----- Original Message ----- > From: "Hannes Frederic Sowa" <[email protected]> > To: "Paul E. McKenney" <[email protected]>, "Eric Dumazet" > <[email protected]>, "Josh Triplett" > <[email protected]>, [email protected], [email protected], > [email protected], [email protected], > [email protected], "mathieu desnoyers" > <[email protected]>, [email protected], [email protected], > [email protected], [email protected], [email protected], > [email protected], [email protected], > [email protected], [email protected], "David S. Miller" <[email protected]>, > "Alexey Kuznetsov" <[email protected]>, > "James Morris" <[email protected]>, "Hideaki YOSHIFUJI" > <[email protected]>, "Patrick McHardy" > <[email protected]>, [email protected] > Sent: Saturday, October 12, 2013 1:37:34 PM > Subject: Re: [PATCH v2 tip/core/rcu 07/13] ipv6/ip6_tunnel: Apply > rcu_access_pointer() to avoid sparse false positive > > On Sat, Oct 12, 2013 at 06:43:45PM +0200, Hannes Frederic Sowa wrote: > > Regarding the volatile access, I hope that the C11 memory model > > and enhancements to the compiler will some day provide a better > > way to express the semantics of what is tried to express here > > (__atomic_store_n/__atomic_load_n with the accompanied memory model, > > which could be even weaker to what a volatile access would enfore > > now and could guarantee atomic stores/loads). > > I just played around a bit more. Perhaps we could try to warn of silly > usages of ACCESS_ONCE(): > > --- a/include/linux/compiler.h > +++ b/include/linux/compiler.h > @@ -349,7 +349,11 @@ void ftrace_likely_update(struct ftrace_branch_data *f, > int val, int expect); > * use is to mediate communication between process-level code and irq/NMI > * handlers, all running on the same CPU. > */ > -#define ACCESS_ONCE(x) (*(volatile typeof(x) *)&(x)) > +#define ACCESS_ONCE(x) (*({ \ > + compiletime_assert(sizeof(typeof(x)) <= sizeof(typeof(&x)), \ > + "ACCESS_ONCE likely not atomic"); \
AFAIU, ACCESS_ONCE() is not meant to ensure atomicity of load/store, but rather merely ensures that the compiler will not merge nor refetch accesses. I don't think the assert check you propose is appropriate with respect to the ACCESS_ONCE() semantic. Thanks, Mathieu > + (volatile typeof(x) *)&(x); \ > +})) > > /* Ignore/forbid kprobes attach on very low level functions marked by this > attribute: */ > #ifdef CONFIG_KPROBES > > -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
