Konstantin Belousov 70a7dd5d5b Fix issues with zeroing and fetching the counters, on x86 and ppc64.
Issues were noted by Bruce Evans and are present on all architectures.

On i386, a counter fetch should use atomic read of 64bit value,
otherwise carry from the increment on other CPU could be lost for the
given fetch, making error of 2^32.  If 64bit read (cmpxchg8b) is not
available on the machine, it cannot be SMP and it is enough to disable
preemption around read to avoid the split read.

On x86 the counter increment is not atomic on purpose, which makes it
possible for the store of the incremented result to override just
zeroed per-cpu slot.  The effect would be a counter going off by
arbitrary value after zeroing.  Perform the counter zeroing on the
same processor which does the increments, making the operations
mutually exclusive.  On i386, same as for the fetching, if the
cmpxchg8b is not available, machine is not SMP and we disable
preemption for zeroing.

PowerPC64 is treated the same as amd64.

For other architectures, the changes made to allow the compilation to
succeed, without fixing the issues with zeroing or fetching.  It
should be possible to handle them by using the 64bit loads and stores
atomic WRT preemption (assuming the architectures also converted from
using critical sections to proper asm).  If architecture does not
provide the facility, using global (spin) mutex would be non-optimal
but working solution.

Noted by:  bde
Sponsored by:	The FreeBSD Foundation
2013-07-01 02:48:27 +00:00

95 lines
2.6 KiB
C

/*-
* Copyright (c) 2012 Konstantin Belousov <kib@FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifndef __MACHINE_COUNTER_H__
#define __MACHINE_COUNTER_H__
#include <sys/pcpu.h>
#ifdef INVARIANTS
#include <sys/proc.h>
#endif
#define counter_enter() critical_enter()
#define counter_exit() critical_exit()
#ifdef IN_SUBR_COUNTER_C
/* XXXKIB non-atomic 64bit read */
static inline uint64_t
counter_u64_read_one(uint64_t *p, int cpu)
{
return (*(uint64_t *)((char *)p + sizeof(struct pcpu) * cpu));
}
static inline uint64_t
counter_u64_fetch_inline(uint64_t *p)
{
uint64_t r;
int i;
r = 0;
for (i = 0; i < mp_ncpus; i++)
r += counter_u64_read_one((uint64_t *)p, i);
return (r);
}
/* XXXKIB non-atomic 64bit store, might interrupt increment */
static void
counter_u64_zero_one_cpu(void *arg)
{
*((uint64_t *)((char *)arg + sizeof(struct pcpu) *
PCPU_GET(cpuid))) = 0;
}
static inline void
counter_u64_zero_inline(counter_u64_t c)
{
smp_rendezvous(smp_no_rendevous_barrier, counter_u64_zero_one_cpu,
smp_no_rendevous_barrier, c);
}
#endif
#define counter_u64_add_protected(c, inc) do { \
CRITICAL_ASSERT(curthread); \
*(uint64_t *)zpcpu_get(c) += (inc); \
} while (0)
static inline void
counter_u64_add(counter_u64_t c, int64_t inc)
{
counter_enter();
counter_u64_add_protected(c, inc);
counter_exit();
}
#endif /* ! __MACHINE_COUNTER_H__ */