From: Boqun Feng <boqun.feng@gmail.com>
To: Kent Overstreet <kent.overstreet@linux.dev>
Cc: "Linus Torvalds" <torvalds@linux-foundation.org>,
rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-arch@vger.kernel.org, llvm@lists.linux.dev,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Wedson Almeida Filho" <wedsonaf@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Andreas Hindborg" <a.hindborg@samsung.com>,
"Alice Ryhl" <aliceryhl@google.com>,
"Alan Stern" <stern@rowland.harvard.edu>,
"Andrea Parri" <parri.andrea@gmail.com>,
"Will Deacon" <will@kernel.org>,
"Peter Zijlstra" <peterz@infradead.org>,
"Nicholas Piggin" <npiggin@gmail.com>,
"David Howells" <dhowells@redhat.com>,
"Jade Alglave" <j.alglave@ucl.ac.uk>,
"Luc Maranget" <luc.maranget@inria.fr>,
"Paul E. McKenney" <paulmck@kernel.org>,
"Akira Yokosawa" <akiyks@gmail.com>,
"Daniel Lustig" <dlustig@nvidia.com>,
"Joel Fernandes" <joel@joelfernandes.org>,
"Nathan Chancellor" <nathan@kernel.org>,
"Nick Desaulniers" <ndesaulniers@google.com>,
kent.overstreet@gmail.com,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
elver@google.com, "Mark Rutland" <mark.rutland@arm.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
"Catalin Marinas" <catalin.marinas@arm.com>,
linux-arm-kernel@lists.infradead.org,
linux-fsdevel@vger.kernel.org
Subject: Re: [WIP 0/3] Memory model and atomic API in Rust
Date: Fri, 22 Mar 2024 19:57:20 -0700 [thread overview]
Message-ID: <Zf5FEFCfuy0TAjV6@Boquns-Mac-mini.home> (raw)
In-Reply-To: <34r4signulvsclmsiqgghskmj5xce3zs5hwgfulzaez2wdyklr@ck6zrj732c4m>
On Fri, Mar 22, 2024 at 10:33:13PM -0400, Kent Overstreet wrote:
> On Fri, Mar 22, 2024 at 07:26:28PM -0700, Boqun Feng wrote:
> > On Fri, Mar 22, 2024 at 10:07:31PM -0400, Kent Overstreet wrote:
> > [...]
> > > > Boqun already mentioned the "mixing access sizes", which is actually
> > > > quite fundamental in the kernel, where we play lots of games with that
> > > > (typically around locking, where you find patterns line unlock writing
> > > > a zero to a single byte, even though the whole lock data structure is
> > > > a word). And sometimes the access size games are very explicit (eg
> > > > lib/lockref.c).
> > >
> > > I don't think mixing access sizes should be a real barrier. On the read
> >
> > Well, it actually is, since mixing access sizes is, guess what,
> > an undefined behavior:
> >
> > (example in https://doc.rust-lang.org/std/sync/atomic/#memory-model-for-atomic-accesses)
> >
> > thread::scope(|s| {
> > // This is UB: using different-sized atomic accesses to the same data
> > s.spawn(|| atomic.store(1, Ordering::Relaxed));
> > s.spawn(|| unsafe {
> > let differently_sized = transmute::<&AtomicU16, &AtomicU8>(&atomic);
> > differently_sized.store(2, Ordering::Relaxed);
> > });
> > });
> >
> > Of course, you can say "I will just ignore the UB", but if you have to
> > ignore "compiler rules" to make your code work, why bother use compiler
> > builtin in the first place? Being UB means they are NOT guaranteed to
> > work.
>
> That's not what I'm proposing - you'd need additional compiler support.
Ah, OK.
> but the new intrinsic would be no different, semantics wise for the
> compiler to model, than a "lock orb".
Be ready to be disappointed:
https://rust-lang.zulipchat.com/#narrow/stream/136281-t-opsem/topic/is.20atomic.20aliasing.20allowed.3F/near/402078545
https://rust-lang.zulipchat.com/#narrow/stream/136281-t-opsem/topic/is.20atomic.20aliasing.20allowed.3F/near/402082631
;-)
In fact, if you get a chance to read the previous discussion links I
shared, you will find I was just like you in the beginning: hope we
could extend the model to support more kernel code properly. But my
overall feeling is that it's either very challenging or lack of
motivation to do.
Regards,
Boqun
next prev parent reply other threads:[~2024-03-23 2:57 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-22 23:38 [WIP 0/3] Memory model and atomic API in Rust Boqun Feng
2024-03-22 23:38 ` [WIP 1/3] rust: Introduce atomic module Boqun Feng
2024-03-22 23:52 ` Andrew Lunn
2024-03-23 0:03 ` Boqun Feng
2024-03-23 19:13 ` Miguel Ojeda
2024-03-23 19:30 ` Boqun Feng
2024-03-23 9:58 ` Alice Ryhl
2024-03-23 14:10 ` Andrew Lunn
2024-03-23 19:09 ` Miguel Ojeda
2024-03-26 5:56 ` Trevor Gross
2024-03-22 23:38 ` [WIP 2/3] rust: atomic: Add ARM64 fetch_add_relaxed() Boqun Feng
2024-03-22 23:38 ` [WIP 3/3] rust: atomic: Add fetch_sub_release() Boqun Feng
2024-03-22 23:57 ` [WIP 0/3] Memory model and atomic API in Rust Kent Overstreet
2024-03-23 0:12 ` Linus Torvalds
2024-03-23 0:21 ` Kent Overstreet
2024-03-23 0:36 ` Linus Torvalds
2024-03-23 2:07 ` Kent Overstreet
2024-03-23 2:26 ` Boqun Feng
2024-03-23 2:33 ` Kent Overstreet
2024-03-23 2:57 ` Boqun Feng [this message]
2024-03-23 3:10 ` Kent Overstreet
2024-03-23 3:51 ` Boqun Feng
2024-03-23 4:16 ` Kent Overstreet
2024-03-25 13:56 ` Philipp Stanner
2024-03-25 17:44 ` Linus Torvalds
2024-03-25 18:59 ` Kent Overstreet
2024-03-25 19:44 ` Linus Torvalds
2024-03-25 21:14 ` Kent Overstreet
2024-03-25 21:37 ` Boqun Feng
2024-03-25 22:09 ` Kent Overstreet
2024-03-25 22:38 ` Boqun Feng
2024-03-25 23:02 ` Kent Overstreet
2024-03-25 23:41 ` Boqun Feng
2024-03-26 0:05 ` Dr. David Alan Gilbert
2024-03-26 0:36 ` Kent Overstreet
2024-03-26 1:35 ` Dr. David Alan Gilbert
2024-03-26 3:28 ` Kent Overstreet
2024-03-26 2:51 ` Boqun Feng
2024-03-26 3:49 ` Linus Torvalds
2024-03-26 14:35 ` Dr. David Alan Gilbert
2024-03-27 16:16 ` comex
2024-03-27 18:50 ` Kent Overstreet
2024-03-27 19:07 ` Linus Torvalds
2024-03-27 19:41 ` Kent Overstreet
2024-03-27 20:45 ` Linus Torvalds
2024-03-27 21:41 ` Kent Overstreet
2024-03-27 22:57 ` Linus Torvalds
2024-03-27 23:35 ` Kent Overstreet
2024-03-27 21:21 ` Boqun Feng
2024-03-27 21:49 ` Kent Overstreet
2024-03-27 22:26 ` Boqun Feng
2024-03-27 21:56 ` comex
2024-03-27 22:02 ` comex
2024-04-05 17:13 ` Philipp Stanner
2024-04-08 16:02 ` Matthew Wilcox
2024-04-08 16:55 ` Paul E. McKenney
2024-04-08 17:03 ` Matthew Wilcox
2024-04-08 18:47 ` Paul E. McKenney
2024-04-09 0:58 ` Kent Overstreet
2024-04-09 4:47 ` Paul E. McKenney
2024-04-08 17:01 ` Linus Torvalds
2024-04-08 18:14 ` Al Viro
2024-04-08 20:05 ` Linus Torvalds
2024-03-23 21:40 ` comex
2024-03-24 15:22 ` Alan Stern
2024-03-24 17:37 ` comex
2024-03-23 0:15 ` Boqun Feng
2024-03-23 0:49 ` Boqun Feng
2024-03-23 1:42 ` Kent Overstreet
2024-03-23 14:29 ` Andrew Lunn
2024-03-23 14:41 ` Boqun Feng
2024-03-23 14:55 ` Boqun Feng
2024-03-25 10:44 ` Mark Rutland
2024-03-25 20:59 ` Boqun Feng
2024-04-09 10:50 ` Peter Zijlstra
2024-04-16 18:12 ` Boqun Feng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zf5FEFCfuy0TAjV6@Boquns-Mac-mini.home \
--to=boqun.feng@gmail.com \
--cc=a.hindborg@samsung.com \
--cc=akiyks@gmail.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=dave.hansen@linux.intel.com \
--cc=dhowells@redhat.com \
--cc=dlustig@nvidia.com \
--cc=elver@google.com \
--cc=gary@garyguo.net \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=j.alglave@ucl.ac.uk \
--cc=joel@joelfernandes.org \
--cc=kent.overstreet@gmail.com \
--cc=kent.overstreet@linux.dev \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=luc.maranget@inria.fr \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=npiggin@gmail.com \
--cc=ojeda@kernel.org \
--cc=parri.andrea@gmail.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=stern@rowland.harvard.edu \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=wedsonaf@gmail.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).