From: Alan Stern <stern@rowland.harvard.edu>
To: Jonas Oberhauser <jonas.oberhauser@huaweicloud.com>
Cc: Boqun Feng <boqun.feng@gmail.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Jonas Oberhauser <jonas.oberhauser@huawei.com>,
parri.andrea@gmail.com, will@kernel.org, peterz@infradead.org,
npiggin@gmail.com, dhowells@redhat.com, j.alglave@ucl.ac.uk,
luc.maranget@inria.fr, akiyks@gmail.com, dlustig@nvidia.com,
joel@joelfernandes.org, urezki@gmail.com,
quic_neeraju@quicinc.com, frederic@kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3] tools/memory-model: Make ppo a subrelation of po
Date: Sun, 26 Feb 2023 11:51:15 -0500 [thread overview]
Message-ID: <Y/uOA3umovz06/SV@rowland.harvard.edu> (raw)
In-Reply-To: <a862ee59-ca12-b609-48cc-0784c7ce24af@huaweicloud.com>
On Sun, Feb 26, 2023 at 12:17:31PM +0100, Jonas Oberhauser wrote:
>
>
> On 2/26/2023 4:30 AM, Alan Stern wrote:
> > On Sat, Feb 25, 2023 at 07:09:05PM -0800, Boqun Feng wrote:
> > > On Sat, Feb 25, 2023 at 09:29:51PM -0500, Alan Stern wrote:
> > > > On Sat, Feb 25, 2023 at 05:01:10PM -0800, Paul E. McKenney wrote:
> > > > > A few other oddities:
> > > > >
> > > > > litmus/auto/C-LB-Lww+R-OC.litmus
> > > > >
> > > > > Both versions flag a data race, which I am not seeing. It appears
> > > > > to me that P1's store to u0 cannot happen unless P0's store
> > > > > has completed. So what am I missing here?
> > > > The LKMM doesn't believe that a control or data dependency orders a
> > > > plain write after a marked read. Hence in this test it thinks that P1's
> > > > store to u0 can happen before the load of x1. I don't remember why we
> > > > did it this way -- probably we just wanted to minimize the restrictions
> > > > on when plain accesses can execute. (I do remember the reason for
> > > > making address dependencies induce order; it was so RCU would work.)
> > > >
> > > Because plain store can be optimzed as an "store only if not equal"?
> > > As the following sentenses in the explanations.txt:
> > >
> > > The need to distinguish between r- and w-bounding raises yet another
> > > issue. When the source code contains a plain store, the compiler is
> > > allowed to put plain loads of the same location into the object code.
> > > For example, given the source code:
> > >
> > > x = 1;
> > >
> > > the compiler is theoretically allowed to generate object code that
> > > looks like:
> > >
> > > if (x != 1)
> > > x = 1;
> > >
> > > thereby adding a load (and possibly replacing the store entirely).
> > > For this reason, whenever the LKMM requires a plain store to be
> > > w-pre-bounded or w-post-bounded by a marked access, it also requires
> > > the store to be r-pre-bounded or r-post-bounded, so as to handle cases
> > > where the compiler adds a load.
> > Good guess; maybe that was the reason. [...]
> > So perhaps the original reason is not valid now
> > that the memory model explicitly includes tests for stores being
> > r-pre/post-bounded.
> >
> > Alan
>
> I agree, I think you could relax that condition.
Here's a related question to think about. Suppose a compiler does make
this change, adding a load-and-test in front of a store. Can that load
cause a data race?
Normally I'd say no, because compilers aren't allowed to create data
races where one didn't already exist. But that restriction is part of
the C/C++ standard, and what we consider to be a data race differs from
what the standard considers.
So what's the answer? Is the compiler allowed to translate:
r1 = READ_ONCE(*x);
if (r1)
*y = 1;
into something resembling:
r1 = READ_ONCE(*x);
rtemp = *y;
if (r1) {
if (rtemp != 1)
*y = 1;
}
(Note that whether the load to rtemp occurs inside the "if (r1)"
conditional or not makes no difference; either way the CPU can execute
it before testing the condition. Even before reading the value of *x.)
_If_ we assume that these manufactured loads can never cause a data race
then it should be safe to remove the r-pre/post-bounded tests for plain
writes.
But what if rtemp reads from a plain write that was torn, and the
intermediate value it observes happens to be 1, even though neither the
initial nor the final value of *y was 1?
> Note there's also rw-xbstar (used with fr) which doesn't check for
> r-pre-bounded, but it should be ok. That's because only reads would be
> unordered, as a result the read (in the if (x != ..) x=..) should provide
> the correct value. The store would be issued as necessary, and the issued
> store would still be ordered correctly w.r.t the read.
That isn't the reason I left r-pre-bounded out from rw-xbstar. If the
write gets changed to a read there's no need for rw-xbstar to check
r-pre-bounded, because then rw-race would be comparing a read with
another read (instead of with a write) and so there would be no
possibility of a race in any case.
Alan
next prev parent reply other threads:[~2023-02-26 16:51 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-24 13:52 [PATCH v3] tools/memory-model: Make ppo a subrelation of po Jonas Oberhauser
2023-02-24 15:32 ` Alan Stern
2023-02-24 18:37 ` Paul E. McKenney
2023-02-26 1:01 ` Paul E. McKenney
2023-02-26 2:29 ` Alan Stern
2023-02-26 3:03 ` Paul E. McKenney
2023-02-26 18:49 ` Paul E. McKenney
2023-02-26 3:09 ` Boqun Feng
2023-02-26 3:30 ` Alan Stern
2023-02-26 11:17 ` Jonas Oberhauser
2023-02-26 16:51 ` Alan Stern [this message]
2023-02-26 18:45 ` Paul E. McKenney
2023-02-26 19:32 ` Alan Stern
2023-02-27 14:03 ` Jonas Oberhauser
2023-02-27 16:16 ` Alan Stern
2023-02-27 16:50 ` Jonas Oberhauser
2023-02-27 18:41 ` Alan Stern
2023-02-27 19:40 ` Andrea Parri
2023-02-27 20:13 ` Jonas Oberhauser
2023-02-27 22:21 ` Paul E. McKenney
2023-02-28 8:49 ` Jonas Oberhauser
2023-02-28 15:40 ` Paul E. McKenney
2023-03-01 10:52 ` Jonas Oberhauser
2023-03-02 1:42 ` Paul E. McKenney
2023-02-26 2:58 ` Paul E. McKenney
2023-02-26 16:23 ` Joel Fernandes
2023-02-27 14:39 ` Jonas Oberhauser
2023-02-27 17:57 ` Joel Fernandes
2023-02-27 20:24 ` Jonas Oberhauser
2023-02-27 19:35 ` Andrea Parri
2023-02-28 22:01 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y/uOA3umovz06/SV@rowland.harvard.edu \
--to=stern@rowland.harvard.edu \
--cc=akiyks@gmail.com \
--cc=boqun.feng@gmail.com \
--cc=dhowells@redhat.com \
--cc=dlustig@nvidia.com \
--cc=frederic@kernel.org \
--cc=j.alglave@ucl.ac.uk \
--cc=joel@joelfernandes.org \
--cc=jonas.oberhauser@huawei.com \
--cc=jonas.oberhauser@huaweicloud.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luc.maranget@inria.fr \
--cc=npiggin@gmail.com \
--cc=parri.andrea@gmail.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=quic_neeraju@quicinc.com \
--cc=urezki@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox