On Mon, Jun 02, 2014 at 05:12:16PM -0400, Mikulas Patocka wrote: > The patch adds atomic_pointer_t for all architectures - it is in the > common code and it is backed by atomic_long_t (that already exists for all > architectures). There is no new arch-specific code at all. > > When we have atomic_pointer_t, we can find the instances of xchg() and > cmpxchg() and convert them to atomic_pointer_t (or to other atomic*_t > types). > > When we convert them all, we can drop xchg() and cmpxchg() at all (at > least from architecture-neutral code). > > The problem with xchg() and cmpxchg() is that they are very easy to > misuse. Peter Zijlstra didn't know that they are not atomic w.r.t. normal > stores, a lot of other people don't know it too - and if we allow these > functions to be used, this race condition will reappear in the future > again and again. > > That's why I'm proposing atomic_pointer_t - it guarantees that this race > condition can't be made. But its horrible, and doesn't have any benefit afaict. So if we really want to keep supporting these platforms; I would propose something like: #ifdef __CHECKER__ #define __atomic __attribute__((address_space(5))) #else #define __atomic #endif #define store(p, v) (*(p) = (typeof(*(p)) __force __atomic)(v)) #define load(p) ((typeof(*p) __force)ACCESS_ONCE(*(p))) Along with changes to xchg() and cmpxchg() that require them to take pointers to __atomic. That way we keep the flexibility of xchg() and cmpxchg() for being (mostly) type and size invariant, and get sparse to find wrong usage. Then parisc, sparc32, tile32, metag-lock1 and arc-!llsc can go implement store() however they like.
Attachment:
pgpeRUgnxfyUJ.pgp
Description: PGP signature
