Re: [PATCH 3/3] tools: memory-model: Improve data-race detection

From: Alan Stern
Date: Fri Jun 21 2019 - 10:25:25 EST

Next message: Mauro Carvalho Chehab: "Re: [PATCH 12/14] doc-rst: add ABI documentation to the admin-guide book"
Previous message: Masami Hiramatsu: "Re: [PATCH 1/2] tracing/uprobe: Fix NULL pointer dereference in trace_uprobe_create()"
In reply to: Andrea Parri: "Re: [PATCH 3/3] tools: memory-model: Improve data-race detection"
Next in thread: Paul E. McKenney: "Re: [PATCH 3/3] tools: memory-model: Improve data-race detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 21 Jun 2019, Andrea Parri wrote:

> On Thu, Jun 20, 2019 at 11:55:58AM -0400, Alan Stern wrote:
> > Herbert Xu recently reported a problem concerning RCU and compiler
> > barriers. In the course of discussing the problem, he put forth a
> > litmus test which illustrated a serious defect in the Linux Kernel
> > Memory Model's data-race-detection code.
> >
> > The defect was that the LKMM assumed visibility and executes-before
> > ordering of plain accesses had to be mediated by marked accesses. In
> > Herbert's litmus test this wasn't so, and the LKMM claimed the litmus
> > test was allowed and contained a data race although neither is true.
> >
> > In fact, plain accesses can be ordered by fences even in the absence
> > of marked accesses. In most cases this doesn't matter, because most
> > fences only order accesses within a single thread. But the rcu-fence
> > relation is different; it can order (and induce visibility between)
> > accesses in different threads -- events which otherwise might be
> > concurrent. This makes it relevant to data-race detection.
> >
> > This patch makes two changes to the memory model to incorporate the
> > new insight:
> >
> > If a store is separated by a fence from another access,
> > the store is necessarily visible to the other access (as
> > reflected in the ww-vis and wr-vis relations). Similarly,
> > if a load is separated by a fence from another access then
> > the load necessarily executes before the other access (as
> > reflected in the rw-xbstar relation).
> >
> > If a store is separated by a strong fence from a marked access
> > then it is necessarily visible to any access that executes
> > after the marked access (as reflected in the ww-vis and wr-vis
> > relations).
> >
> > With these changes, the LKMM gives the desired result for Herbert's
> > litmus test and other related ones.
> >
> > Signed-off-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
> > Reported-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
>
> For the entire series:
>
> Acked-by: Andrea Parri <andrea.parri@xxxxxxxxxxxxxxxxxxxx>
>
> Two nits, but up to Paul AFAIAC:
>
> - This is a first time for "tools: memory-model:" in Subject; we were
> kind of converging to "tools/memory-model:"...

Yeah, sure. That's the sort of detail I have a hard time remembering.

> - The report preceded the patch; we might as well reflect this in the
> order of the tags.

Either way is okay with me.

Alan

Next message: Mauro Carvalho Chehab: "Re: [PATCH 12/14] doc-rst: add ABI documentation to the admin-guide book"
Previous message: Masami Hiramatsu: "Re: [PATCH 1/2] tracing/uprobe: Fix NULL pointer dereference in trace_uprobe_create()"
In reply to: Andrea Parri: "Re: [PATCH 3/3] tools: memory-model: Improve data-race detection"
Next in thread: Paul E. McKenney: "Re: [PATCH 3/3] tools: memory-model: Improve data-race detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]