From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933002AbcI3Lfo (ORCPT ); Fri, 30 Sep 2016 07:35:44 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:55908 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932303AbcI3Lfh (ORCPT ); Fri, 30 Sep 2016 07:35:37 -0400 Date: Fri, 30 Sep 2016 04:35:31 -0700 From: "Paul E. McKenney" To: Will Deacon Cc: Boqun Feng , Peter Zijlstra , linux-kernel@vger.kernel.org, mingo@kernel.org, dhowells@redhat.com, stern@rowland.harvard.edu Subject: Re: [PATCH locking/Documentation 1/2] Add note of release-acquire store vulnerability Reply-To: paulmck@linux.vnet.ibm.com References: <20160929155401.GA5097@linux.vnet.ibm.com> <20160929155817.GB5016@twins.programming.kicks-ass.net> <20160929160307.GT13862@arm.com> <20160929164353.GX14933@linux.vnet.ibm.com> <20160929171036.GV13862@arm.com> <20160929172322.GZ14933@linux.vnet.ibm.com> <20160930055352.GC22004@tardis.cn.ibm.com> <20160930092009.GF10184@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160930092009.GF10184@arm.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-TM-AS-GCONF: 00 X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16093011-0020-0000-0000-000009EAC9A7 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00005830; HX=3.00000240; KW=3.00000007; PH=3.00000004; SC=3.00000186; SDB=6.00763052; UDB=6.00363816; IPR=6.00538204; BA=6.00004773; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00012830; XFM=3.00000011; UTC=2016-09-30 11:35:34 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 16093011-0021-0000-0000-0000560ECC93 Message-Id: <20160930113531.GN14933@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2016-09-30_06:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1609280000 definitions=main-1609300211 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 30, 2016 at 10:20:09AM +0100, Will Deacon wrote: > On Fri, Sep 30, 2016 at 01:53:52PM +0800, Boqun Feng wrote: > > On Thu, Sep 29, 2016 at 10:23:22AM -0700, Paul E. McKenney wrote: > > > If two processes are related by a RELEASE+ACQUIRE pair, ordering can be > > > broken if a third process overwrites the value written by the RELEASE > > > operation before the ACQUIRE operation has a chance of reading it, for > > > example: > > > > > > P0(int *x, int *y) > > > { > > > WRITE_ONCE(*x, 1); > > > smp_wmb(); > > ^^^^^^^^^^^ > > > > What is this smp_wmb() for? Seems redundant to me, now that you mention it. ;-) But maybe this does something on ARM? > > > smp_store_release(y, 1); > > > } > > > > > > P1(int *y) > > > { > > > WRITE_ONCE(*y, 2); > > > > If we change this WRITE_ONCE to a relaxed atomic operation(e.g. > > xchg_relaxed(y, 2)), both herd and ppcmem said the exist-clause "y = 2 > > /\ 2:r1 = 2 /\ 2:r2 = 0" wouldn't be triggered on PPC. > > > > I guess we will get the same behavior on ARM/ARM64, Will? > > > > If a normal store could break chain, while a RmW atomic won't, do we > > want to call it out in the document and build our memory model around > > this? > > I think this is required to work by C11's definition of release sequences, > so any architecture that claims to support those with the same instructions > will need this to be forbidden. Yes. > Personally, I think that's a bug in C11, because I think it goes too far > in forbidding some hardware optimisations around relaxed xchg, but it is > what it is. The idea at the time (2007 or thereabouts) was that the atomic operation would have a hard time breaking the causal chain. To your point, atomic xchg could presumably update the value and figure out what the previous value was after the fact. Maybe we should try to get the committee to relax the requirement for relaxed xchg, though backwards compatibility will make that a tough sell. Might need a new xchg API. Thanx, Paul