On Fri, Jul 06, 2018 at 01:56:14PM +0200, Peter Zijlstra wrote: > > But I couldn't undertand what's wrong without the 1th smp_mb()? > > 1th smp_mb will make all ld/st finish before ldex.w. Is it necessary? > > Yes. > > CPU0 CPU1 > > r1 = READ_ONCE(x); WRITE_ONCE(y, 1); > r2 = xchg(&y, 2); smp_store_release(&x, 1); > > must not allow: r1==1 && r2==0 Also, since you said "SYNC.IS" is a pipeline flush, those instruction-sync primitives normally do not imply a store-buffer flush, does yours? If not it is not a valid smp_mb() implementation. Notably: CPU0 CPU1 WRITE_ONCE(x, 1); WRITE_ONCE(y, 1); smp_mb(); smp_mb(); r0 = READ_ONCE(y); r1 = READ_ONCE(x); must not allow: r0==0 && r1==0 Which would be possible with a regular instruction-sync barrier, but must absolutely not be true with a full memory barrier. (and you can replace the smp_mb(); r = READ_ONCE(); with r = xchg() to again see why you need that first smp_mb()).
