From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from n23.mail01.mtsvc.net (mailout32.mail01.mtsvc.net [216.70.64.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id C54E81A003B for ; Tue, 9 Sep 2014 20:40:59 +1000 (EST) Message-ID: <540ED929.5040305@hurleysoftware.com> Date: Tue, 09 Sep 2014 06:40:41 -0400 From: Peter Hurley MIME-Version: 1.0 To: James Bottomley Subject: Re: bit fields && data tearing References: <21512.10628.412205.873477@gargle.gargle.HOWL> <20140904090952.GW17454@tucnak.redhat.com> <540859EC.5000407@hurleysoftware.com> <20140904175044.4697aee4@alan.etchedpixels.co.uk> <5408C0AB.6050801@hurleysoftware.com> <20140905001751.GL5001@linux.vnet.ibm.com> <1409883098.5078.14.camel@jarvis.lan> <5409243C.4080704@hurleysoftware.com> <20140905040645.GO5001@linux.vnet.ibm.com> <1410066442.12512.13.camel@jarvis.lan> <20140907162146.GK5001@linux.vnet.ibm.com> <1410116687.2027.19.camel@jarvis.lan> <540CC305.8010407@hurleysoftware.com> <1410155407.2027.29.camel@jarvis.lan> <540E3BFF.7080307@hurleysoftware.com> <1410231392.2028.15.camel@jarvis.lan> In-Reply-To: <1410231392.2028.15.camel@jarvis.lan> Content-Type: text/plain; charset=utf-8 Cc: Jakub Jelinek , One Thousand Gnomes , linux-arch@vger.kernel.org, linux-ia64@vger.kernel.org, Mikael Pettersson , Oleg Nesterov , linux-kernel@vger.kernel.org, Tony Luck , Paul Mackerras , "H. Peter Anvin" , paulmck@linux.vnet.ibm.com, linuxppc-dev@lists.ozlabs.org, Miroslav Franc , Richard Henderson List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On 09/08/2014 10:56 PM, James Bottomley wrote: > On Mon, 2014-09-08 at 19:30 -0400, Peter Hurley wrote: >> On 09/08/2014 01:50 AM, James Bottomley wrote: >>>> But additionally, even if gcc combines adjacent writes _that are part >>>> of the program flow_ then I believe the situation is no worse than >>>> would otherwise exist. >>>> >>>> For instance, given the following: >>>> >>>> struct x { >>>> spinlock_t lock; >>>> long a; >>>> byte b; >>>> byte c; >>>> }; >>>> >>>> void locked_store_b(struct x *p) >>>> { >>>> spin_lock(&p->lock); >>>> p->b = 1; >>>> spin_unlock(&p->lock); >>>> p->c = 2; >>>> } >>>> >>>> Granted, the author probably expects ordered writes of >>>> STORE B >>>> STORE C >>>> but that's not guaranteed because there is no memory barrier >>>> ordering B before C. >>> >>> Yes, there is: loads and stores may not migrate into or out of critical >>> sections. >> >> That's a common misconception. >> >> The processor is free to re-order this to: >> >> STORE C >> STORE B >> UNLOCK >> >> That's because the unlock() only guarantees that: >> >> Stores before the unlock in program order are guaranteed to complete >> before the unlock completes. Stores after the unlock _may_ complete >> before the unlock completes. >> >> My point was that even if compiler barriers had the same semantics >> as memory barriers, the situation would be no worse. That is, code >> that is sensitive to memory barriers (like the example I gave above) >> would merely have the same fragility with one-way compiler barriers >> (with respect to the compiler combining writes). >> >> That's what I meant by "no worse than would otherwise exist". > > Actually, that's not correct. This is actually deja vu with me on the > other side of the argument. When we first did spinlocks on PA, I argued > as you did: lock only a barrier for code after and unlock for code > before. The failing case is that you can have a critical section which > performs an atomically required operation and a following unit which > depends on it being performed. If you begin the following unit before > the atomic requirement, you may end up losing. It turns out this kind > of pattern is inherent in a lot of mail box device drivers: you need to > set up the mailbox atomically then poke it. Setup is usually atomic, > deciding which mailbox to prime and actually poking it is in the > following unit. Priming often involves an I/O bus transaction and if > you poke before priming, you get a misfire. Take it up with the man because this was discussed extensively last year and it was decided that unlocks would not be full barriers. Thus the changes to memory-barriers.txt that explicitly note this and the addition of smp_mb__after_unlock_lock() (for two different locks; an unlock followed by a lock on the same lock is a full barrier). Code that expects ordered writes after an unlock needs to explicitly add the memory barrier. Regards, Peter Hurley