All of lore.kernel.org
 help / color / mirror / Atom feed
From: Akira Yokosawa <akiyks@gmail.com>
To: "Paul E. McKenney" <paulmck@linux.ibm.com>
Cc: Andrea Parri <andrea.parri@amarulasolutions.com>,
	Alan Stern <stern@rowland.harvard.edu>,
	Boqun Feng <boqun.feng@gmail.com>,
	Daniel Lustig <dlustig@nvidia.com>,
	David Howells <dhowells@redhat.com>,
	Jade Alglave <j.alglave@ucl.ac.uk>,
	Luc Maranget <luc.maranget@inria.fr>,
	Nicholas Piggin <npiggin@gmail.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Will Deacon <will.deacon@arm.com>,
	Daniel Kroening <kroening@cs.ox.ac.uk>,
	Kernel development list <linux-kernel@vger.kernel.org>,
	Akira Yokosawa <akiyks@gmail.com>
Subject: Re: Adding plain accesses and detecting data races in the LKMM
Date: Sat, 20 Apr 2019 23:50:14 +0900	[thread overview]
Message-ID: <516794a4-7a3c-4a82-6e45-de650a02a1de@gmail.com> (raw)
In-Reply-To: <20190419180641.GD14111@linux.ibm.com>

On Fri, 19 Apr 2019 11:06:41 -0700, Paul E. McKenney wrote:
> On Sat, Apr 20, 2019 at 12:06:58AM +0900, Akira Yokosawa wrote:
>> Hi Paul,
>>
[...]
> 
>>> +     (1) The compiler can reorder the load from a to precede the
>>> +     atomic_dec(), (2) Because x86 smp_mb__before_atomic() is only a
>>> +     compiler barrier, the CPU can reorder the preceding store to
>>> +     obj->dead with the later load from a.
>>> +
>>> +     This could be avoided by using READ_ONCE(), which would prevent the
>>> +     compiler from reordering due to both atomic_dec() and READ_ONCE()
>>> +     being volatile accesses, and is usually preferable for loads from
>>> +     shared variables.  However, weakly ordered CPUs would still be
>>> +     free to reorder the atomic_dec() with the load from a, so a more
>>> +     readable option is to also use smp_mb__after_atomic() as follows:
>>
>> The point here is not just "readability", but also the portability of the
>> code, isn't it?
> 
> As Andrea noted, in this particular case, the guarantee that the
> store to obj->dead precedes the load from x is portable.  Either the
> smp_mb__before_atomic() or the atomic_dec() must provide the ordering.

I think I understood this. What I wanted to say was the code for x86 implied
in the subjunctive sentence:

	obj->dead = 1;
	smp_mb__before_atomic();
	atomic_dec(&obj->ref_count);
	r1 = READ_ONCE(x);

, which was not spelled out, is not portable if we expect the ordering of
atomic_dec() with READ_ONCE().

> However, you are right that there is some non-portability.  But this
> non-portability involves the order of the atomic_dec() and the store to x.

Yes, you've guessed it right.

> 
> So what I did was ...
> 
>>         Thanks, Akira
>>
>>> +
>>> +	WRITE_ONCE(obj->dead, 1);
>>> +	smp_mb__before_atomic();
>>> +	atomic_dec(&obj->ref_count);
>>> +	smp_mb__after_atomic();
>>> +	r1 = READ_ONCE(a);
>>> +
>>> +     This orders all three accesses against each other, and also makes
>>> +     the intent quite clear.
> 
> ... change the above paragraph to read as follows:
> 
>      In addition, the example without the smp_mb__after_atomic() does
>      not necessarily order the atomic_dec() with the load from x.
>      In contrast, the example with both smp_mb__before_atomic() and
>      smp_mb__after_atomic() orders all three accesses against each other,
>      and also makes the intent quite clear.
> 
> Does that help?

This looks a little bit redundant to me. The original one is clear
enough.

How about editing the leading sentence above:

>>> +     shared variables.  However, weakly ordered CPUs would still be
>>> +     free to reorder the atomic_dec() with the load from a, so a more
>>> +     readable option is to also use smp_mb__after_atomic() as follows:

to read as follows?

     shared variables.  However, weakly ordered CPUs would still be
     free to reorder the atomic_dec() with the load from x, so a
     portable and more readable option is to also use
     smp_mb__after_atomic() as follows:

Obviously, the interesting discussion going on in another thread will
surely affect this patch.

        Thanks, Akira

> 
> 							Thanx, Paul
> 
>>>       See Documentation/atomic_{t,bitops}.txt for more information.
>>>  
>>> diff --git a/tools/memory-model/linux-kernel.cat b/tools/memory-model/linux-kernel.cat
>>> index 8dcb37835b61..b6866f93abb8 100644
>>> --- a/tools/memory-model/linux-kernel.cat
>>> +++ b/tools/memory-model/linux-kernel.cat
>>> @@ -28,8 +28,8 @@ include "lock.cat"
>>>  let rmb = [R \ Noreturn] ; fencerel(Rmb) ; [R \ Noreturn]
>>>  let wmb = [W] ; fencerel(Wmb) ; [W]
>>>  let mb = ([M] ; fencerel(Mb) ; [M]) |
>>> -	([M] ; fencerel(Before-atomic) ; [RMW] ; po? ; [M]) |
>>> -	([M] ; po? ; [RMW] ; fencerel(After-atomic) ; [M]) |
>>> +	([M] ; fencerel(Before-atomic) ; [RMW]) |
>>> +	([RMW] ; fencerel(After-atomic) ; [M]) |
>>>  	([M] ; po? ; [LKW] ; fencerel(After-spinlock) ; [M]) |
>>>  	([M] ; po ; [UL] ; (co | po) ; [LKW] ;
>>>  		fencerel(After-unlock-lock) ; [M])
>>>
>>
> 


  reply	other threads:[~2019-04-20 14:50 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-03-19 19:38 Adding plain accesses and detecting data races in the LKMM Alan Stern
2019-04-02 14:42 ` Andrea Parri
2019-04-02 18:06   ` Alan Stern
2019-04-06  0:49     ` Andrea Parri
2019-04-06 16:03       ` Alan Stern
2019-04-08  5:51         ` Andrea Parri
2019-04-08 14:18           ` Alan Stern
2019-04-09  1:36             ` Andrea Parri
2019-04-09 15:01               ` Paul E. McKenney
2019-04-13 21:39                 ` Andrea Parri
2019-04-15 13:35                   ` Paul E. McKenney
2019-04-15 13:50                     ` Alan Stern
2019-04-15 13:53                       ` Paul E. McKenney
2019-04-18 12:54                     ` Andrea Parri
2019-04-18 17:44                       ` Alan Stern
2019-04-18 18:39                         ` Paul E. McKenney
2019-04-18 20:19                           ` Alan Stern
2019-04-19  0:53                         ` Andrea Parri
2019-04-19 12:47                           ` Paul E. McKenney
2019-04-19 14:34                             ` Alan Stern
2019-04-19 17:17                               ` Paul E. McKenney
2019-04-19 15:06                             ` Akira Yokosawa
2019-04-19 16:37                               ` Andrea Parri
2019-04-19 18:06                               ` Paul E. McKenney
2019-04-20 14:50                                 ` Akira Yokosawa [this message]
2019-04-21 19:38                                   ` Paul E. McKenney

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=516794a4-7a3c-4a82-6e45-de650a02a1de@gmail.com \
    --to=akiyks@gmail.com \
    --cc=andrea.parri@amarulasolutions.com \
    --cc=boqun.feng@gmail.com \
    --cc=dhowells@redhat.com \
    --cc=dlustig@nvidia.com \
    --cc=j.alglave@ucl.ac.uk \
    --cc=kroening@cs.ox.ac.uk \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luc.maranget@inria.fr \
    --cc=npiggin@gmail.com \
    --cc=paulmck@linux.ibm.com \
    --cc=peterz@infradead.org \
    --cc=stern@rowland.harvard.edu \
    --cc=will.deacon@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.