On 8/30/2022 4:44 PM, Paul Heidekrüger wrote: > The current informal control dependency definition in explanation.txt is > too broad and, as dicsussed, needs to be updated. > > Consider the following example: > >> if(READ_ONCE(x)) >> return 42; >> >> WRITE_ONCE(y, 42); >> >> return 21; > > The read event determines whether the write event will be executed "at > all" - as per the current definition - but the formal LKMM does not > recognize this as a control dependency. > > Introduce a new defintion which includes the requirement for the second > memory access event to syntactically lie within the arm of a non-loop > conditional. > > Link: https://lore.kernel.org/all/20220615114330.2573952-1-paul.heidekrueger@xxxxxxxxx/ > Cc: Marco Elver <elver@xxxxxxxxxx> > Cc: Charalampos Mainas <charalampos.mainas@xxxxxxxxx> > Cc: Pramod Bhatotia <pramod.bhatotia@xxxxxxxxx> > Cc: Soham Chakraborty <s.s.chakraborty@xxxxxxxxxx> > Cc: Martin Fink <martin.fink@xxxxxxxxx> > Signed-off-by: Paul Heidekrüger <paul.heidekrueger@xxxxxxxxx> > Co-developed-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> > --- > > @Alan: > > Since I got it wrong the last time, I'm adding you as a co-developer after my > SOB. I'm sorry if this creates extra work on your side due to you having to > resubmit the patch now with your SOB if I understand correctly, but since it's > based on your wording from the other thread, I definitely wanted to give you > credit. > > tools/memory-model/Documentation/explanation.txt | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/tools/memory-model/Documentation/explanation.txt b/tools/memory-model/Documentation/explanation.txt > index ee819a402b69..0bca50cac5f4 100644 > --- a/tools/memory-model/Documentation/explanation.txt > +++ b/tools/memory-model/Documentation/explanation.txt > @@ -464,9 +464,10 @@ to address dependencies, since the address of a location accessed > through a pointer will depend on the value read earlier from that > pointer. > > -Finally, a read event and another memory access event are linked by a > -control dependency if the value obtained by the read affects whether > -the second event is executed at all. Simple example: > +Finally, a read event X and another memory access event Y are linked by > +a control dependency if Y syntactically lies within an arm of an if, > +else or switch statement and the condition guarding Y is either data or > +address-dependent on X. Simple example: 'conditioning guarding Y' sounds confusing to me as it implies to me that the condition's evaluation depends on Y. I much prefer Alan's wording from the linked post saying something like 'the branch condition is data or address dependent on X, and Y lies in one of the arms'. I have to ask though, why doesn't this imply that the second instruction never executes at all? I believe that would break the MP-pattern if it were not true. cheers, - Joel
