Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp883724pxb; Wed, 27 Oct 2021 14:25:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyzcFQb4FBw/1KvBp3xpTw7ei7hesR8sYGIhX+AVTpvCcmibkCYpoxKkUq4SKHrfJusDEYY X-Received: by 2002:a17:906:3956:: with SMTP id g22mr74489eje.572.1635369953398; Wed, 27 Oct 2021 14:25:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635369953; cv=none; d=google.com; s=arc-20160816; b=PkdYhUr9UKFIf13axFwdlIMGLtT8+o/14BgbkDunt1ueAHtnWzAv4gdNCa7nehjckL yVOdxzYPA/SkrtLhTZfxc8Fp73PUBBFoW9gJuaNY8m22xjt2Astt34DETKRwLxQrPVO3 fph7ss/yi+xt96D3xI2pCpXTKVswiQER+hxG+N0tyZsjjWJYM4JPI9XELJxT2C67B3qo nqJN33DoxyaIfwATxT560rLscqvXyiDPKRK9cVoA6Tv6DNr35EbFT2RCyEokL4+OuJsH zDhj/MUks+UD2NGhY91ok6HEIsI3Ez90eYdA83Eegh6uWCdMyVfHVoTRGm/tuqGnQRxK bXaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-disposition:mime-version:message-id :subject:cc:to:from:date; bh=+VQgQst2y0953BQrkDJ71d2qVSS0Fge6mexzPWltjg0=; b=CT+Q/6goXruy3lL5sfsD523q5+7ixsQEDrIAdBQ9nr1X4d2mqdAkEoQNpZnAvT4zyD 6yyrb7NSuQwbw34i31/FwFoeyUKbSrduNq/IgmwjN2qxkouEMgg3n1QLHDRCBjFcf3iy rLTtTF4+oY13eSzsvY4AdrXbOJFYCxwC4aNjn8RWXtnWGnU6IK+qIOZ9eqn5r6BYX4Pc ChrDgkpxhRsPuytZh99fpOyyhQmcrkB7ZTGlNJT6FSWSZLAQnGKAk57D7R8LkTmmbQf1 Y+uZoN3iI2clq3MGUZYgGsqxMkzDslUzAG1OvPvlMT4UHqP8URIF2cn97bt14hzzyUcY cmxg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=tum.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c19si1122011edv.476.2021.10.27.14.25.24; Wed, 27 Oct 2021 14:25:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=tum.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239293AbhJ0Kb2 (ORCPT + 97 others); Wed, 27 Oct 2021 06:31:28 -0400 Received: from mail-out1.in.tum.de ([131.159.0.8]:46884 "EHLO mail-out1.informatik.tu-muenchen.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231643AbhJ0Kb2 (ORCPT ); Wed, 27 Oct 2021 06:31:28 -0400 X-Greylist: delayed 550 seconds by postgrey-1.27 at vger.kernel.org; Wed, 27 Oct 2021 06:31:27 EDT Received: from mailrelay1.rbg.tum.de (mailrelay1.in.tum.de [131.159.254.14]) by mail-out1.informatik.tu-muenchen.de (Postfix) with ESMTP id C77A12401CC; Wed, 27 Oct 2021 12:19:51 +0200 (CEST) Received: by mailrelay1.rbg.tum.de (Postfix, from userid 112) id C482F172; Wed, 27 Oct 2021 12:19:51 +0200 (CEST) Received: from mailrelay1.rbg.tum.de (localhost [127.0.0.1]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id A18D216F; Wed, 27 Oct 2021 12:19:51 +0200 (CEST) Received: from mail.in.tum.de (mailproxy.in.tum.de [IPv6:2a09:80c0::78]) by mailrelay1.rbg.tum.de (Postfix) with ESMTPS id 9E068B7; Wed, 27 Oct 2021 12:19:51 +0200 (CEST) Received: by mail.in.tum.de (Postfix, from userid 112) id 99BF84A046E; Wed, 27 Oct 2021 12:19:51 +0200 (CEST) Received: (Authenticated sender: heidekrp) by mail.in.tum.de (Postfix) with ESMTPSA id 836554A040D; Wed, 27 Oct 2021 12:19:50 +0200 (CEST) (Extended-Queue-bit tech_zfnoy@fff.in.tum.de) Date: Wed, 27 Oct 2021 12:19:48 +0200 From: Paul =?iso-8859-1?Q?Heidekr=FCger?= To: paulmck@kernel.org, will@kernel.org, peterz@infradead.org, boqun.feng@gmail.com, stern@rowland.harvard.edu, parri.andrea@gmail.com, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: elver@google.com, charalampos.mainas@gmail.com, pramod.bhatotia@in.tum.de Subject: Potentially Broken Address Dependency via test_bit() When Compiling With Clang Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi all, For my bachelor thesis, I have been working on the infamous problem of potentially broken dependency orderings in the Linux kernel. I'm being advised by Marco Elver, Charalampos Mainas, Pramod Bhatotia (Cc'd). For context, see: https://linuxplumbersconf.org/event/7/contributions/821/attachments/598/1075/LPC_2020_--_Dependency_ordering.pdf Our approach consists of two LLVM compiler passes which annotate dependencies in unoptimised intermediate representation (IR) and verify the annotated dependencies in optimised IR. ATM, the passes only recognise a subset of address dependencies - everything is still WIP ;-) We have been cross-compiling with a slightly modified version of allyesconfig for arm64, and the passes have now found a case that we would like to share with LKML for feedback: an address dependency being broken (?) through compiler optimisations in fs/afs/addr_list.c::afs_iterate_addresses(). Address dependency in source code, lines 373 - 375 in fs/afs/addr_list.c: > [...] > index = READ_ONCE(ac->alist->preferred); > if (test_bit(index, &set)) > goto selected; > [...] where test_bit() expands to the following in include/asm-generic/bitops/non-atomic.h, lines 115 - 122: > static __always_inline int > arch_test_bit(unsigned int nr, const volatile unsigned long *addr) > { > return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1))); > } > #define test_bit arch_test_bit The address dependency gets preserved in unoptimised IR since the virtual register %33 transitively depends on %28: > %28 = load volatile i8, i8* %preferred, align 2, !annotation !15 > store i8 %28, i8* %tmp21, align 1 > %29 = load i8, i8* %tmp21, align 1 > %conv23 = zext i8 %29 to i32 > store i32 %conv23, i32* %index, align 4 > %30 = load i32, i32* %index, align 4 > store i32 %30, i32* %nr.addr.i, align 4 > store i64* %set, i64** %addr.addr.i, align 8 > %31 = load i64*, i64** %addr.addr.i, align 8 > %32 = load i32, i32* %nr.addr.i, align 4 > %div.i = udiv i32 %32, 64 > %idxprom.i = zext i32 %div.i to i64 > %arrayidx.i = getelementptr i64, i64* %31, i64 %idxprom.i > %33 = load volatile i64, i64* %arrayidx.i, align 8, !annotation !16 In optimised IR, there is no dependency between the two volatile loads anymore: > %11 = load volatile i8, i8* %preferred, align 2, !annotation !19 > %conv25 = zext i8 %11 to i32 > %set.0. = load volatile i64, i64* %set, align 8 Now, since @nr traces back to the READ_ONCE() to @index, does this make the load from @addr in test_bit() address-dependent on that READ_ONCE()? Should the load from @addr therefore be ordered against the READ_ONCE()? Many thanks, Paul