From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out-171.mta1.migadu.com (out-171.mta1.migadu.com [95.215.58.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E2E8C396B73 for ; Tue, 23 Jun 2026 07:42:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.171 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782200541; cv=none; b=dyyYvfFlHNkzD2gvdJwRf4cdY85RNlTR6W7pEz3AMw9Jf/bQhv+jJYmtT0wzjUu6IZJ3IBvdHgQK45OVxMo0Yp7Y//L869nv/+lb4hTE7FyN91pCdMpPsQ1gaxu9Rz89MTRvnDVOJ0wmpLNFpNr4ZTZFMO2Lf/41pzqSC2guXbg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782200541; c=relaxed/simple; bh=JBs/y8xUR+8DNJUBC2uOfi6U35oZMjWxksCagsYij+4=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=UxIxTnk5Z3iA9HKlHtqpeaFktJHl9/VJDW2jWEgKpAGAlkZdewirgZpnvUoKa5cn63tU7HzJ9ANmY5M0L5ZWCiw53wtVjVRKZJDew62FZG4yTwbuet3V4pyygV9mlHCJi94ChNMFUDBrzxvPoOv8wVLCZL6nI5Hdm7wSMmmeG2E= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=TZ1kLBEG; arc=none smtp.client-ip=95.215.58.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="TZ1kLBEG" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1782200536; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ZtWmTuyVYWDd7wNzN5g6THdg+A3Pzvxm/xjDFHxskok=; b=TZ1kLBEGB+dLCB5ixHqMmNpeHMIuA4Ol+HQmZa0vTFZtbfPACoeQpe9XlH6nCkDc2RJjCY BJNKcHX8EN0xtNhZUfUeGNmc4Synx1Z0fwrEGbqmcgtTGXOHh9xMB/zXa56WfJwOxGAqfS axlxnYJl2UVS5NWXfxSNcywzkgIzLck= From: Hui Zhu To: Andrew Morton , David Hildenbrand , Lorenzo Stoakes , "Liam R\. Howlett" , Vlastimil Babka , Mike Rapoport , Suren Baghdasaryan , Michal Hocko , linux-mm@kvack.org, linux-kernel@vger.kernel.org Cc: Hui Zhu Subject: [PATCH] mm: avoid KCSAN false positive in page_to_nid() Date: Tue, 23 Jun 2026 15:41:57 +0800 Message-ID: <20260623074157.578113-1-hui.zhu@linux.dev> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT From: Hui Zhu KCSAN reports a data race between page_to_nid() reading page->flags and folio_trylock()/folio_lock() doing test_and_set_bit_lock(PG_locked, ...) on the same word from another CPU, e.g.: BUG: KCSAN: data-race in __lruvec_stat_mod_folio / shmem_get_folio_gfp The node id occupies a fixed, high bit-range of page->flags that is set once when the page is initialized and never modified afterwards, so it can never overlap with the low PG_locked/PG_waiters bits touched by the folio lock path. The race is therefore harmless: page_to_nid() always returns a consistent value regardless of how the read interleaves with the lock bit ops. Wrap the flags read with data_race() to tell KCSAN this race is intentional and benign, consistent with how page->page_type is already annotated for similar packed-field accesses. Signed-off-by: Hui Zhu --- include/linux/mm.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index 485df9c2dbdd..122d3b39369f 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2296,7 +2296,14 @@ static inline int memdesc_nid(memdesc_flags_t mdf) static inline int page_to_nid(const struct page *page) { - return memdesc_nid(PF_POISONED_CHECK(page)->flags); + /* + * The node id occupies a fixed high bit-range of page->flags + * that is set once at page init and never changed afterwards. + * It cannot overlap with the low PG_locked/PG_waiters bits + * that folio_lock()/folio_unlock() concurrently update, so + * this data race is benign. + */ + return memdesc_nid(data_race(PF_POISONED_CHECK(page)->flags)); } static inline int folio_nid(const struct folio *folio) -- 2.43.0