From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66782C4345F for ; Wed, 24 Apr 2024 23:23:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DCD046B0088; Wed, 24 Apr 2024 19:23:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D7D4A6B0089; Wed, 24 Apr 2024 19:23:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C6C236B008A; Wed, 24 Apr 2024 19:23:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id AB3BF6B0088 for ; Wed, 24 Apr 2024 19:23:55 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 5FCFA1A112A for ; Wed, 24 Apr 2024 23:23:55 +0000 (UTC) X-FDA: 82046005230.03.458CD92 Received: from mail-lf1-f46.google.com (mail-lf1-f46.google.com [209.85.167.46]) by imf14.hostedemail.com (Postfix) with ESMTP id 5DCB0100002 for ; Wed, 24 Apr 2024 23:23:53 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=YWrwtyFT; spf=pass (imf14.hostedemail.com: domain of yosryahmed@google.com designates 209.85.167.46 as permitted sender) smtp.mailfrom=yosryahmed@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1714001033; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=R4Xhz5NWCXtt8nKXxeIFmhH8Oed5NRQI3JQnJYBJb4s=; b=SnD3+m/PUvv8Go5W4svzRDPSvacCHm5krVn9w2570ogmlR8GNxpkQ5e6fH9KNRjeaU1eu1 KUZVVYBLKb5j0nQOzIiwwAiWcFQaWD2CuYV7aFWWbgkcyeif2XXNDTKDIQhpwCx0ew5DLr VQ07icPz+wRT7MIIKknfQZenIV1yVmg= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1714001033; a=rsa-sha256; cv=none; b=0pbOWjQCN9aWIeegmNYM5x5+r8Y8qPgg7dPpvw2mDN3BBzF45hIlF0IrseJLwO9PytYUnq hQdagFOGacBnzRTAyBG1+6A265TB/C6CVvsIqfj/oKvbqJvvZpFtcuIFMQ1fXI+N5hDcEU +LDLt5J3l8mDQD38TAwAKXG8W34NA3k= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=YWrwtyFT; spf=pass (imf14.hostedemail.com: domain of yosryahmed@google.com designates 209.85.167.46 as permitted sender) smtp.mailfrom=yosryahmed@google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-lf1-f46.google.com with SMTP id 2adb3069b0e04-51bab51e963so434915e87.1 for ; Wed, 24 Apr 2024 16:23:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714001031; x=1714605831; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=R4Xhz5NWCXtt8nKXxeIFmhH8Oed5NRQI3JQnJYBJb4s=; b=YWrwtyFTbQHxoSLVwQbKZrjtPqxD0L5oi5PG4JCL9D/k5FTcEN8KoaFu2M3n5+9wx/ DuOwnGgglBlX15yQQpEPzmFjefg85S0vpj1wUzTe9DQ//xU5linxxS6qDd7pfTnFp4j1 w6B/CFG9cykmCkvfb6aHhMbS/vdoKHs6kqYu+gp9m3t5a0zy1QKcF9Ei/uXn2UD3KnaL 6u7o8MJzA+g3OfVPrBsGsPCIoViosj6wczVtzPJLc67SrR5mm+H2wx4y3gmKDVfrthgp 6igjAcl7X4jaVs4VNS/Lq7G3IDIh7qX3ijSjybp2BVaDF1vJvE0r04bay9z1Uh0a/8LA ICoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714001031; x=1714605831; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R4Xhz5NWCXtt8nKXxeIFmhH8Oed5NRQI3JQnJYBJb4s=; b=rWVVIgSDarRSjgd9aN7jwS9FU60R/zo+a0/xt++v8FlJT/MW+LenUgvv8UQo8TyarO HUVeGxN0gfFWrAwgF9F8leOM+5Gd8TKgrrxZmqv2uhwFuqj1tK5nm8GA6oe+iVh6VVye X5moQA1sUzleAywBi75SjtRGTl4JOndcM0Mr8qkPW/IzG2+PziNjg8ZQ30lIjIk5MfEs 83+jG7epC4y7lhriLkUvH1ewgZ5K4U01h+4wdS3fMbXBomqwFFkei6TN63CZpIfahfr1 IofBH4wU1MPc1IlwD2EyOd1+96kVINFa9N//PghYhIMusXVfZtFxAgTlSe1JQ8Meb7xb gM7Q== X-Forwarded-Encrypted: i=1; AJvYcCU0rWknRsVrJkvP9HE3jjnkW2PKmitfdnC4Z2H3eUiZPXoY1+tkbE6qXNfFwrar3rYC45YGKt59RPJMsKnPmwivOfo= X-Gm-Message-State: AOJu0Yxsz/9rMJ9fxuWHm3PqA/22Nhbzw4MxqwR+DrTk09y9FyDdsOOX zJN8ORBitaBMuqEWUanYNol49Vp1crMHr72jcQZvm+hBOZBKkBvo7FDaCrVBJTBnyZkl7m0gXqB A2TUads4uABy9003RgHlZM+DiOyTLU1BsMw8n X-Google-Smtp-Source: AGHT+IHPC10+jHzeG+tgpIIgUMIPE4SuCr0QvH7By3qs7yKyt3sGcnqfFcju9V2mis/w27r/UIkSloxyYeZtRuWl320= X-Received: by 2002:ac2:4254:0:b0:519:63c1:6f45 with SMTP id m20-20020ac24254000000b0051963c16f45mr2385942lfl.61.1714001031354; Wed, 24 Apr 2024 16:23:51 -0700 (PDT) MIME-Version: 1.0 References: <20240424125940.2410718-1-leitao@debian.org> In-Reply-To: <20240424125940.2410718-1-leitao@debian.org> From: Yosry Ahmed Date: Wed, 24 Apr 2024 16:23:12 -0700 Message-ID: Subject: Re: [PATCH] memcg: Fix data-race KCSAN bug in rstats To: Breno Leitao Cc: Johannes Weiner , Michal Hocko , Roman Gushchin , Shakeel Butt , Muchun Song , Andrew Morton , leit@meta.com, "open list:CONTROL GROUP - MEMORY RESOURCE CONTROLLER (MEMCG)" , "open list:CONTROL GROUP - MEMORY RESOURCE CONTROLLER (MEMCG)" , open list Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 5DCB0100002 X-Stat-Signature: syznugwj75hraj5knseeqzfo36ma3upk X-Rspam-User: X-HE-Tag: 1714001033-944424 X-HE-Meta: U2FsdGVkX19QsldOfZJ7jpkv7tApzJTxwrBciBSqnmQD4Z38grvb+gz/cSsTRYmxOKUegRSatVIOrIbJczCtDOxJ254H1YpwwdPIoql7dPRP3xdQkvPtLPZZDrWRjBdpk3y+pk3AeVGsThnZ81AuRcZ2p/ZvRHOBLW12ZMbA1CnochwRNqN8Ye5uVn1HSzScCpiORzzwQ/LxUhay02EOOizfSJPEUisJFxHArHzHhFxT9eibPof4IjHLURAeCPWjv9G5CQd/QaFeQFcePXyx9DXzLlDwd8kAf8witPCPxSKWPYcuEIMsdiQzAc2Y0pJbJ7A8uR0BErFiM0NKv/DBAte7tmdOgJSuamV5dA4IHi7VeL7tgIPwXNx579sYTvC5v3qfamWbhBdNDsoK59uF9Jw+w+z9iPkfcqhOir5cq85/iZMXwwdnqihiNGAeVFvdxMMhZA3bEvGju+pCil8NXRp61mpuAkRuU5hhwbSodziCci1cFMGvP+dULAEu7dIRjj6EJLBzMygjyYOKdx2F3rsl3dPr7XBkw49LLw4u3jZuPrS6UNkm7kd2TWkaBFhdkgwqBNZkUmyJ+MKLWzFqziPmiM5k/3P73dlX+a+0GWGV1Tkfs9Gm5Zn1KMuSiDLVsB401iMLOFJFgKpg6UqM1ayfoH+14nO1nOP0zY2fpeq5fwcPoPUFS8X23lFsKXd5J2u+qneYTIzY819PgYlblG/NeAnCFzoZ/y+OLYnv0Rd7RPfG0gMgbOHmtYPJep5Yn0dYWlTjOoYS4eYkmoMZuiCQBM1MRQnkPJh6OVdkRK9mwC6om8CWGacaWcvMwZQtrblSPuv2Z48/IfVHCtzEqyz7KFM0AcMEZhNg2UzkQqZ2W+dAHuBwkljs/XzpIquBJGK6iq3IjKnHs6+ZG+bUhBf97fSrSiAEIVzhPYAjOOA/HB1cjDPhosvWtSmBdozW1IqRqontl5p+8rwX2Hv 5qdxAhAM 12mnSVvxxTjQoPaP3XQGyk0Ihb1TO9Ro6kaEZzYsQT/s3jsDkfLTe7ICR9Nn1fdOjSSLHum6q+kv1TIjTXDKy1dfUbxj05McoFbve/rq7nQP47qcLdDDSLlVRF81A9CZDD3NPJtAZfUKWpdkMthVWgbcMATGlIlhXYIIV5trlBvrFIOyUFjgZpMn126YGTRr2UgKz/XqAo6p8lz/F/+gZb0i+qR9U0Hn1/c2LR2e6IwBMNDTvaQ5EzjyfpQffeYQ4KZUxB+hLRxNW7PmEDpd4aYHX9MAOod+BXl6UTb5Xibd2a1QdJv3OJ2BztxCnICVpu5qwapuWJt1Unxg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Apr 24, 2024 at 6:00=E2=80=AFAM Breno Leitao wr= ote: > > A data-race issue in memcg rstat occurs when two distinct code paths > access the same 4-byte region concurrently. KCSAN detection triggers the > following BUG as a result. > > BUG: KCSAN: data-race in __count_memcg_events / mem_cgroup_css_rs= tat_flush > > write to 0xffffe8ffff98e300 of 4 bytes by task 5274 on cpu 17: > mem_cgroup_css_rstat_flush (mm/memcontrol.c:5850) > cgroup_rstat_flush_locked (kernel/cgroup/rstat.c:243 (discriminat= or 7)) > cgroup_rstat_flush (./include/linux/spinlock.h:401 kernel/cgroup/= rstat.c:278) > mem_cgroup_flush_stats.part.0 (mm/memcontrol.c:767) > memory_numa_stat_show (mm/memcontrol.c:6911) > > > read to 0xffffe8ffff98e300 of 4 bytes by task 410848 on cpu 27: > __count_memcg_events (mm/memcontrol.c:725 mm/memcontrol.c:962) > count_memcg_event_mm.part.0 (./include/linux/memcontrol.h:1097 ./= include/linux/memcontrol.h:1120) > handle_mm_fault (mm/memory.c:5483 mm/memory.c:5622) > > > value changed: 0x00000029 -> 0x00000000 > > The race occurs because two code paths access the same "stats_updates" > location. Although "stats_updates" is a per-CPU variable, it is remotely > accessed by another CPU at > cgroup_rstat_flush_locked()->mem_cgroup_css_rstat_flush(), leading to > the data race mentioned. > > Considering that memcg_rstat_updated() is in the hot code path, adding > a lock to protect it may not be desirable, especially since this > variable pertains solely to statistics. > > Therefore, annotating accesses to stats_updates with READ/WRITE_ONCE() > can prevent KCSAN splats and potential partial reads/writes. > > Suggested-by: Shakeel Butt > Signed-off-by: Breno Leitao Reviewed-by: Yosry Ahmed , and or posterity: Fixes: 9cee7e8ef3e3 ("mm: memcg: optimize parent iteration in memcg_rstat_updated()")