Received: by 2002:ab2:60d1:0:b0:1f7:5705:b850 with SMTP id i17csp1709719lqm; Fri, 3 May 2024 04:28:14 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX1UY/4UQ/ggLIoqDrD3Vr2aJTU5zSSFwUJLUbczUgJW2jgy7QgVaqG4l00dpIAt6n6CUmYz8M34u0+kU18RQD+ZLuUHyjqr4/KZR9QVw== X-Google-Smtp-Source: AGHT+IGTByIqho2NC4BtXy0xRdFwSTM9MEpqByz7bcsgxca3qXlrozOxFx6l+wd58Srf3BvoFtSe X-Received: by 2002:a05:6359:4594:b0:186:162b:50b5 with SMTP id no20-20020a056359459400b00186162b50b5mr2357151rwb.4.1714735694671; Fri, 03 May 2024 04:28:14 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714735694; cv=pass; d=google.com; s=arc-20160816; b=cKk8xNvobYjxX7nOJufORzSs27Z7zJ0sGz9EINtJbZInQBpkwtgWamUlTJSSVW/vy1 Z4c6+VWPMb3LAQ4gb7apvcCQ4SFAnA9JbJXD5AZM682AZlOSwqXlYP8gs547mUG3sPzl rp5juzD2FnkkgJFY23w4i7Zd49zu28twWtprR04LKH/AhEpGjWc3kes5NRtMqpuEAegK LuNTAYgUG89SRIizV4iR9F34Bqf87p4QOtKX3gOOmxO2KwjYp9xiGEKFlAlKi6bPQOvg EXcs2dJufenEpqs2gbfFLjA2NxSo2VLEzhnnU7UASzKashd3a4iu8L9jxslV2H3oJqu4 /oxw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature:dkim-signature; bh=UXpjzV5DWrRABNO+vO47pjlZXBhvnc1hWU3ZO34EKqg=; fh=UdGv0x6NTzevoH1E6Lm1maGPFcWMQDPafifvkjXUtQs=; b=zbWUVCzDP6hhdSEtX9oOKL3ngq4mN5gbaSvxQMo8BfmVEpy9bYvz3bfCQWPG1buMQc fGAiHyONzTLtAKmX+GeHx7sPTkmGryV+XQgeewKbZkgXCygiQAJGQKe4VCvxhtj3AKfe vg52U5zPZq1bThWht8QDynbMb9hkQL5iP1nuFwhO91vkeGLYA9MwOcSPv7UxdIikCFaG uGqa4CdX0C5JOPI5aUq5RFfTnHAGLXqV3Em0HIVj/iw3Y/uqJpn2J3i/Hh8Tk12GWNjh mExs1OMMAsm4kMNQdYFvbb6nrcwm/ukMNjIHfhsN8pxpGvojc/I+xUi18sB17Kkcl4Ay 654w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=Rx8vmp8Z; dkim=pass header.i=@suse.com header.s=susede1 header.b=Rx8vmp8Z; arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com); spf=pass (google.com: domain of linux-kernel+bounces-167581-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-167581-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id m62-20020a632641000000b0061b770f5ab1si1978116pgm.849.2024.05.03.04.28.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 May 2024 04:28:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-167581-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=Rx8vmp8Z; dkim=pass header.i=@suse.com header.s=susede1 header.b=Rx8vmp8Z; arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com); spf=pass (google.com: domain of linux-kernel+bounces-167581-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-167581-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 463E7B220F7 for ; Fri, 3 May 2024 11:27:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9438E152523; Fri, 3 May 2024 11:27:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="Rx8vmp8Z"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="Rx8vmp8Z" Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B69A3152197; Fri, 3 May 2024 11:27:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714735666; cv=none; b=EAVIg5Rukm0oebCHxDapvtugk3xhzCxI9syRD/9tPgxlqw8rRN1rgCBfmBowvPZY3VTv1MB62r0FJr6dVV7bNZIzJ+fqB6epWCNrIJilYlxF88frmNX2AtmOClMLNCTrwdsYzmy7cS4dtPPtjq6jnnbWYGkTmm1IdpvTgLKHaiE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714735666; c=relaxed/simple; bh=sZMYPxJX/4mfiHqJ/Yi9H75a1iIpwoT/ry5Fbko4snQ=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=AVccwHL04nlIBzLRozQzZN7CFAfjb9kuz+kJ+UY4K6DSR4dADFOaxRP4C48BDBaGpivdh0Y54bwD1z3JQcZX1awPRVncnrOVz8OOVaJLSHV6ZR4PWi7tSi2hjS3pVqJh1IdrrjBjkHK5r00ja6slC2Z2o+HY5EzB1esokjwUwbM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=Rx8vmp8Z; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=Rx8vmp8Z; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id B99F23387A; Fri, 3 May 2024 11:27:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1714735662; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=UXpjzV5DWrRABNO+vO47pjlZXBhvnc1hWU3ZO34EKqg=; b=Rx8vmp8Zigf3yHzGm1pm9Kmc0A6srYlVYDeWNYIw+gz2cyITTJE9exIDiHErn8Hc6h3ZVf TBVOYBBkck1vthjzNSpb170SUsJQUYxiZRJVelC8VbtQtYBiLottbMnvOM2tj5CB5cNnXn BJYpuaOQUzp7OBFNN2QiCivdXHFBgRE= Authentication-Results: smtp-out1.suse.de; dkim=pass header.d=suse.com header.s=susede1 header.b=Rx8vmp8Z DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1714735662; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=UXpjzV5DWrRABNO+vO47pjlZXBhvnc1hWU3ZO34EKqg=; b=Rx8vmp8Zigf3yHzGm1pm9Kmc0A6srYlVYDeWNYIw+gz2cyITTJE9exIDiHErn8Hc6h3ZVf TBVOYBBkck1vthjzNSpb170SUsJQUYxiZRJVelC8VbtQtYBiLottbMnvOM2tj5CB5cNnXn BJYpuaOQUzp7OBFNN2QiCivdXHFBgRE= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 9F2AF139CB; Fri, 3 May 2024 11:27:42 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id G6nZIy7KNGZgWQAAD6G6ig (envelope-from ); Fri, 03 May 2024 11:27:42 +0000 Date: Fri, 3 May 2024 13:27:41 +0200 From: Michal Hocko To: Breno Leitao Cc: Johannes Weiner , Roman Gushchin , Shakeel Butt , Muchun Song , Andrew Morton , leit@meta.com, "open list:CONTROL GROUP - MEMORY RESOURCE CONTROLLER (MEMCG)" , "open list:CONTROL GROUP - MEMORY RESOURCE CONTROLLER (MEMCG)" , open list Subject: Re: [PATCH] memcg: Fix data-race KCSAN bug in rstats Message-ID: References: <20240424125940.2410718-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240424125940.2410718-1-leitao@debian.org> X-Spam-Flag: NO X-Spam-Score: -6.01 X-Rspamd-Action: no action X-Rspamd-Queue-Id: B99F23387A X-Spam-Level: X-Rspamd-Server: rspamd2.dmz-prg2.suse.org X-Spamd-Result: default: False [-6.01 / 50.00]; BAYES_HAM(-3.00)[100.00%]; DWL_DNSWL_MED(-2.00)[suse.com:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; MID_RHS_NOT_FQDN(0.50)[]; R_DKIM_ALLOW(-0.20)[suse.com:s=susede1]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; FUZZY_BLOCKED(0.00)[rspamd.com]; RBL_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:104:10:150:64:97:from]; SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; RCPT_COUNT_SEVEN(0.00)[10]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RECEIVED_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:106:10:150:64:167:received]; MISSING_XM_UA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[]; DKIM_TRACE(0.00)[suse.com:+]; DBL_BLOCKED_OPENRESOLVER(0.00)[imap1.dmz-prg2.suse.org:helo,imap1.dmz-prg2.suse.org:rdns,suse.com:dkim,suse.com:email] On Wed 24-04-24 05:59:39, Breno Leitao wrote: > A data-race issue in memcg rstat occurs when two distinct code paths > access the same 4-byte region concurrently. KCSAN detection triggers the > following BUG as a result. > > BUG: KCSAN: data-race in __count_memcg_events / mem_cgroup_css_rstat_flush > > write to 0xffffe8ffff98e300 of 4 bytes by task 5274 on cpu 17: > mem_cgroup_css_rstat_flush (mm/memcontrol.c:5850) > cgroup_rstat_flush_locked (kernel/cgroup/rstat.c:243 (discriminator 7)) > cgroup_rstat_flush (./include/linux/spinlock.h:401 kernel/cgroup/rstat.c:278) > mem_cgroup_flush_stats.part.0 (mm/memcontrol.c:767) > memory_numa_stat_show (mm/memcontrol.c:6911) > > > read to 0xffffe8ffff98e300 of 4 bytes by task 410848 on cpu 27: > __count_memcg_events (mm/memcontrol.c:725 mm/memcontrol.c:962) > count_memcg_event_mm.part.0 (./include/linux/memcontrol.h:1097 ./include/linux/memcontrol.h:1120) > handle_mm_fault (mm/memory.c:5483 mm/memory.c:5622) > > > value changed: 0x00000029 -> 0x00000000 > > The race occurs because two code paths access the same "stats_updates" > location. Although "stats_updates" is a per-CPU variable, it is remotely > accessed by another CPU at > cgroup_rstat_flush_locked()->mem_cgroup_css_rstat_flush(), leading to > the data race mentioned. > > Considering that memcg_rstat_updated() is in the hot code path, adding > a lock to protect it may not be desirable, especially since this > variable pertains solely to statistics. > > Therefore, annotating accesses to stats_updates with READ/WRITE_ONCE() > can prevent KCSAN splats and potential partial reads/writes. > > Suggested-by: Shakeel Butt > Signed-off-by: Breno Leitao Acked-by: Michal Hocko It is worth mentioning that the race is harmless. Thanks! > --- > mm/memcontrol.c | 12 +++++++----- > 1 file changed, 7 insertions(+), 5 deletions(-) > > diff --git a/mm/memcontrol.c b/mm/memcontrol.c > index fabce2b50c69..3c99457b36a1 100644 > --- a/mm/memcontrol.c > +++ b/mm/memcontrol.c > @@ -715,6 +715,7 @@ static inline void memcg_rstat_updated(struct mem_cgroup *memcg, int val) > { > struct memcg_vmstats_percpu *statc; > int cpu = smp_processor_id(); > + unsigned int stats_updates; > > if (!val) > return; > @@ -722,8 +723,9 @@ static inline void memcg_rstat_updated(struct mem_cgroup *memcg, int val) > cgroup_rstat_updated(memcg->css.cgroup, cpu); > statc = this_cpu_ptr(memcg->vmstats_percpu); > for (; statc; statc = statc->parent) { > - statc->stats_updates += abs(val); > - if (statc->stats_updates < MEMCG_CHARGE_BATCH) > + stats_updates = READ_ONCE(statc->stats_updates) + abs(val); > + WRITE_ONCE(statc->stats_updates, stats_updates); > + if (stats_updates < MEMCG_CHARGE_BATCH) > continue; > > /* > @@ -731,9 +733,9 @@ static inline void memcg_rstat_updated(struct mem_cgroup *memcg, int val) > * redundant. Avoid the overhead of the atomic update. > */ > if (!memcg_vmstats_needs_flush(statc->vmstats)) > - atomic64_add(statc->stats_updates, > + atomic64_add(stats_updates, > &statc->vmstats->stats_updates); > - statc->stats_updates = 0; > + WRITE_ONCE(statc->stats_updates, 0); > } > } > > @@ -5845,7 +5847,7 @@ static void mem_cgroup_css_rstat_flush(struct cgroup_subsys_state *css, int cpu) > } > } > } > - statc->stats_updates = 0; > + WRITE_ONCE(statc->stats_updates, 0); > /* We are in a per-cpu loop here, only do the atomic write once */ > if (atomic64_read(&memcg->vmstats->stats_updates)) > atomic64_set(&memcg->vmstats->stats_updates, 0); > -- > 2.43.0 > -- Michal Hocko SUSE Labs