Re: [PATCH] mm/page_counter: fix various data races

From: Marco Elver
Date: Wed Jan 29 2020 - 07:22:04 EST


On Wed, 29 Jan 2020 at 13:13, Tetsuo Handa
<penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On 2020/01/29 21:03, Michal Hocko wrote:
> >> Fixes: 3e32cb2e0a12 ("mm: memcontrol: lockless page counters")
> >> Signed-off-by: Qian Cai <cai@xxxxxx>
> >
> > Acked-by: Michal Hocko <mhocko@xxxxxxxx>
>
> Please include
>
> Reported-by: syzbot+f36cfe60b1006a94f9dc@xxxxxxxxxxxxxxxxxxxxxxxxx
>
> for https://syzkaller.appspot.com/bug?id=744097b8b91cecd8b035a6f746bb12e4efc7669f .
>
> By the way, can READ_ONCE()/WRITE_ONCE() really solve this warning?
> The link above says read/write on the same location ( mm/page_counter.c:129 ).
> I don't know how READ_ONCE()/WRITE_ONCE() can solve the race.

It avoids the *data* race, with *_ONCE telling the compiler to not
optimize the accesses in concurrency-unfriendly ways. Since *_ONCE is
used, it conveys clear intent that the code here is meant to be
concurrent, and KCSAN stops complaining (and assumes that the *logic*
is correct).

The race itself is still there, but as per comment in the file,
apparently fine and not a logic bug.

> >
> >> ---
> >> mm/page_counter.c | 8 ++++----
> >> 1 file changed, 4 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/mm/page_counter.c b/mm/page_counter.c
> >> index de31470655f6..a17841150906 100644
> >> --- a/mm/page_counter.c
> >> +++ b/mm/page_counter.c
> >> @@ -82,8 +82,8 @@ void page_counter_charge(struct page_counter *counter, unsigned long nr_pages)
> >> * This is indeed racy, but we can live with some
> >> * inaccuracy in the watermark.
> >> */
> >> - if (new > c->watermark)
> >> - c->watermark = new;
> >> + if (new > READ_ONCE(c->watermark))
> >> + WRITE_ONCE(c->watermark, new);
> >> }
> >> }
> >>
> >> @@ -135,8 +135,8 @@ bool page_counter_try_charge(struct page_counter *counter,
> >> * Just like with failcnt, we can live with some
> >> * inaccuracy in the watermark.
> >> */
> >> - if (new > c->watermark)
> >> - c->watermark = new;
> >> + if (new > READ_ONCE(c->watermark))
> >> + WRITE_ONCE(c->watermark, new);
> >> }
> >> return true;
> >>
> >> --
> >> 2.21.0 (Apple Git-122.2)
> >
>