>>
>>> Just realized that it is wrong.=C2=A0 Stack size is user-contr= olled and it does
>>> not need to be power of two.
>>
>> Your change is correct.=C2=A0 _thr_page_size is set to getpagesize= (),
>> which is a power of 2.=C2=A0 =C2=A0The call to roundup2 takes a us= er-provided
>> size and rounds it up to a multiple of the system page size.
>>
>> I tested the change and it works.=C2=A0 My change also works and >> should compile to identical code.=C2=A0 I forgot there was a stand= ard
>> function to do the rounding.
> Right, my bad, thank you for correcting my thinko.
>
>>
>>> For final resolving of deadlocks, after a full day of digging,= I'm very much
>>>> incline=C2=A0 of adding -znow to the linker flags for libt= hr.so (and maybe also
>>>> for ld-elf.so). The runtime cost of resolving all symbols = at startup is very
>>>> low. Direct pre-solving in _thr_rtld_init() is problematic= for the _aeabi_*
>>>> symbols, since they don't have an official C prototype= s, and some are not
>>>> compatible with C calling conventions.
>>> I do not like it. `-z now' changes (breaks) the ABI and ma= kes some symbols
>>> not preemtible.
>>>
>>> In the worst case, we would need a call to the asm routine whi= ch causes the
>>> resolution of the _eabi_* symbols on arm.
>>>
>>
>> It would also be possible to link libthr with libgcc.a and use a l= inker map
>> to hide the _eabi_ symbols.
> In principle yes, but if the ARM ABI states that _eabi symbols must be= used,
> and exported from libc, then this is also some form of ABI breakage.
I hope that https://reviews.freebsd.org/D46104 is acceptable := )

Can't speak for kib, but it looks= good to my eye (though I agree with his naming
quibble). And hel= ps avoid -znow, though I could have gone either way on that.
It&#= 39;s also simple enough not to be a burden.

Warner= =C2=A0
--000000000000bab606061e040273--