From: Christian Borntraeger <borntraeger@de.ibm.com>
To: Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>
Cc: Will Deacon <will.deacon@arm.com>,
Stephen Rothwell <sfr@canb.auug.org.au>,
Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@elte.hu>,
"H. Peter Anvin" <hpa@zytor.com>,
"linux-next@vger.kernel.org" <linux-next@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Davidlohr Bueso <dave@stgolabs.net>,
Paul McKenney <paulmck@linux.vnet.ibm.com>
Subject: Re: linux-next: build warnings after merge of the access_once tree
Date: Thu, 26 Mar 2015 18:24:21 +0100 [thread overview]
Message-ID: <551440C5.8040104@de.ibm.com> (raw)
In-Reply-To: <CA+55aFyLTc72-xTkjugVSMb3EQq=+__UcFe28agu086xf9d6ZA@mail.gmail.com>
Am 26.03.2015 um 17:15 schrieb Linus Torvalds:
> On Thu, Mar 26, 2015 at 7:22 AM, Peter Zijlstra <peterz@infradead.org> wrote:
>>
>> So we can either just remove the READ_ONCE(), or replace it with a
>> leading barrier() call just to be on the paranoid side of things.
>
> NOOO!
>
>> Any preferences?
>
> Not a preference: a _requirement_.
>
> Get rid of the f*cking size checks etc on READ_ONCE() and friends.
Oh I just added that check back then because some guy named
Linus suggested something like that ;-)
--- snip ---
(Btw, it's not just aggregate types, even non-aggregate types like
"long long" are not necessarily safe, to give the same 64-bit on
x86-32 example. So adding an assert that it's smaller or equal in size
to a "long" might also not be unreasonable)
--- snip ---
https://www.marc.info/?l=linux-kernel&m=141565366209769&w=1
I am fine with Peters patch :-)
Christian
>
> They are about - wait for it - "reading a value once".
>
> Note how it doesn't say ANYTHING about "atomic" or anything like that.
> It's about reading *ONCE*.
>
>> Something like so, but with a sensible comment I suppose.
>
> Hell f*cking no. The "something like so" is huge and utter crap,
> because the barrier is on the wrong side.
>
>> - old.lock_count = READ_ONCE(lockref->lock_count); \
>> + barrier(); \
>> + old.lock_count = lockref->lock_count; \
>> while (likely(arch_spin_value_unlocked(old.lock.rlock.raw_lock))) { \
>> struct lockref new = old, prev = old; \
>
> The WHOLE point of the READ_ONCE (formerly ACCESS_ONCE) is that it
> tells the compiler that it cannot reload the value.
>
> Notice how it is *not* about atomicitiy. The compiler can read the
> value in fifteen pieces, randomly mixing one bit or five. Nobody
> cares.
>
> But the important thing is that ONCE IT IS READ, it is never read
> again. That's the "once" part.
>
> Why is that important? It's important because we have to absolutely
> guartantee that the value we *test* is the same value we use later.
> That's a common concern with mutable variables, and is the only reason
> for READ_ONCE() in the first place.
>
> The whole atomicity etc crap was just that - crap. It was never about
> atomicitiy. It was about the compiler not reloading values.
>
> So no. No barriers. No "removal of READ_ONCE". Just get rid of the
> broken "sanity" checks in the READ_ONCE implementation that are just
> pure garbage.
>
> The checks in ACCESS_ONCE() were because apparently gcc got things
> wrong - dropping the volatile - for aggregate types. They were never
> supposed to be about atomicity, even if there clearly was some
> confusion about that.
>
> Really. Just get rid of the checks - they were wrong. They were
> clearly very close to *introducing* a bug, rather than fixing anything
> at all.
>
> Linus
>
next prev parent reply other threads:[~2015-03-26 17:24 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-26 8:31 linux-next: build warnings after merge of the access_once tree Stephen Rothwell
2015-03-26 10:11 ` Christian Borntraeger
2015-03-26 10:34 ` Peter Zijlstra
2015-03-26 13:27 ` Will Deacon
2015-03-26 14:22 ` Peter Zijlstra
2015-03-26 14:41 ` Will Deacon
2015-03-26 14:51 ` Peter Zijlstra
2015-03-26 15:08 ` Will Deacon
2015-03-26 16:15 ` Linus Torvalds
2015-03-26 16:21 ` Linus Torvalds
2015-03-26 16:36 ` Peter Zijlstra
2015-03-26 16:44 ` Peter Zijlstra
2015-03-26 16:45 ` Peter Zijlstra
[not found] ` <CA+55aFw1WHJqSj+z-mJGY-kxrg_OsGp9jK9VBi+wB4zPgCkv_w@mail.gmail.com>
2015-03-26 17:07 ` Peter Zijlstra
2015-03-26 17:17 ` Will Deacon
2015-03-26 17:23 ` Christian Borntraeger
2015-03-26 19:42 ` Christian Borntraeger
2015-03-26 16:28 ` Peter Zijlstra
[not found] ` <CA+55aFzUPPSHakwbp-Y-SaXB+o1=V6rOknz7L3AYNXNPU1MSfg@mail.gmail.com>
2015-03-26 17:12 ` Paul E. McKenney
2015-03-26 17:24 ` Christian Borntraeger [this message]
2015-03-26 17:52 ` Linus Torvalds
2015-03-26 18:54 ` Christian Borntraeger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=551440C5.8040104@de.ibm.com \
--to=borntraeger@de.ibm.com \
--cc=dave@stgolabs.net \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-next@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=sfr@canb.auug.org.au \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.