* [PATCH] mm/slub: mark racy accesses on slab->slabs
@ 2024-03-09 7:48 linke li
2024-03-09 11:24 ` Chengming Zhou
0 siblings, 1 reply; 4+ messages in thread
From: linke li @ 2024-03-09 7:48 UTC (permalink / raw)
Cc: lilinke99, Christoph Lameter, Pekka Enberg, David Rientjes,
Joonsoo Kim, Andrew Morton, Vlastimil Babka, Roman Gushchin,
Hyeonggon Yoo, linux-mm, linux-kernel
The reads of slab->slabs are racy because it may be changed by
put_cpu_partial concurrently. And in slabs_cpu_partial_show ->slabs is
only used for output. Data-racy reads from shared variables that are used
only for diagnostic purposes should typically use data_race(), since it
is normally not a problem if the values are off by a little.
This patch is aimed at reducing the number of benign races reported by
KCSAN in order to focus future debugging effort on harmful races.
Signed-off-by: linke li <lilinke99@qq.com>
---
mm/slub.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/mm/slub.c b/mm/slub.c
index 2ef88bbf56a3..7b20591e7f8a 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -6257,7 +6257,7 @@ static ssize_t slabs_cpu_partial_show(struct kmem_cache *s, char *buf)
slab = slub_percpu_partial(per_cpu_ptr(s->cpu_slab, cpu));
if (slab)
- slabs += slab->slabs;
+ slabs += data_race(slab->slabs);
}
#endif
@@ -6271,7 +6271,7 @@ static ssize_t slabs_cpu_partial_show(struct kmem_cache *s, char *buf)
slab = slub_percpu_partial(per_cpu_ptr(s->cpu_slab, cpu));
if (slab) {
- slabs = READ_ONCE(slab->slabs);
+ slabs = data_race(slab->slabs);
objects = (slabs * oo_objects(s->oo)) / 2;
len += sysfs_emit_at(buf, len, " C%d=%d(%d)",
cpu, objects, slabs);
--
2.39.3 (Apple Git-146)
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] mm/slub: mark racy accesses on slab->slabs
2024-03-09 7:48 [PATCH] mm/slub: mark racy accesses on slab->slabs linke li
@ 2024-03-09 11:24 ` Chengming Zhou
2024-03-21 2:48 ` linke li
0 siblings, 1 reply; 4+ messages in thread
From: Chengming Zhou @ 2024-03-09 11:24 UTC (permalink / raw)
To: linke li
Cc: Christoph Lameter, Pekka Enberg, David Rientjes, Joonsoo Kim,
Andrew Morton, Vlastimil Babka, Roman Gushchin, Hyeonggon Yoo,
linux-mm, linux-kernel
On 2024/3/9 15:48, linke li wrote:
> The reads of slab->slabs are racy because it may be changed by
> put_cpu_partial concurrently. And in slabs_cpu_partial_show ->slabs is
> only used for output. Data-racy reads from shared variables that are used
> only for diagnostic purposes should typically use data_race(), since it
> is normally not a problem if the values are off by a little.
>
> This patch is aimed at reducing the number of benign races reported by
> KCSAN in order to focus future debugging effort on harmful races.
>
> Signed-off-by: linke li <lilinke99@qq.com>
> ---
> mm/slub.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/mm/slub.c b/mm/slub.c
> index 2ef88bbf56a3..7b20591e7f8a 100644
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -6257,7 +6257,7 @@ static ssize_t slabs_cpu_partial_show(struct kmem_cache *s, char *buf)
> slab = slub_percpu_partial(per_cpu_ptr(s->cpu_slab, cpu));
>
> if (slab)
> - slabs += slab->slabs;
> + slabs += data_race(slab->slabs);
> }
> #endif
>
> @@ -6271,7 +6271,7 @@ static ssize_t slabs_cpu_partial_show(struct kmem_cache *s, char *buf)
>
> slab = slub_percpu_partial(per_cpu_ptr(s->cpu_slab, cpu));
> if (slab) {
> - slabs = READ_ONCE(slab->slabs);
> + slabs = data_race(slab->slabs);
> objects = (slabs * oo_objects(s->oo)) / 2;
> len += sysfs_emit_at(buf, len, " C%d=%d(%d)",
> cpu, objects, slabs);
There is another unmarked access of "slab->slabs" in the show_slab_objects(),
which you can change too.
I'm not sure that it's really safe to access "slab->slabs" here without any protection?
Although it should be no problem in practice, alternative choice maybe putting partial
slabs count in the kmem_cache_cpu struct.
Thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] mm/slub: mark racy accesses on slab->slabs
2024-03-09 11:24 ` Chengming Zhou
@ 2024-03-21 2:48 ` linke li
2024-03-21 3:12 ` Chengming Zhou
0 siblings, 1 reply; 4+ messages in thread
From: linke li @ 2024-03-21 2:48 UTC (permalink / raw)
To: chengming.zhou
Cc: 42.hyeyoo, akpm, cl, iamjoonsoo.kim, lilinke99, linux-kernel,
linux-mm, penberg, rientjes, roman.gushchin, vbabka
Sorry for a late reply, I just found this because of my bad email client.
> There is another unmarked access of "slab->slabs" in the show_slab_objects(),
> which you can change too.
Yes, I think show_slab_objects() has a similar situation. Should I
consider to submit a V2 patch for this?
> I'm not sure that it's really safe to access "slab->slabs" here without any protection?
> Although it should be no problem in practice, alternative choice maybe putting partial
> slabs count in the kmem_cache_cpu struct.
I think it is ok, because it seems that slab->slabs in slub_percpu_partial
and show_slab_objects() are just used for showing some infomation.
I noticed Paul summarized some of these strategies in access-marking.txt[1]
Quote from it:
"Use of the data_race() Macro
----------------------------
Here are some situations where data_race() should be used instead of
READ_ONCE() and WRITE_ONCE():
1. Data-racy loads from shared variables whose values are used only
for diagnostic purposes.
2. Data-racy reads whose values are checked against marked reload.
3. Reads whose values feed into error-tolerant heuristics.
4. Writes setting values that feed into error-tolerant heuristics.
"
Thanks,
Linke
[1]https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/memory-model/Documentation/access-marking.txt
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] mm/slub: mark racy accesses on slab->slabs
2024-03-21 2:48 ` linke li
@ 2024-03-21 3:12 ` Chengming Zhou
0 siblings, 0 replies; 4+ messages in thread
From: Chengming Zhou @ 2024-03-21 3:12 UTC (permalink / raw)
To: linke li
Cc: 42.hyeyoo, akpm, cl, iamjoonsoo.kim, linux-kernel, linux-mm,
penberg, rientjes, roman.gushchin, vbabka
On 2024/3/21 10:48, linke li wrote:
> Sorry for a late reply, I just found this because of my bad email client.
>
>> There is another unmarked access of "slab->slabs" in the show_slab_objects(),
>> which you can change too.
>
> Yes, I think show_slab_objects() has a similar situation. Should I
> consider to submit a V2 patch for this?
Yes, I think so.
>
>> I'm not sure that it's really safe to access "slab->slabs" here without any protection?
>> Although it should be no problem in practice, alternative choice maybe putting partial
>> slabs count in the kmem_cache_cpu struct.
>
> I think it is ok, because it seems that slab->slabs in slub_percpu_partial
> and show_slab_objects() are just used for showing some infomation.
>
> I noticed Paul summarized some of these strategies in access-marking.txt[1]
Ok, thanks.
>
> Quote from it:
>
> "Use of the data_race() Macro
> ----------------------------
>
> Here are some situations where data_race() should be used instead of
> READ_ONCE() and WRITE_ONCE():
>
> 1. Data-racy loads from shared variables whose values are used only
> for diagnostic purposes.
>
> 2. Data-racy reads whose values are checked against marked reload.
>
> 3. Reads whose values feed into error-tolerant heuristics.
>
> 4. Writes setting values that feed into error-tolerant heuristics.
> "
>
> Thanks,
> Linke
>
> [1]https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/memory-model/Documentation/access-marking.txt
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-03-21 3:12 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-09 7:48 [PATCH] mm/slub: mark racy accesses on slab->slabs linke li
2024-03-09 11:24 ` Chengming Zhou
2024-03-21 2:48 ` linke li
2024-03-21 3:12 ` Chengming Zhou
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).