From: Boqun Feng <boqun.feng@gmail.com>
To: Dennis Zhou <dennis@kernel.org>
Cc: "Tejun Heo" <tj@kernel.org>,
"kernel test robot" <oliver.sang@intel.com>,
"Suren Baghdasaryan" <surenb@google.com>,
oe-lkp@lists.linux.dev, lkp@intel.com,
linux-kernel@vger.kernel.org,
"Andrew Morton" <akpm@linux-foundation.org>,
"Kent Overstreet" <kent.overstreet@linux.dev>,
"Kees Cook" <keescook@chromium.org>,
"Alexander Viro" <viro@zeniv.linux.org.uk>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Alice Ryhl" <aliceryhl@google.com>,
"Andreas Hindborg" <a.hindborg@samsung.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Christoph Lameter" <cl@linux.com>, "Gary Guo" <gary@garyguo.net>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Pasha Tatashin" <pasha.tatashin@soleen.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Wedson Almeida Filho" <wedsonaf@gmail.com>,
linux-mm@kvack.org, lkmm@lists.linux.dev
Subject: Re: [linus:master] [mm] 24e44cc22a: BUG:KCSAN:data-race_in_pcpu_alloc_noprof/pcpu_block_update_hint_alloc
Date: Mon, 22 Jul 2024 13:53:52 -0700 [thread overview]
Message-ID: <Zp7G4EfISRwlmmIT@boqun-archlinux> (raw)
In-Reply-To: <Zp6kpCcQRPTGk1LK@V92F7Y9K0C.lan>
On Mon, Jul 22, 2024 at 11:27:48AM -0700, Dennis Zhou wrote:
> Hello,
>
> On Mon, Jul 22, 2024 at 11:03:00AM -0700, Boqun Feng wrote:
> > On Mon, Jul 22, 2024 at 07:52:22AM -1000, Tejun Heo wrote:
> > > On Mon, Jul 22, 2024 at 10:47:30AM -0700, Boqun Feng wrote:
> > > > This looks like a data race because we read pcpu_nr_empty_pop_pages out
> > > > of the lock for a best effort checking, @Tejun, maybe you could confirm
> > > > on this?
> > >
> > > That does sound plausible.
> > >
> > > > - if (pcpu_nr_empty_pop_pages < PCPU_EMPTY_POP_PAGES_LOW)
> > > > + /*
> > > > + * Checks pcpu_nr_empty_pop_pages out of the pcpu_lock, data races may
> > > > + * occur but this is just a best-effort checking, everything is synced
> > > > + * in pcpu_balance_work.
> > > > + */
> > > > + if (data_race(pcpu_nr_empty_pop_pages) < PCPU_EMPTY_POP_PAGES_LOW)
> > > > pcpu_schedule_balance_work();
> > >
> > > Would it be better to use READ/WRITE_ONCE() for the variable?
> > >
> >
> > For READ/WRITE_ONCE(), we will need to replace all write accesses and
> > all out-of-lock read accesses to pcpu_nr_empty_pop_pages, like below.
> > It's better in the sense that it doesn't rely on compiler behaviors on
> > data races, not sure about the performance impact though.
> >
>
> I think a better alternative is we can move it up into the lock under
> area_found. The value gets updated as part of pcpu_alloc_area() as the
> code above populates percpu memory that is already allocated.
>
Not sure I followed what exactly you suggested here because I'm not
familiar with the logic, but a simpler version would be:
diff --git a/mm/percpu.c b/mm/percpu.c
index 20d91af8c033..fc54d27e5786 100644
--- a/mm/percpu.c
+++ b/mm/percpu.c
@@ -1891,8 +1891,10 @@ void __percpu *pcpu_alloc_noprof(size_t size, size_t align, bool reserved,
mutex_unlock(&pcpu_alloc_mutex);
}
- if (pcpu_nr_empty_pop_pages < PCPU_EMPTY_POP_PAGES_LOW)
- pcpu_schedule_balance_work();
+ scoped_guard(spinlock_irqsave, &pcpu_lock) {
+ if (pcpu_nr_empty_pop_pages < PCPU_EMPTY_POP_PAGES_LOW)
+ pcpu_schedule_balance_work();
+ }
/* clear the areas and return address relative to base address */
for_each_possible_cpu(cpu)
I.e. just locking while checking.
Regards,
Boqun
> We should probably annotate pcpu_update_empty_pages() with:
> lockdep_assert_held(&pcpu_lock);
>
> Thanks,
> Dennis
>
> > Regards,
> > Boqun
> >
> > ----->8
> > diff --git a/mm/percpu.c b/mm/percpu.c
> > index 20d91af8c033..729e8188238b 100644
> > --- a/mm/percpu.c
> > +++ b/mm/percpu.c
> > @@ -570,7 +570,8 @@ static void pcpu_isolate_chunk(struct pcpu_chunk *chunk)
> >
> > if (!chunk->isolated) {
> > chunk->isolated = true;
> > - pcpu_nr_empty_pop_pages -= chunk->nr_empty_pop_pages;
> > + WRITE_ONCE(pcpu_nr_empty_pop_pages,
> > + pcpu_nr_empty_pop_pages - chunk->nr_empty_pop_pages);
> > }
> > list_move(&chunk->list, &pcpu_chunk_lists[pcpu_to_depopulate_slot]);
> > }
> > @@ -581,7 +582,8 @@ static void pcpu_reintegrate_chunk(struct pcpu_chunk *chunk)
> >
> > if (chunk->isolated) {
> > chunk->isolated = false;
> > - pcpu_nr_empty_pop_pages += chunk->nr_empty_pop_pages;
> > + WRITE_ONCE(pcpu_nr_empty_pop_pages,
> > + pcpu_nr_empty_pop_pages + chunk->nr_empty_pop_pages);
> > pcpu_chunk_relocate(chunk, -1);
> > }
> > }
> > @@ -599,7 +601,8 @@ static inline void pcpu_update_empty_pages(struct pcpu_chunk *chunk, int nr)
> > {
> > chunk->nr_empty_pop_pages += nr;
> > if (chunk != pcpu_reserved_chunk && !chunk->isolated)
> > - pcpu_nr_empty_pop_pages += nr;
> > + WRITE_ONCE(pcpu_nr_empty_pop_pages,
> > + pcpu_nr_empty_pop_pages + nr);
> > }
> >
> > /*
> > @@ -1891,7 +1894,7 @@ void __percpu *pcpu_alloc_noprof(size_t size, size_t align, bool reserved,
> > mutex_unlock(&pcpu_alloc_mutex);
> > }
> >
> > - if (pcpu_nr_empty_pop_pages < PCPU_EMPTY_POP_PAGES_LOW)
> > + if (READ_ONCE(pcpu_nr_empty_pop_pages) < PCPU_EMPTY_POP_PAGES_LOW)
> > pcpu_schedule_balance_work();
> >
> > /* clear the areas and return address relative to base address */
> > @@ -2754,7 +2757,7 @@ void __init pcpu_setup_first_chunk(const struct pcpu_alloc_info *ai,
> > tmp_addr = (unsigned long)base_addr + static_size + ai->reserved_size;
> > pcpu_first_chunk = pcpu_alloc_first_chunk(tmp_addr, dyn_size);
> >
> > - pcpu_nr_empty_pop_pages = pcpu_first_chunk->nr_empty_pop_pages;
> > + WRITE_ONCE(pcpu_nr_empty_pop_pages, pcpu_first_chunk->nr_empty_pop_pages);
> > pcpu_chunk_relocate(pcpu_first_chunk, -1);
> >
> > /* include all regions of the first chunk */
> >
next prev parent reply other threads:[~2024-07-22 20:54 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-22 7:30 [linus:master] [mm] 24e44cc22a: BUG:KCSAN:data-race_in_pcpu_alloc_noprof/pcpu_block_update_hint_alloc kernel test robot
2024-07-22 17:47 ` Boqun Feng
2024-07-22 17:52 ` Tejun Heo
2024-07-22 18:03 ` Boqun Feng
2024-07-22 18:15 ` Tejun Heo
2024-07-22 18:27 ` Dennis Zhou
2024-07-22 20:53 ` Boqun Feng [this message]
2024-07-23 5:50 ` Dennis Zhou
2024-07-23 6:09 ` Oliver Sang
2024-07-23 6:13 ` Dennis Zhou
2024-07-24 7:10 ` Oliver Sang
2024-07-23 21:14 ` Boqun Feng
2024-07-27 3:15 ` Dennis Zhou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zp7G4EfISRwlmmIT@boqun-archlinux \
--to=boqun.feng@gmail.com \
--cc=a.hindborg@samsung.com \
--cc=akpm@linux-foundation.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=cl@linux.com \
--cc=dennis@kernel.org \
--cc=gary@garyguo.net \
--cc=keescook@chromium.org \
--cc=kent.overstreet@linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lkmm@lists.linux.dev \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
--cc=ojeda@kernel.org \
--cc=oliver.sang@intel.com \
--cc=pasha.tatashin@soleen.com \
--cc=peterz@infradead.org \
--cc=surenb@google.com \
--cc=tj@kernel.org \
--cc=vbabka@suse.cz \
--cc=viro@zeniv.linux.org.uk \
--cc=wedsonaf@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.