Re: [PATCH v2 2/2] tools/memory-model: Make ppo a subrelation of po

From: Alan Stern
Date: Thu Jan 26 2023 - 11:36:29 EST

Next message: Arnd Bergmann: "[PATCH] drm/amdgpu/display/mst: fix an unused-variable warning"
Previous message: Srinivas Kandagatla: "Re: [RFC PATCH v2 11/22] ASoC: qcom: Add USB backend ASoC driver for Q6"
In reply to: Jonas Oberhauser: "[PATCH v2 2/2] tools/memory-model: Make ppo a subrelation of po"
Next in thread: Jonas Oberhauser: "Re: [PATCH v2 2/2] tools/memory-model: Make ppo a subrelation of po"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 26, 2023 at 02:46:04PM +0100, Jonas Oberhauser wrote:
> As stated in the documentation and implied by its name, the ppo
> (preserved program order) relation is intended to link po-earlier
> to po-later instructions under certain conditions. However, a
> corner case currently allows instructions to be linked by ppo that
> are not executed by the same thread, i.e., instructions are being
> linked that have no po relation.
>
> This happens due to the mb/strong-fence relations, which (as one
> case) provide order when locks are passed between threads followed
> by an smp_mb__after_unlock_lock() fence. This is illustrated in
> the following litmus test (as can be seen when using herd7 with
> `doshow ppo`):
>
> P0(int *x, int *y)
> {
> spin_lock(x);
> spin_unlock(x);
> }
>
> P1(int *x, int *y)
> {
> spin_lock(x);
> smp_mb__after_unlock_lock();
> *y = 1;
> }
>
> The ppo relation will link P0's spin_lock(x) and P1's *y=1, because
> P0 passes a lock to P1 which then uses this fence.
>
> The patch makes ppo a subrelation of po by eliminating this possibility
> from mb (but not strong-fence) and relying explicitly on mb|gp instead
> of strong-fence when defining ppo.
>
> Signed-off-by: Jonas Oberhauser <jonas.oberhauser@xxxxxxxxxxxxxxx>
> ---

This changes the meaning of the fence relation, which is used in
w-pre-bounded, w-post-bounded, ww-vis, wr-vis, and rw-xbstar. Have you
checked that they won't be affected by the change?

> tools/memory-model/linux-kernel.cat | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/tools/memory-model/linux-kernel.cat b/tools/memory-model/linux-kernel.cat
> index 6e531457bb73..815fdafacaef 100644
> --- a/tools/memory-model/linux-kernel.cat
> +++ b/tools/memory-model/linux-kernel.cat
> @@ -36,7 +36,9 @@ let wmb = [W] ; fencerel(Wmb) ; [W]
> let mb = ([M] ; fencerel(Mb) ; [M]) |
> ([M] ; fencerel(Before-atomic) ; [RMW] ; po? ; [M]) |
> ([M] ; po? ; [RMW] ; fencerel(After-atomic) ; [M]) |
> - ([M] ; po? ; [LKW] ; fencerel(After-spinlock) ; [M]) |
> + ([M] ; po? ; [LKW] ; fencerel(After-spinlock) ; [M])
> +let gp = po ; [Sync-rcu | Sync-srcu] ; po?
> +let strong-fence = mb | gp |
> (*
> * Note: The po-unlock-lock-po relation only passes the lock to the direct
> * successor, perhaps giving the impression that the ordering of the
> @@ -50,10 +52,9 @@ let mb = ([M] ; fencerel(Mb) ; [M]) |
> *)
> ([M] ; po-unlock-lock-po ;
> [After-unlock-lock] ; po ; [M])
> -let gp = po ; [Sync-rcu | Sync-srcu] ; po?
> -let strong-fence = mb | gp
>
> -let nonrw-fence = strong-fence | po-rel | acq-po
> +

Extra blank line.

> +let nonrw-fence = mb | gp | po-rel | acq-po
> let fence = nonrw-fence | wmb | rmb
> let barrier = fencerel(Barrier | Rmb | Wmb | Mb | Sync-rcu | Sync-srcu |
> Before-atomic | After-atomic | Acquire | Release |
> --
> 2.17.1

Alan

Next message: Arnd Bergmann: "[PATCH] drm/amdgpu/display/mst: fix an unused-variable warning"
Previous message: Srinivas Kandagatla: "Re: [RFC PATCH v2 11/22] ASoC: qcom: Add USB backend ASoC driver for Q6"
In reply to: Jonas Oberhauser: "[PATCH v2 2/2] tools/memory-model: Make ppo a subrelation of po"
Next in thread: Jonas Oberhauser: "Re: [PATCH v2 2/2] tools/memory-model: Make ppo a subrelation of po"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]