Re: Confused about hlist_unhashed_lockless()

[Eric Dumazet]

On Fri, Jan 31, 2020 at 9:21 AM Will Deacon <will@xxxxxxxxxx> wrote:
>
> On Fri, Jan 31, 2020 at 09:06:27AM -0800, Eric Dumazet wrote:
> > On Fri, Jan 31, 2020 at 8:57 AM Will Deacon <will@xxxxxxxxxx> wrote:
> > > On Fri, Jan 31, 2020 at 08:48:05AM -0800, Eric Dumazet wrote:
> > > > On Fri, Jan 31, 2020 at 8:43 AM Will Deacon <will@xxxxxxxxxx> wrote:
> > > > > Then running these two concurrently on the same node means that
> > > > > hlist_unhashed_lockless() doesn't really tell you anything about whether
> > > > > or not the node is reachable in the list (i.e. there is another node
> > > > > with a next pointer pointing to it). In other words, I think all of
> > > > > these outcomes are permitted:
> > > > >
> > > > >         hlist_unhashed_lockless(n)      n reachable in list
> > > > >         0                               0 (No reordering)
> > > > >         0                               1 (No reordering)
> > > > >         1                               0 (No reordering)
> > > > >         1                               1 (Reorder first and last WRITE_ONCEs)
> > > > >
> > > > > So I must be missing some details about the use-case here. Please could
> > > > > you enlighten me? The RCU implementation permits only the first three
> > > > > outcomes afaict, why not use that and leave non-RCU hlist as it was?
> > > > >
> > > >
> > > > I guess the following has been lost :
> > >
> > > Thanks, although...
> > >
> > > > Author: Eric Dumazet <edumazet@xxxxxxxxxx>
> > > > Date:   Thu Nov 7 11:23:14 2019 -0800
> > > >
> > > >     timer: use hlist_unhashed_lockless() in timer_pending()
> > > >
> > > >     timer_pending() is mostly used in lockless contexts.
> > >
> > > ... my point above still stands: the value returned by
> > > hlist_unhashed_lockless() doesn't tell you anything about whether or
> > > not the timer is reachable in the hlist or not. The comment above
> > > timer_pending() also states that:
> > >
> > >   | Callers must ensure serialization wrt. other operations done to
> > >   | this timer, e.g. interrupt contexts, or other CPUs on SMP.
> > >
> > > If that is intended to preclude list operations, shouldn't we use an
> > > RCU hlist instead of throwing {READ,WRITE}_ONCE() at the problem to
> > > shut the sanitiser up without actually fixing anything? :(
> >
> >
> > Sorry, but timer_pending() requires no serialization.
>
> Then we should update the comment!

Which one ?

It seems KCSAN does not read the comments :)

>
> Without serialisation, timer_pending() as currently implemented does
> not reliably tell you whether the timer is in the hlist. Is that not a
> problem?

No it is not a problem.

However some callers might have incorrect assumptions, I have not
audited all the code.

 Using an RCU hlist does not introduce serialisation, but does
> at least rule out the case where timer_pending() returns false for a
> timer that /is/ reachable in the list by another CPU.
>
> > The only thing we need is a READ_ONCE() so that compiler is not allowed
> > to optimize out stuff like
> >
> > loop() {
> >    if (timer_pending())
> >       something;
>
> If that was the case, then you wouldn't need to touch hlist_add_before()
> at all so there's got to be more to it than that or we can revert that
> part of the patch.


Sorry, I do not get your point. It would help if you provide a patch
or something.