Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

semaphore: Fix a few regressions #14755

Closed
wants to merge 1 commit into from
Closed

semaphore: Fix a few regressions #14755

wants to merge 1 commit into from

Conversation

yamt
Copy link
Contributor

@yamt yamt commented Nov 13, 2024
edited
Loading

Summary

Regressions caused by signedness issues in
"sem: change sem wait to atomic operation".
(#14465)

An alternative would be to make these atomic macros propagate signedness using the typeof() GCC/clang extension. I'm not inclined to do so because typeof is not so portable though. As we can unlikely require "real" C11 atomics in the foreseeable future, maybe we should use a different set of names from C11 to avoid confusions.

Impact

Testing

esp32s3-devkit:smp ostest, with a few unrelated local changes.

@github-actions github-actions bot added Area: OS Components OS Components issues Size: S The size of the change in this PR is small labels Nov 13, 2024
@yamt
semaphore: Fix a few regressions
ee3f119 
Regressions caused by signedness issues in
"sem: change sem wait to atomic operation".
(apache#14465)

An alternative would be to make these atomic macros propagate
signedness using the typeof() GCC/clang extension. I'm not inclined
to do so because typeof is not so portable though. As we can unlikely
require "real" C11 atomics in the foreseeable future, maybe we should
use a different set of names from C11 to avoid confusions.
@nuttxpr
Copy link

nuttxpr commented Nov 13, 2024

[Experimental Bot, please feedback here]

No, this PR does not fully meet the NuttX requirements. While it provides a summary of the why and how, it lacks detail in several crucial sections:

  • Summary: Missing "What functional part of the code is being changed?". Be specific (e.g., semaphore implementation, specific files modified).
  • Impact: Completely empty. This is a critical section. Address all the points, even if the answer is "NO". Justify each "NO". For example: "Impact on user: NO (Existing applications using semaphores should not require modification)."
  • Testing: Insufficient. While a target is mentioned, there are no "before" and "after" logs. These logs are crucial for demonstrating the fix and justifying the change. "A few unrelated local changes" are also concerning; the PR should ideally be tested in isolation. The build host details are also missing.

Specifically, the author needs to:

  1. Clarify the scope of changes: List the affected files/functions.
  2. Complete the Impact section: Address every point, justifying each answer.
  3. Provide valid testing logs: Include "before" and "after" logs demonstrating the issue and the fix. Remove any unrelated local changes before generating these logs. Specify the build host details.

Without these changes, the PR is incomplete and difficult to review properly.

@yamt yamt mentioned this pull request Nov 13, 2024
Open
1 task
xiaoxiang781216
xiaoxiang781216 reviewed Nov 13, 2024
View reviewed changes
sched/semaphore/sem_holder.c
@@ -880,7 +880,7 @@ void nxsem_canceled(FAR struct tcb_s *stcb, FAR sem_t *sem)
{
/* Check our assumptions */

DEBUGASSERT(atomic_load(NXSEM_COUNT(sem)) <= 0);
DEBUGASSERT((int16_t)atomic_load(NXSEM_COUNT(sem)) <= 0);
Copy link
Contributor

@xiaoxiang781216 xiaoxiang781216 Nov 13, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why need cast int16_t if NXSEM_COUNT return atomic_short?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

atomic_load returns uint64_t.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see

nuttx/include/nuttx/lib/stdatomic.h

Lines 75 to 81 in daab676

#define atomic_load_n(obj, type) \
(sizeof(*(obj)) == 1 ? __atomic_load_1(obj, type) : \
sizeof(*(obj)) == 2 ? __atomic_load_2(obj, type) : \
sizeof(*(obj)) == 4 ? __atomic_load_4(obj, type) : \
__atomic_load_8(obj, type))
#define atomic_load(obj) atomic_load_n(obj, __ATOMIC_RELAXED)

nuttx/include/nuttx/lib/stdatomic.h

Lines 201 to 204 in daab676

uint8_t __atomic_load_1(FAR const volatile void *ptr, int memorder);
uint16_t __atomic_load_2(FAR const volatile void *ptr, int memorder);
uint32_t __atomic_load_4(FAR const volatile void *ptr, int memorder);
uint64_t __atomic_load_8(FAR const volatile void *ptr, int memorder);

Copy link
Contributor

@xiaoxiang781216 xiaoxiang781216 Nov 13, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but the spec requires it return the same base type:
https://en.cppreference.com/w/c/atomic/atomic_load
we should fix the implementation instead. @crafcat7

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO, we should not pretend to have generic selection.
it's simpler to use concrete-type apis like, say, nx_atomic_load_int16.

Copy link
Contributor

@crafcat7 crafcat7 Nov 14, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@crafcat7 please fix this ASAP.

We can consider whether there is a better way to reorganize arch_atomic & nuttx/stdatomic.c so that they can directly go to the atomic processing of the corresponding type, in other words, it can return the same result type as the input type parameter.
This work should take some time.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO, we should not pretend to have generic selection. it's simpler to use concrete-type apis like, say, nx_atomic_load_int16.

Yes, but it's this is the standard defined prototype:(

my suggestion is to use nuttx-specific, non-standard prototype.

besides that, we can provide c11 stdatomic to user applications where possible.
but our own code (eg. semaphore implementation) should not use it, IMO.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This work should take some time.

that's my expection too.

in the meantime, IMO, we should make band-aid fixes (like this PR) or a revert.

Copy link
Contributor

@xiaoxiang781216 xiaoxiang781216 Nov 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, let's limit the kernel to use only one type of atomic type, so we can provide a compatible implementation when the compiler doesn't provide the atomic operation. @zyfeier @crafcat7

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'd suggest to revert the change in question for now because it would take some time to fix regressions: #14804

@yamt yamt mentioned this pull request Nov 13, 2024
Closed
yamt added a commit to yamt/incubator-nuttx that referenced this pull request Nov 13, 2024
@yamt
Degrade the critical section to up_irq_save in a few cases
5f13d55 
So that it can be used in more situations.

The primary motivation here is to avoid crashes introduced by
apache#14722.

Tested:
- esp32-devkitc:wifi_smp (smp)
- esp32s3-devkit:smp (ostest, smp)
  (with apache#14755)
@yamt yamt mentioned this pull request Nov 13, 2024
Merged
yamt added a commit to yamt/incubator-nuttx that referenced this pull request Nov 15, 2024
@yamt
Revert "sem: change sem wait to atomic operation"
b3b3f1f 
This reverts commit befe298.

Because a few regressions have been reported and
it likely will take some time to fix them:

* for some configurations, semaphore can be used on the special
  memory region, where atomic access is not available.
  cf. apache#14625

* include/nuttx/lib/stdatomic.h is not compatible with
  the C11 semantics, which the change in question relies on.
  cf. apache#14755
@yamt yamt mentioned this pull request Nov 15, 2024
Merged
@yamt yamt marked this pull request as draft November 15, 2024 05:52
@yamt
Copy link
Contributor Author

yamt commented Nov 15, 2024

i marked this draft because i'm now inclined to think it's simpler to make a revert. #14804

xiaoxiang781216 pushed a commit that referenced this pull request Nov 20, 2024
@yamt @xiaoxiang781216
Revert "sem: change sem wait to atomic operation"
4c3ae2e 
This reverts commit befe298.

Because a few regressions have been reported and
it likely will take some time to fix them:

* for some configurations, semaphore can be used on the special
  memory region, where atomic access is not available.
  cf. #14625

* include/nuttx/lib/stdatomic.h is not compatible with
  the C11 semantics, which the change in question relies on.
  cf. #14755
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crafcat7 crafcat7 crafcat7 left review comments

@zyfeier zyfeier zyfeier left review comments

@xiaoxiang781216 xiaoxiang781216 xiaoxiang781216 left review comments

Assignees
No one assigned
Labels
Area: OS Components OS Components issues Size: S The size of the change in this PR is small
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@yamt @nuttxpr @xiaoxiang781216 @zyfeier @crafcat7