lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20171129225926.GK3624@linux.vnet.ibm.com>
Date:   Wed, 29 Nov 2017 14:59:26 -0800
From:   "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To:     Daniel Lustig <dlustig@...dia.com>
Cc:     Alan Stern <stern@...land.harvard.edu>,
        Peter Zijlstra <peterz@...radead.org>,
        Andrea Parri <parri.andrea@...il.com>,
        Luc Maranget <luc.maranget@...ia.fr>,
        Jade Alglave <j.alglave@....ac.uk>,
        Boqun Feng <boqun.feng@...il.com>,
        Nicholas Piggin <npiggin@...il.com>,
        Will Deacon <will.deacon@....com>,
        David Howells <dhowells@...hat.com>,
        Palmer Dabbelt <palmer@...belt.com>,
        Kernel development list <linux-kernel@...r.kernel.org>
Subject: Re: Unlock-lock questions and the Linux Kernel Memory Model

On Wed, Nov 29, 2017 at 02:18:48PM -0800, Daniel Lustig wrote:
> On 11/29/2017 12:42 PM, Paul E. McKenney wrote:
> > On Wed, Nov 29, 2017 at 02:53:06PM -0500, Alan Stern wrote:
> >> On Wed, 29 Nov 2017, Peter Zijlstra wrote:
> >>
> >>> On Wed, Nov 29, 2017 at 11:04:53AM -0800, Daniel Lustig wrote:
> >>>
> >>>> While we're here, let me ask about another test which isn't directly
> >>>> about unlock/lock but which is still somewhat related to this
> >>>> discussion:
> >>>>
> >>>> "MP+wmb+xchg-acq" (or some such)
> >>>>
> >>>> {}
> >>>>
> >>>> P0(int *x, int *y)
> >>>> {
> >>>>         WRITE_ONCE(*x, 1);
> >>>>         smp_wmb();
> >>>>         WRITE_ONCE(*y, 1);
> >>>> }
> >>>>
> >>>> P1(int *x, int *y)
> >>>> {
> >>>>         r1 = atomic_xchg_relaxed(y, 2);
> >>>>         r2 = smp_load_acquire(y);
> >>>>         r3 = READ_ONCE(*x);
> >>>> }
> >>>>
> >>>> exists (1:r1=1 /\ 1:r2=2 /\ 1:r3=0)
> >>>>
> >>>> C/C++ would call the atomic_xchg_relaxed part of a release sequence
> >>>> and hence would forbid this outcome.
> >>>
> >>> That's just weird. Either its _relaxed, or its _release. Making _relaxed
> >>> mean _release is just daft.
> >>
> >> The C11 memory model specifically allows atomic operations to be 
> >> interspersed within a release sequence.  But it doesn't say why.
> > 
> > The use case put forward within the committee is for atomic quantities
> > with mode bits.  The most frequent has the atomic quantity having
> > lock-like properties, in which case you don't want to lose the ordering
> > effects of the lock handoff just because a mode bit got set or cleared.
> > Some claim to actually use something like this, but details have not
> > been forthcoming.
> > 
> > I confess to being a bit skeptical.  If the mode changes are infrequent,
> > the update could just as well be ordered.
> 
> Aren't reference counting implementations which use memory_order_relaxed
> for incrementing the count another important use case?  Specifically,
> the synchronization between a memory_order_release decrement and the
> eventual memory_order_acquire/consume free shouldn't be interrupted by
> other (relaxed) increments and (release-only) decrements that happen in
> between.  At least that's my understanding of this use case.  I wasn't
> there when the C/C++ committee decided this.

Well, C++ release sequences will likely soon not order memory_order_consume
loads: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2017/p0735r0.html

So we were hoping to avoid release sequences entirely.  But if someone
in the kernel really is using them, we will have to model them, but
only those interacting with acquire loads.

> > That said, Daniel, the C++ memory model really does require that the
> > above litmus test be forbidden, my denigration of it notwithstanding.
> 
> Yes I agree, that's why I'm curious what the Linux memory model has
> in mind here :)

Read P0735R0 (the above URL) and then tell me with a straight face that
you would not also have been tempted.  ;-)

							Thanx, Paul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ