documentation: Additional restriction for control dependencies

author Paul E. McKenney <paulmck@linux.vnet.ibm.com>

Sun, 12 Oct 2014 14:55:47 +0000 (07:55 -0700)

committer Paul E. McKenney <paulmck@linux.vnet.ibm.com>

Thu, 13 Nov 2014 18:34:53 +0000 (10:34 -0800)
author Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Sun, 12 Oct 2014 14:55:47 +0000 (07:55 -0700)
committer Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Thu, 13 Nov 2014 18:34:53 +0000 (10:34 -0800)
diff --git a/Documentation/memory-barriers.txt b/Documentation/memory-barriers.txt

index 22a969cdd4766a2f4f3651d359cd81defdb3bd21..1073e019ef0617a64dce6061552e48dbba1ee910 100644 (file)
--- a/Documentation/memory-barriers.txt
+++ b/Documentation/memory-barriers.txt
@@ -694,6 +694,24 @@ Please note once again that the stores to 'b' differ.  If they were
  identical, as noted earlier, the compiler could pull this store outside
  of the 'if' statement.
  
+You must also be careful not to rely too much on boolean short-circuit
+evaluation.  Consider this example:
+
+       q = ACCESS_ONCE(a);
+       if (a || 1 > 0)
+               ACCESS_ONCE(b) = 1;
+
+Because the second condition is always true, the compiler can transform
+this example as following, defeating control dependency:
+
+       q = ACCESS_ONCE(a);
+       ACCESS_ONCE(b) = 1;
+
+This example underscores the need to ensure that the compiler cannot
+out-guess your code.  More generally, although ACCESS_ONCE() does force
+the compiler to actually emit code for a given load, it does not force
+the compiler to use the results.
+
  Finally, control dependencies do -not- provide transitivity.  This is
  demonstrated by two related examples, with the initial values of
  x and y both being zero:
author	Paul E. McKenney <paulmck@linux.vnet.ibm.com>
	Sun, 12 Oct 2014 14:55:47 +0000 (07:55 -0700)
committer	Paul E. McKenney <paulmck@linux.vnet.ibm.com>
	Thu, 13 Nov 2014 18:34:53 +0000 (10:34 -0800)