From: Andrea Parri <andrea.parri@amarulasolutions.com>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: "Paul E. McKenney" <paulmck@linux.ibm.com>,
Boqun Feng <boqun.feng@gmail.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Linus Torvalds <torvalds@linux-foundation.org>,
Frederic Weisbecker <fweisbec@gmail.com>,
Fengguang Wu <fengguang.wu@intel.com>, LKP <lkp@01.org>,
LKML <linux-kernel@vger.kernel.org>,
Netdev <netdev@vger.kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Luc Maranget <luc.maranget@inria.fr>,
Jade Alglave <j.alglave@ucl.ac.uk>
Subject: Re: rcu_read_lock lost its compiler barrier
Date: Thu, 6 Jun 2019 10:16:57 +0200 [thread overview]
Message-ID: <20190606081657.GA4249@andrea> (raw)
In-Reply-To: <Pine.LNX.4.44L0.1906041026570.1731-100000@iolanthe.rowland.org>
> This example really does point out a weakness in the LKMM's handling of
> data races. Herbert's litmus test is a great starting point:
>
>
> C xu
>
> {}
>
> P0(int *a, int *b)
> {
> WRITE_ONCE(*a, 1);
> synchronize_rcu();
> *b = 2;
> }
>
> P1(int *a, int *b)
> {
> rcu_read_lock();
> if (READ_ONCE(*a) == 0)
> *b = 1;
> rcu_read_unlock();
> }
>
> exists (~b=2)
>
>
> Currently the LKMM says the test is allowed and there is a data race,
> but this answer clearly is wrong since it would violate the RCU
> guarantee.
>
> The problem is that the LKMM currently requires all ordering/visibility
> of plain accesses to be mediated by marked accesses. But in this case,
> the visibility is mediated by RCU. Technically, we need to add a
> relation like
>
> ([M] ; po ; rcu-fence ; po ; [M])
>
> into the definitions of ww-vis, wr-vis, and rw-xbstar. Doing so
> changes the litmus test's result to "not allowed" and no data race.
> However, I'm not certain that this single change is the entire fix;
> more thought is needed.
This seems a sensible change to me: looking forward to seeing a patch,
on top of -rcu/dev, for further review and testing!
We could also add (to LKMM) the barrier() for rcu_read_{lock,unlock}()
discussed in this thread (maybe once the RCU code and the informal doc
will have settled in such direction).
It seems worth stressing the fact that _neither_ of these changes will
prevent the test below from being racy, considered the two accesses to
"a" happen concurrently / without synchronization.
Thanks,
Andrea
C xu-2
{}
P0(int *a, int *b)
{
*a = 1;
synchronize_rcu();
WRITE_ONCE(*b, 2);
}
P1(int *a, int *b)
{
rcu_read_lock();
if (*a == 0)
WRITE_ONCE(*b, 1);
rcu_read_unlock();
}
exists (~b=2)
next prev parent reply other threads:[~2019-06-06 8:17 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-10 0:57 [rcu] kernel BUG at include/linux/pagemap.h:149! Fengguang Wu
2015-09-10 10:25 ` Boqun Feng
2015-09-10 17:16 ` Paul E. McKenney
2015-09-11 2:19 ` Boqun Feng
[not found] ` <CAJzB8QG=1iZW3dQEie6ZSTLv8GZ3YSut0aL1VU7LLmiHQ1B1DQ@mail.gmail.com>
2015-09-11 21:59 ` Paul E. McKenney
2015-09-12 5:46 ` Boqun Feng
2015-09-21 19:30 ` Frederic Weisbecker
2015-09-21 20:43 ` Paul E. McKenney
2019-06-02 5:56 ` rcu_read_lock lost its compiler barrier Herbert Xu
2019-06-02 20:54 ` Linus Torvalds
2019-06-03 2:46 ` Herbert Xu
2019-06-03 3:47 ` Paul E. McKenney
2019-06-03 4:01 ` Herbert Xu
2019-06-03 4:17 ` Herbert Xu
2019-06-03 7:23 ` Paul E. McKenney
2019-06-03 8:42 ` Paul E. McKenney
2019-06-03 15:26 ` David Laight
2019-06-03 15:40 ` Linus Torvalds
2019-06-03 5:26 ` Herbert Xu
2019-06-03 6:42 ` Boqun Feng
2019-06-03 20:03 ` Paul E. McKenney
2019-06-04 14:44 ` Alan Stern
2019-06-04 16:04 ` Linus Torvalds
2019-06-04 17:00 ` Alan Stern
2019-06-04 17:29 ` Linus Torvalds
2019-06-07 14:09 ` inet: frags: Turn fqdir->dead into an int for old Alphas Herbert Xu
2019-06-07 15:26 ` Eric Dumazet
2019-06-07 15:32 ` Herbert Xu
2019-06-07 16:13 ` Eric Dumazet
2019-06-07 16:19 ` Linus Torvalds
2019-06-08 15:27 ` Paul E. McKenney
2019-06-08 17:42 ` Linus Torvalds
2019-06-08 17:50 ` Linus Torvalds
2019-06-08 18:50 ` Paul E. McKenney
2019-06-08 18:14 ` Paul E. McKenney
2019-06-06 4:51 ` rcu_read_lock lost its compiler barrier Herbert Xu
2019-06-06 6:05 ` Paul E. McKenney
2019-06-06 6:14 ` Herbert Xu
2019-06-06 9:06 ` Paul E. McKenney
2019-06-06 9:28 ` Herbert Xu
2019-06-06 10:58 ` Paul E. McKenney
2019-06-06 13:38 ` Herbert Xu
2019-06-06 13:48 ` Paul E. McKenney
2019-06-06 8:16 ` Andrea Parri [this message]
2019-06-06 14:19 ` Alan Stern
2019-06-08 15:19 ` Paul E. McKenney
2019-06-08 15:56 ` Alan Stern
2019-06-08 16:31 ` Paul E. McKenney
2019-06-03 9:35 ` Paul E. McKenney
2019-06-06 8:38 ` Andrea Parri
2019-06-06 9:32 ` Herbert Xu
2019-06-03 0:06 ` Paul E. McKenney
2019-06-03 3:03 ` Herbert Xu
2019-06-03 9:27 ` Paul E. McKenney
2019-06-03 15:55 ` Linus Torvalds
2019-06-03 16:07 ` Linus Torvalds
2019-06-03 19:53 ` Paul E. McKenney
2019-06-03 20:24 ` Linus Torvalds
2019-06-04 21:14 ` Paul E. McKenney
2019-06-05 2:21 ` Herbert Xu
2019-06-05 3:30 ` Paul E. McKenney
2019-06-06 4:37 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190606081657.GA4249@andrea \
--to=andrea.parri@amarulasolutions.com \
--cc=boqun.feng@gmail.com \
--cc=davem@davemloft.net \
--cc=fengguang.wu@intel.com \
--cc=fweisbec@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=j.alglave@ucl.ac.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@01.org \
--cc=luc.maranget@inria.fr \
--cc=netdev@vger.kernel.org \
--cc=paulmck@linux.ibm.com \
--cc=stern@rowland.harvard.edu \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).