Is Parallel Programming Hard, And, If So, What Can You Do About It?

More documents

Recommendations

Info

$TeX op Mac OS X, met teTeX en TeXShop - Nluug$

242 APPENDIX D. READ-COPY UPDATE IMPLEMENTATIONSside critical section can bleed out on weakly orderedmachines. In addition, the relatively loose couplingof this RCU implementation permits CPUs to disagreeon when a given grace period starts and ends.This leads to the question as to how long a givenRCU read-side critical section can possibly extendrelative to the grace-period state machine.Grace−PeriodState Machinewaitack idle waitmb waitzero waitack idle waitmb waitzero waitack idle waitmbCPU 1 mbCPU 2 mbCPU 3 mbCPU 0 mbcompleted++ [==1]CPU 2 ackCPU 3 ackCPU 1 ackCPU 0 ackOld counters zero [0]CPU 3 mbCPU 0 mbCPU 2 mbCPU 1 mbcompleted++ [==2]CPU 3 ackCPU 2 ackCPU 1 ackCPU 0 ackOld counters zero [1]CPU 3 mbCPU 0 mbCPU 2 mbCPU 1 mbcompleted++ [==3]CPU 0 ackCPU 3 ackCPU 1 ackCPU 2 ackRemoval andReclamationlist_del_rcu()call_rcu()next to wait[0]wait[0] to wait[1]wait[1] to doneEarliest Possible InvocationRCU Read−SideCritical SectionEarliest Possible Reordering ofrcu_dereference()Latest Possible Reordering ofrcu_read_lock()Latest Possible Execution ofrcu_read_unlock()Latest Possible Reordering ofRCU−Protected Pointer UseFigure D.77: Preemptable RCU Worst-Case ScenarioThe worst-case scenario is shown in Figure D.77.Here, CPU 0 is executing the shortest possible removaland reclamation sequence, while CPU 1 executesthe longest possible RCU read-side criticalsection. Because the callback queues are advancedjust before acknowledging a counter flip, the latestthat CPU 0 can execute its list_del_rcu() andcall_rcu() is just before its scheduling-clock interruptthat acknowledges the counter flip. The call_rcu() invocation places the callback on CPU 0’snext list, and the interrupt will move the callbackfrom the next list to the wait[0] list. This callbackwill move again (from the wait[0] list to thewait[1] list) at CPU 0’s first scheduling-clock interruptfollowing the next counter flip. Similarly, thecallback will move from the wait[1] list to the donelist at CPU 0’s first scheduling-clock interrupt followingthe counter flip resulting in the value 3. Thecallback might be invoked immediately afterward.Meanwhile, CPU 1 is executing an RCU read-sidecritical section. Let us assume that the rcu_read_lock() follows the first counter flip (the one resultingin the value 1), so that the rcu_read_lock()increments CPU 1’s rcu_flipctr[1] counter. Notethatbecausercu_read_lock()doesnotcontainanymemory barriers, the contents of the critical sectionmight be executed early by the CPU. However,this early execution cannot precede the last memorybarrier executed by CPU 1, as shown on thediagram. This is nevertheless sufficiently early thatan rcu_dereference() could fetch a pointer to theitem being deleted by CPU 0’s list_del_rcu().Because the rcu_read_lock() incremented anindex-1 counter, the corresponding rcu_read_unlock() must precede the ”old counters zero”event for index 1. However, because rcu_read_unlock() contains no memory barriers, the contentsof the corresponding RCU read-side critical section(possiblyincludingareferencetotheitemdeletedbyCPU 0) can be executed late by CPU 1. However,it cannot be executed after CPU 1’s next memorybarrier, as shown on the diagram. Because the latestpossible reference by CPU 1 precedes the earliestpossible callback invocation by CPU 0, two passesthrough the grace-period state machine suffice toconstitute a full grace period, and hence it is safeto do:#define GP_STAGES 2Quick Quiz D.62: Suppose that the irq disablingin rcu_read_lock() was replaced by preemptiondisabling. What effect would that have onGP_STAGES?Quick Quiz D.63: Why can’t the rcu_dereference() precede the memory barrier?D.4.3.3 Formal ValidationFormal validation of this algorithm is quite important,but remains as future work. One tool for doingthis validation is described in Appendix E.Quick Quiz D.64: What is a more precise wayto say ”CPU 0 might see CPU 1’s increment as earlyas CPU 1’s last previous memory barrier”?
Appendix EFormal VerificationParallel algorithms can be hard to write, and evenharder to debug. Testing, though essential, is insufficient,as fatal race conditions can have extremelylowprobabilitiesofoccurrence. Proofsofcorrectnesscan be valuable, but in the end are just as prone tohuman error as is the original algorithm.It would be very helpful to have a tool that couldsomehow locate all race conditions. A number ofsuch tools exist, for example, the language Promelaand its compiler Spin, which are described in thischapter. Section E.1 provide an introduction toPromela and Spin, Section E.2 demonstrates use ofPromela and Spin to find a race in a non-atomicincrement example, Section E.3 uses Promela andSpin to validate a similar atomic-increment example,Section E.4 gives an overview of using Promelaand Spin, Section E.5 demonstrates a Promelamodel of a spinlock, Section E.6 applies Promelaand spin to validate a simple RCU implementation,Section E.7 applies Promela to validate an interfacebetween preemptable RCU and the dyntick-idleenergy-conservation feature in the Linux kernel, SectionE.8 presents a simpler interface that does notrequire formal verification, and finally Section E.9sums up use of formal-verification tools for verifyingparallel algorithms.E.1 What are Promela andSpin?Promela is a language designed to help verify protocols,but which can also be used to verify small parallelalgorithms. You recode your algorithm and correctnessconstraints in the C-like language Promela,and then use Spin to translate it into a C programthat you can compile and run. The resulting programconducts a full state-space search of your algorithm,either verifying or finding counter-examplesfor assertions that you can include in your Promelaprogram.This full-state search can extremely powerful, butcan also be a two-edged sword. If your algorithmis too complex or your Promela implementation iscareless, there might be more states than fit in memory.Furthermore, even given sufficient memory, thestate-space search might well run for longer than theexpected lifetime of the universe. Therefore, use thistool for compact but complex parallel algorithms.Attempts to naively apply it to even moderate-scalealgorithms (let alone the full Linux kernel) will endbadly.Promela and Spinmay bedownloaded fromhttp://spinroot.com/spin/whatispin.html.The above site also gives links to Gerard Holzmann’sexcellent book [Hol03] on Promela andSpin, as well as searchable online references startingat: http://www.spinroot.com/spin/Man/index.html.The remainder of this article describes how to usePromela to debug parallel algorithms, starting withsimple examples and progressing to more complexuses.E.2 Promela Example: Non-Atomic IncrementFigureE.1demonstratesthetextbookraceconditionresulting from non-atomic increment. Line 1 definesthe number of processes to run (we will vary thisto see the effect on state space), line 3 defines thecounter,andline4isusedtoimplementtheassertionthat appears on lines 29-39.Lines 6-13 define a process that increments thecounter non-atomically. The argument me is theprocess number, set by the initialization block laterin the code. Because simple Promela statementsare each assumed atomic, we must break the incrementinto the two statements on lines 10-11. Theassignment on line 12 marks the process’s completion.Because the Spin system will fully search
Page 1 and 2:
Is Parallel Programming Hard, And,
Page 3 and 4:
Contents1 Introduction 11.1 Histori
Page 5 and 6:
CONTENTSv6 Locking 676.1 Staying Al
Page 7 and 8:
CONTENTSviiB Synchronization Primit
Page 9 and 10:
CONTENTSixE.7.1 Introduction to Pre
Page 11 and 12:
PrefaceThe purpose of this book is
Page 13 and 14:
Chapter 1IntroductionParallel progr
Page 15 and 16:
1.2. PARALLEL PROGRAMMING GOALS 3CP
Page 17 and 18:
1.3. ALTERNATIVES TO PARALLEL PROGR
Page 19 and 20:
1.4. WHAT MAKES PARALLEL PROGRAMMIN
Page 21 and 22:
1.5. GUIDE TO THIS BOOK 9other hand
Page 23 and 24:
Chapter 2Hardware and its HabitsMos
Page 25:
2.1. OVERVIEW 13Therefore, as shown
Page 28 and 29:
16 CHAPTER 2. HARDWARE AND ITS HABI
Page 30 and 31:
18 CHAPTER 2. HARDWARE AND ITS HABI
Page 32 and 33:
20 CHAPTER 3. TOOLS OF THE TRADE1 p
Page 34 and 35:
22 CHAPTER 3. TOOLS OF THE TRADE1 p
Page 36 and 37:
24 CHAPTER 3. TOOLS OF THE TRADE1.1
Page 38 and 39:
26 CHAPTER 3. TOOLS OF THE TRADEQui
Page 40 and 41:
28 CHAPTER 3. TOOLS OF THE TRADE
Page 42 and 43:
30 CHAPTER 4. COUNTING1 atomic_t co
Page 44 and 45:
32 CHAPTER 4. COUNTING4.2.3 Eventua
Page 46 and 47:
34 CHAPTER 4. COUNTINGvanish when t
Page 48 and 49:
36 CHAPTER 4. COUNTINGper-thread va
Page 50 and 51:
38 CHAPTER 4. COUNTING1 unsigned lo
Page 52 and 53:
Page 54 and 55:
42 CHAPTER 4. COUNTING1 #define THE
Page 56 and 57:
Page 58 and 59:
46 CHAPTER 4. COUNTINGReadsAlgorith
Page 60 and 61:
48 CHAPTER 5. PARTITIONING AND SYNC
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
68 CHAPTER 6. LOCKING1 int delete(i
Page 82 and 83:
70 CHAPTER 7. DATA OWNERSHIP
Page 84 and 85:
72 CHAPTER 8. DEFERRED PROCESSINGfo
Page 86 and 87:
74 CHAPTER 8. DEFERRED PROCESSINGth
Page 88 and 89:
76 CHAPTER 8. DEFERRED PROCESSING
Page 90 and 91:
78 CHAPTER 8. DEFERRED PROCESSINGfi
Page 92 and 93:
80 CHAPTER 8. DEFERRED PROCESSINGti
Page 94 and 95:
82 CHAPTER 8. DEFERRED PROCESSINGNo
Page 96 and 97:
84 CHAPTER 8. DEFERRED PROCESSING12
Page 98 and 99:
Page 100 and 101:
88 CHAPTER 8. DEFERRED PROCESSINGvo
Page 102 and 103:
90 CHAPTER 8. DEFERRED PROCESSINGLi
Page 104 and 105:
92 CHAPTER 8. DEFERRED PROCESSINGpe
Page 106 and 107:
94 CHAPTER 8. DEFERRED PROCESSINGCa
Page 108 and 109:
96 CHAPTER 8. DEFERRED PROCESSINGTh
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
104 CHAPTER 8. DEFERRED PROCESSINGs
Page 118 and 119:
106 CHAPTER 8. DEFERRED PROCESSINGo
Page 120 and 121:
108 CHAPTER 8. DEFERRED PROCESSING
Page 122 and 123:
110 CHAPTER 9. APPLYING RCU1 struct
Page 124 and 125:
112 CHAPTER 9. APPLYING RCU
Page 126 and 127:
114 CHAPTER 10. VALIDATION: DEBUGGI
Page 128 and 129:
116 CHAPTER 11. DATA STRUCTURES
Page 130 and 131:
118 CHAPTER 12. ADVANCED SYNCHRONIZ
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
138 CHAPTER 13. EASE OF USEFigure 1
Page 152 and 153:
140 CHAPTER 13. EASE OF USE
Page 154 and 155:
142 CHAPTER 14. TIME MANAGEMENT
Page 156 and 157:
144 CHAPTER 15. CONFLICTING VISIONS
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
154 APPENDIX A. IMPORTANT QUESTIONS
Page 168 and 169:
156 APPENDIX A. IMPORTANT QUESTIONS
Page 170 and 171:
158 APPENDIX B. SYNCHRONIZATION PRI
Page 172 and 173:
160 APPENDIX B. SYNCHRONIZATION PRI
Page 174 and 175:
162 APPENDIX C. WHY MEMORY BARRIERS
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
184 APPENDIX D. READ-COPY UPDATE IM
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205: 192 APPENDIX D. READ-COPY UPDATE IM
Page 256 and 257: 244 APPENDIX E. FORMAL VERIFICATION
Page 284 and 285: 272 APPENDIX F. ANSWERS TO QUICK QU
Page 304 and 305:
292 APPENDIX F. ANSWERS TO QUICK QU
Page 306 and 307:
Page 308 and 309:
Page 310 and 311:
Page 312 and 313:
Page 314 and 315:
Page 316 and 317:
Page 318 and 319:
Page 320 and 321:
Page 322 and 323:
Page 324 and 325:
Page 326 and 327:
Page 328 and 329:
Page 330 and 331:
Page 332 and 333:
Page 334 and 335:
Page 336 and 337:
Page 338 and 339:
Page 340 and 341:
Page 342 and 343:
330 APPENDIX G. GLOSSARY(2) A physi
Page 344 and 345:
332 APPENDIX G. GLOSSARYnear by. Th
Page 346 and 347:
334 APPENDIX G. GLOSSARY
Page 348 and 349:
336 BIBLIOGRAPHY[But97]USA, March 2
Page 350 and 351:
338 BIBLIOGRAPHY[HMB06][Hol03][HP95
Page 352 and 353:
340 BIBLIOGRAPHY[McK06] Paul E. McK
Page 354 and 355:
342 BIBLIOGRAPHYtor. Software - Pra
Page 356 and 357:
344 BIBLIOGRAPHY[UoC08][VGS08]Berke
Page 358:
346 APPENDIX H. CREDITSH.4 Original
show all

Is Parallel Programming Hard, And, If So, What Can You Do About It?

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?