Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp883507pxb; Fri, 22 Apr 2022 13:22:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzbTOOTo1kCG+O6QOVRxXSysq/BjXCxxAWWvJf6CJKh7hueHj44glT9PuJEeBoEvUmrASNi X-Received: by 2002:a65:56cb:0:b0:378:82ed:d74 with SMTP id w11-20020a6556cb000000b0037882ed0d74mr5347001pgs.491.1650658969027; Fri, 22 Apr 2022 13:22:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1650658969; cv=none; d=google.com; s=arc-20160816; b=flwRyM79LnTHWATe4Qyq4s25p7nOW4BktcYH3USFPFD0FD73AqqqvWIPj5gooWw2h4 UvPfbwKnXmJBo0EiwQYxvVZd8rjQh8XpKSdaGHT6dzYqgKBXEGaJ1Dr6vPT1mtMPTXf5 WaNupQvUxzDLhHsNYGqsF9/RzzfUGgta2IZODwc/oiFGAP+j0QmbNo89CZTkWaC0rMZ+ PMsKRBeFj7kyHkURQAAWpfQA962t+8PUiiTy0+tlg/BrrFvuQdMf68TZTelEYkZ5DKl+ wLVF5W06DxSzglVJh4nyZ4ybzzJv6D7zLrnrELJOMSmPVOwAzKWOHeYvu3vvJ4ccXGX7 eKhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-disposition :mime-version:message-id:subject:cc:to:from:date:dkim-signature; bh=bCNDShSNWamzrapZyCH2+MaOYLPQy3BG0jVzD+WNbD4=; b=K9AHLWiZtCs9a45ASCr3GR+skzss3kaM0o5VijLjUeNR+pfjEwRqe6q0eIsU64JbCo 9On/ipGdU4WUN5hepFNg6eKr8lSMDuNyuhi6gTzIPw3k99lb9gSU6SV5q4j4xFKTW0qk klzT1PP7HJG4ZHTpb7nf0Qtmtvs1cENERLqsDHD1Ygjx9Mb3xvJwuaJAypVCQdXM/0K5 1G5Vsf1eMnI8S+N09GF1WxbMDsJrKfQNSs2A0Wvm3Pg0HKnTqb3NA+vWM00u4riycLk9 Jpw7SL9GspOqslingrkrqc5Z6ZyfZHKZRHOu85Imdade9LciADrcxUzsGNlooJE3yCyD 5hgg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@in.tum.de header.s=20220209 header.b=dT+Zo14M; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=tum.de Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id x4-20020a63b204000000b003816043ef5bsi8984340pge.336.2022.04.22.13.22.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Apr 2022 13:22:49 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@in.tum.de header.s=20220209 header.b=dT+Zo14M; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=tum.de Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 97CE01A1D9F; Fri, 22 Apr 2022 12:09:17 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1446797AbiDVKkF (ORCPT + 99 others); Fri, 22 Apr 2022 06:40:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35676 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1446631AbiDVKiv (ORCPT ); Fri, 22 Apr 2022 06:38:51 -0400 Received: from mailout2.rbg.tum.de (mailout2.rbg.tum.de [IPv6:2a09:80c0::202]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 65D9354FAD; Fri, 22 Apr 2022 03:35:54 -0700 (PDT) Received: from mailrelay1.rbg.tum.de (mailrelay1.in.tum.de [131.159.254.14]) by mailout2.rbg.tum.de (Postfix) with ESMTPS id 7C0704C02B0; Fri, 22 Apr 2022 12:35:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=in.tum.de; s=20220209; t=1650623749; bh=bCNDShSNWamzrapZyCH2+MaOYLPQy3BG0jVzD+WNbD4=; h=Date:From:To:Cc:Subject:From; b=dT+Zo14Mw3Zm1XxiUb4lp1L+yp/xGGuTBLjGLo5o8N/e9+BZaFpaWXuulYOOhz6Ib oKaQ3sSQ9GiWnhU1giBGZwJQyLv9Vw/JKzbWwJ9gEXhuCT9ytBiie1yu2ib53kNJ3y aDsCRtWsWp3Y3882MQVZ5hPSYXSOdLwe+rRZIbEGTC8ckRolOWQEBB1O4l3bmLtjEe a7FHmnSmgjO2veh/5kLbGHVY7kJEs1CPL+daN7HoJ3DfEr0F2otg/uN3wwYHayQudm 0UCgCPpAozOgr/clanEiNpP0eUk80HirH/bI5BSGD1xUqeFWuIcD7rXeBtIudnzkfp 57ZbauIKayR0Q== Received: by mailrelay1.rbg.tum.de (Postfix, from userid 112) id 763FE6D8; Fri, 22 Apr 2022 12:35:49 +0200 (CEST) Received: from mailrelay1.rbg.tum.de (localhost [127.0.0.1]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id 41EF06D7; Fri, 22 Apr 2022 12:35:49 +0200 (CEST) Received: from mail.in.tum.de (vmrbg426.in.tum.de [131.159.0.73]) by mailrelay1.rbg.tum.de (Postfix) with ESMTPS id 3CF2D55F; Fri, 22 Apr 2022 12:35:49 +0200 (CEST) Received: by mail.in.tum.de (Postfix, from userid 112) id 1AEA74A037C; Fri, 22 Apr 2022 12:35:49 +0200 (CEST) Received: (Authenticated sender: heidekrp) by mail.in.tum.de (Postfix) with ESMTPSA id 496B74A01EC; Fri, 22 Apr 2022 12:35:48 +0200 (CEST) (Extended-Queue-bit xtech_eq@fff.in.tum.de) Date: Fri, 22 Apr 2022 12:35:41 +0200 From: Paul =?iso-8859-1?Q?Heidekr=FCger?= To: Alan Stern , Andrea Parri , Will Deacon , Peter Zijlstra , Boqun Feng , Nicholas Piggin , David Howells , Jade Alglave , Luc Maranget , "Paul E. McKenney" , Akira Yokosawa , Daniel Lustig , Joel Fernandes , linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, llvm@lists.linux.dev Cc: Marco Elver , Charalampos Mainas , Pramod Bhatotia , Soham Shakraborty , Martin Fink Subject: Broken Address Dependency in mm/ksm.c::cmp_and_merge_page() Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi all, My dependency checker is flagging yet another broken dependency. For context, see [1]. Thankfully, it is fairly straight-forward to explain this time. > stable_node = page_stable_node(page); Line 2032 in mm/ksm.c::cmp_and_merge_page() sees the return value of a call to "page_stable_node()", which can depend on a "READ_ONCE()", being assigned to "stable_node". > if (stable_node) { > if (stable_node->head != &migrate_nodes && > get_kpfn_nid(READ_ONCE(stable_node->kpfn)) != > NUMA(stable_node->nid)) { > stable_node_dup_del(stable_node); ‣dup: stable_node > stable_node->head = &migrate_nodes; > list_add(&stable_node->list, stable_node->head); The dependency chain then runs into the two following if's, through an assignment of "migrate_nodes" to "stable_node->head" (line 2038) and finally reaches a call to "list_add()" (line 2039) where "stable_node->head" gets passed as the second function argument. > } > } > > static inline void list_add(struct list_head *new, struct list_head *head) > { > __list_add(new, head, head->next); > } > > static inline void __list_add(struct list_head *new, > struct list_head *prev, > struct list_head *next) > { > if (!__list_add_valid(new, prev, next)) > return; > > next->prev = new; > new->next = next; > new->prev = prev; > WRITE_ONCE(prev->next, new); > } By being passed into "list_add()" via "stable_node->head", the dependency chain eventually reaches a "WRITE_ONCE()" in "__list_add()" whose destination address, "stable_node->head->next", is part of the dependency chain and therefore carries an address dependency. However, as a result of the assignment in line 2038, Clang knows that "stable_node->head" is "migrate_nodes" and replaces it, thereby breaking the dependency chain. What do you think? Many thanks, Paul -- [1]: https://lore.kernel.org/all/Yk7%2FT8BJITwz+Og1@Pauls-MacBook-Pro.local/