Re: [PATCH v2 tip/core/rcu 07/13] ipv6/ip6_tunnel: Apply rcu_access_pointer() to avoid sparse false positive

From: Hannes Frederic Sowa
Date: Sun Oct 13 2013 - 16:11:10 EST

Next message: Ben Hutchings: "Re: [GIT PULL] firmware: wl1251 firmware binary"
Previous message: Tejun Heo: "Re: [PATCH] cgroup: fix to break the while loop incgroup_attach_task() correctly"
In reply to: Paul E. McKenney: "Re: [PATCH v2 tip/core/rcu 07/13] ipv6/ip6_tunnel: Applyrcu_access_pointer() to avoid sparse false positive"
Next in thread: Josh Triplett: "Re: [PATCH v2 tip/core/rcu 07/13] ipv6/ip6_tunnel: Applyrcu_access_pointer() to avoid sparse false positive"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Oct 13, 2013 at 04:14:39AM -0700, Paul E. McKenney wrote:
> On Sat, Oct 12, 2013 at 07:42:18PM +0000, Mathieu Desnoyers wrote:
> > ----- Original Message -----
> > > On Sat, Oct 12, 2013 at 06:43:45PM +0200, Hannes Frederic Sowa wrote:
> > > > Regarding the volatile access, I hope that the C11 memory model
> > > > and enhancements to the compiler will some day provide a better
> > > > way to express the semantics of what is tried to express here
> > > > (__atomic_store_n/__atomic_load_n with the accompanied memory model,
> > > > which could be even weaker to what a volatile access would enfore
> > > > now and could guarantee atomic stores/loads).
> > >
> > > I just played around a bit more. Perhaps we could try to warn of silly
> > > usages of ACCESS_ONCE():
> > >
> > > --- a/include/linux/compiler.h
> > > +++ b/include/linux/compiler.h
> > > @@ -349,7 +349,11 @@ void ftrace_likely_update(struct ftrace_branch_data *f,
> > > int val, int expect);
> > > * use is to mediate communication between process-level code and irq/NMI
> > > * handlers, all running on the same CPU.
> > > */
> > > -#define ACCESS_ONCE(x) (*(volatile typeof(x) *)&(x))
> > > +#define ACCESS_ONCE(x) (*({ \
> > > + compiletime_assert(sizeof(typeof(x)) <= sizeof(typeof(&x)), \
> > > + "ACCESS_ONCE likely not atomic"); \
> >
> > AFAIU, ACCESS_ONCE() is not meant to ensure atomicity of load/store,
> > but rather merely ensures that the compiler will not merge nor refetch
> > accesses. I don't think the assert check you propose is appropriate with
> > respect to the ACCESS_ONCE() semantic.
>
> I am with Mathieu on this one, at least unless there is some set of actual
> bugs already in the kernel that these length checks would find.

I guess my wording of "ACCESS_ONCE likely not atomic" was misplaced. Something
like volatile access to memory larger than the processor register size is
probably not what you intended. Use atomics or proper locking. ;)
And maybe that is not even correct.

> /me wonders about structs of size 3, 5, 6, and 7...

Checked a x86_64 allyesconfig build with sizes above pointer size and odd
parity and nothing broke.

Greetings,

Hannes

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ben Hutchings: "Re: [GIT PULL] firmware: wl1251 firmware binary"
Previous message: Tejun Heo: "Re: [PATCH] cgroup: fix to break the while loop incgroup_attach_task() correctly"
In reply to: Paul E. McKenney: "Re: [PATCH v2 tip/core/rcu 07/13] ipv6/ip6_tunnel: Applyrcu_access_pointer() to avoid sparse false positive"
Next in thread: Josh Triplett: "Re: [PATCH v2 tip/core/rcu 07/13] ipv6/ip6_tunnel: Applyrcu_access_pointer() to avoid sparse false positive"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]