powerpc64 head -r344018 stuck sleeping problems: th->th_scale * tc_delta(th) overflows unsigned 64 bits sometimes [patched failed]

Bruce Evans brde at optusnet.com.au
Fri Apr 5 12:52:40 UTC 2019 

On Fri, 5 Apr 2019, Konstantin Belousov wrote:

> On Thu, Apr 04, 2019 at 02:47:34AM +1100, Bruce Evans wrote:
>> I noticed (or better realized) a general problem with multiple
>> timehands.  ntpd can slew the clock at up to 500 ppm, and at least an
>> old version of it uses a rate of 50 ppm to fix up fairly small drifts
>> in the milliseconds range.  500 ppm is enormous in CPU cycles -- it is
>> 500 thousand nsec or 2 million cycles at 4GHz.  Winding up the timecounter
>> every 1 msec reduces this to only 2000 cycles.
>> ...
>> The main point of having multiple timehands (after introducing the per-
>> timehands generation count) is to avoid blocking thread N during the
>> update, but this doesn't actually work, even for only 2 timehands and
>> a global generation count.
>
> You are describing the generic race between reader and writer. The same
> race would exist even with one timehand (and/or one global generation
> counter), where ntp adjustment might come earlier or later of some
> consumer accessing the timehands. If timehand instance was read before
> tc_windup() run but code consumed the result after the windup, it might
> appear as if time went backward, and this cannot be fixed without either
> re-reading the time after time-depended calculations were done and
> restarting, or some globabl lock ensuring serialization.

With 1 timehand, its generation count would be global.  I think its ordering
is strong enough to ensure serialization.

I think the fix in the kernel to use a global generation count (with > 1
timehands) is simply s/th->th_generation/tc_generation/g.  Oops, that
makes multiple timehands useless and gives some blocking.  The critical
case is when a new timehands is under construction.  The old timehands
becomes unsafe to use when the writer (tc_windup()) updates the offset.
tc_windup() currently sets th_generation to 0 to indicate that the new
timehands is unsafe to use.  Doing the same with a global tc_generation
would give serialization at the cost of busy-waiting for tc_generation
to become nonzero.  It would indicate that all timehands are unsafe
to use.

In the library, does it just work to put the global generation count in
the shared page?

Bruce

More information about the freebsd-ppc mailing list