From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CEB28C47258
	for <linux-mm@archiver.kernel.org>; Wed, 17 Jan 2024 21:02:24 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 608506B007B; Wed, 17 Jan 2024 16:02:24 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 5B8686B007E; Wed, 17 Jan 2024 16:02:24 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 47FE46B0080; Wed, 17 Jan 2024 16:02:24 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id 38C706B007B
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:02:24 -0500 (EST)
Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id 10003A1C36
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 21:02:24 +0000 (UTC)
X-FDA: 81690026208.06.187049C
Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74])
	by imf02.hostedemail.com (Postfix) with ESMTP id 3C9C480019
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 21:02:21 +0000 (UTC)
Authentication-Results: imf02.hostedemail.com;
	dkim=pass header.d=columbia.edu header.s=pps01 header.b=V3jnG8qS;
	dmarc=pass (policy=none) header.from=columbia.edu;
	spf=pass (imf02.hostedemail.com: domain of gr2547@columbia.edu designates 148.163.139.74 as permitted sender) smtp.mailfrom=gr2547@columbia.edu
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1705525341;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=fMUchkso6s3fP9eOieYdqWfmlTaKy5FN0CyilhqDPb4=;
	b=pRJQj1ZiQ4+yh05DJUXmKj4lAHPvvjl/3YaIgIedutzpl6ewdNXdEEsgRZJpKM2e7SS4Bs
	prc/p1oCKPKc2hJFAdjGA7zavhrPYAqvL17pjjYDW4ngx1sY/DFT8L/ME77EgAozS2StQ3
	Rz7tZe4DxIUppaSdozECABNhQqdfyhQ=
ARC-Authentication-Results: i=1;
	imf02.hostedemail.com;
	dkim=pass header.d=columbia.edu header.s=pps01 header.b=V3jnG8qS;
	dmarc=pass (policy=none) header.from=columbia.edu;
	spf=pass (imf02.hostedemail.com: domain of gr2547@columbia.edu designates 148.163.139.74 as permitted sender) smtp.mailfrom=gr2547@columbia.edu
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1705525341; a=rsa-sha256;
	cv=none;
	b=X5KMsG8NGZSOpZgxsTg967hTt9DQpYoiL+gpG7UHbO6S5ovMLZbMscWRexbZMWGWuVjKS/
	n21RTXXoLE7SV8zKkzjgioyPtUGRJNBcZ9Esnt4A6iRqn0M2z+U1bBhpO3rgmlUXTdKRfI
	EnhIZhh2H9zim0OtUc/R5yi7vF7kbbs=
Received: from pps.filterd (m0167073.ppops.net [127.0.0.1])
	by mx0b-00364e01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 40HKUKBf004160
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:02:20 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=mime-version :
 references : in-reply-to : from : date : message-id : subject : to : cc :
 content-type : content-transfer-encoding; s=pps01;
 bh=fMUchkso6s3fP9eOieYdqWfmlTaKy5FN0CyilhqDPb4=;
 b=V3jnG8qSigp3ZjTUHvJ7h68jKAU9Bs7aSOk2TExqa/JCybtYsLSeUpFu5DjexsiItxTR
 kULetZvxH1MdDataAZ4jjl8e1mgNOGiRwvH2qlKcxzncMcfAHEOHrIM6KfqByz/ytJLn
 3Qvi4lEDF+inBCZtt6uZ5l/sXIxgDXhhkDZ9FS/URMWDXDj+SnsOfB4DDTN/PyH5PlKD
 PkbqXllZ8FYxgwUjIXlvmiknImCD/ams/dhnHnJ1IM1q2O5crgl3PZeiZVU/PjER0/Zj
 +WdfS4Nx1vXtEaAOB8WSJP3zwHUuI4sgTIgSaUO+SAS1+c2QAD5XES5jg9eWUUfflg32 uA== 
Received: from mail-oa1-f71.google.com (mail-oa1-f71.google.com [209.85.160.71])
	by mx0b-00364e01.pphosted.com (PPS) with ESMTPS id 3vpm26skuj-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:02:19 -0500
Received: by mail-oa1-f71.google.com with SMTP id 586e51a60fabf-210b1dc329bso67703fac.0
        for <linux-mm@kvack.org>; Wed, 17 Jan 2024 13:02:19 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1705525339; x=1706130139;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=fMUchkso6s3fP9eOieYdqWfmlTaKy5FN0CyilhqDPb4=;
        b=rqiNR0qugT5W4cVuXu/szQoc7kC60uuALjEeKqI2FVu8WzUE5p41SSpHqrFzcedkAD
         Lo6l30Jy8dHsRU+V/Y3wbunNt7fL40eY+Y121h6Z/Rm2F2fRjY/FEKpC4/9Zu32mWZHE
         PKEkjMm7l6CjUs9aNZSRLZ/AXmPSlI8DVk8Svc+jtaeYSMQZPQrFPLeTcFXjJhHdChnJ
         7/KluAo7Sjn6EOGpzk9lseV18/ZQwn2XMS3l6mU6ikdM5yzdGlOKj9B/Lq/jxqg8bhjj
         EnMhf/xw5z7SRWX16Tftyi3F5INEhGxbwYzRTKQCkk2NjNZe6N617BzwQqvNIpGQy4Jf
         fDAw==
X-Gm-Message-State: AOJu0Yx0fSt14h741YyeucguFQgGZtgKx8DENvOoWRJQQ51jHMqcY1SS
	MP7XvyuAgaSrNy6P4cFhoFC5ZtYu7xjYOF52v4DAZeg4odJFRecjbVDFXn6lJSinLAS2kE8FMvG
	72cTFipuxPvLF5Vj9fMl0g3nFNO7uofbLeo0RB8wW3PvmO0HeS5hw43Cvl3r2Ot6KwGIdT5KJkE
	5lwR4XUJLUWjus7nmyvdejc377dmOD3A==
X-Received: by 2002:a05:6870:a447:b0:204:f46f:4ec9 with SMTP id n7-20020a056870a44700b00204f46f4ec9mr597129oal.46.1705525338920;
        Wed, 17 Jan 2024 13:02:18 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFUILMw6YmQTx0ZuzMghYzzLMbuHa138vTY/U8Od0Ji5loHnPxaCOVHAsSIGE0wMjDMZvCYzoFK1wHuuyQlxGk=
X-Received: by 2002:a05:6870:a447:b0:204:f46f:4ec9 with SMTP id
 n7-20020a056870a44700b00204f46f4ec9mr597122oal.46.1705525338677; Wed, 17 Jan
 2024 13:02:18 -0800 (PST)
MIME-Version: 1.0
References: <CALbthtcbD1bDYrQC6iNk6rMgBXO8LvH0kqxFh3=0nUdqm35Lsg@mail.gmail.com>
 <Zag6xv3N7VZ_HFVT@casper.infradead.org>
In-Reply-To: <Zag6xv3N7VZ_HFVT@casper.infradead.org>
From: Gabriel Ryan <gabe@cs.columbia.edu>
Date: Wed, 17 Jan 2024 16:02:13 -0500
Message-ID: <CALbthtcdfQakgj29pg-YkPPAqfmL67UE--q=Z923Cdb-+3svSQ@mail.gmail.com>
Subject: Re: Race in mm/readahead.c:140 file_ra_state_init / block/ioctl.c:497 blkdev_common_ioctl
To: Matthew Wilcox <willy@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>, linux-fsdevel@vger.kernel.org,
        linux-mm@kvack.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Proofpoint-ORIG-GUID: MGaMH68lfA7_ChCtm2KjpRmAqHW6LNlc
X-Proofpoint-GUID: MGaMH68lfA7_ChCtm2KjpRmAqHW6LNlc
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2024-01-17_12,2024-01-17_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0
 lowpriorityscore=10 clxscore=1015 impostorscore=10 malwarescore=0
 suspectscore=0 bulkscore=10 spamscore=0 priorityscore=1501 mlxlogscore=716
 adultscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2311290000 definitions=main-2401170150
X-Rspam-User: 
X-Rspamd-Server: rspam12
X-Rspamd-Queue-Id: 3C9C480019
X-Stat-Signature: nzt7eetgs6akwad4zdmoji8krr4rdpg4
X-HE-Tag: 1705525341-240471
X-HE-Meta: U2FsdGVkX199dv2ahYQxHDdADQrdjz7+ys/3siWqePD1Fy3QWi+uFqOl7NrS5t0dsAI2ySZelf6V0fXBRtd5i3G9hgFeisabE1y7r7jJVR6x/luw4QHFje+vryHCJ3OMsfhhwQlbOLfkOf8SMUXLAdFgaVwlZwQc+UicyC+7iui7LA0W88b2TbSM3pCA3kcwemgKPH00URydLFG0pyWWTaVgrGXgRg4fmb6hokH4cs6Hb22ikJgdoXCgoQ1onjB94g60H8T8VTH0b5mMo8RKe0KwKLvSTpRTUIeZlsuOOh4E0NUeWiALWVjQ7Ilzl0Z7xlZ2eaOU6NpPIhFHJXLbC3Xa6BZGwnvVaRzw3It1we9HbtC/MGDSHcwcjB0SfYvVTTg3Dd9cagoe8/GS8CQluXBsj+fcSJ8wWyoJSQ3NnVYib+OUxz6wSrc5rfT/q7sepi6l6Obm4UQR2fgYILngAed0Dqndb7ec1qQBkmC36xxU/3/mT1PdOiA6/xdUWujypsh11Gdd1DwQyjRNwCWJ7YOf6h9N7pmm7RjjsaqXffBxJzuAcekzcqFWBuAiFDqRBuSs67iMGtmL+oSpbt3XEcfWni07PWgBdzLVF+6jRbCfBNRAIXFhIKAHarOCf+PJIgAujqnpdwqZcyJ/2nBHearre6ENZdTrx/Va27n68bJW3NghnxgOdcsTSJ8PvZkcnj5SktRoJTfse/9Ax1T7elg20gEowQPaKiSYGabVQXSCACQ5SBMqgRcOQ/VDbFZTvCA/HcDjEgpmGFDrNJjVyXDH+ngmh4G1kAq5zrcw1aBDVWmYGZzU6QXhllLr8GbcSjShJgueEuIMJDKwyTykJY3c6M5wI8kJOkbJEWLwXs9RwDJLqxN5B+LsuVrxoQ8pfWkXDw24gM8PtSkGZP/I9KGU9T2bXJ5zdDorNWGLswaatwI13ilMQUd2ydZYTkG08pJX5/vgxcdgO+zm1NJ
 hUoMEYWr
 aK6yNULFI0js2xDYPfpAn6b2XYXJt1iLAhq533TdciZ/aQx7tLrKiuo/X1A5UEZq92ntI/FtnQCKK6cO+EfBNUH9BwX1J+Dt0Ym43OyM8bEweXyTEPhl0ANNMn6Xw7zPi+Blq87UslZJFC2CTKNhb1E/8olPbEUFjEgQmcv6onV8Ve6a+diAw5dZOSYiFgL1Pi0dEeQvHLXf6VrWEt8RuEpvIK4IRKuNo/rvIsZ5FDyQ3bskoj0FzAewzv/o4Akg7VZSIcncMO3C5kD5+hT5a5xEsndYW+APVLz8bsCLFxCCZsfmko3lB/O/VO26T6If3wv5WJE44HfTUsEYfIEGKcGU1LJnElHp5yab666W84ODFBQ/SmneT8j/y+0MDOYezkU9h5WYiMkofvFDNy4mJHIb86l0Lrtwp5FTXAYEvv2IOguxc1AuTm1oD8ipgEOK3Fey66Yn/fkkGl6AN72Nddr2sIo/EOOXQ+VVCccDc8FL/fcIDCXDzetYRBwM7KGBCcV/n9+QVDAyeJkgOMPlkmaiH8MmD/5RaiQpDWwFGqMYTpEsKQT+WPp2eOw==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Thank you for your response!

To clarify, the tool we are developing uses modified KCSAN watchpoints
in conjunction with additional enforced thread scheduling to expose
new races. Most of these races are harmless, but we are reporting ones
that appear potentially undesirable just in case they are real bugs.


On Wed, Jan 17, 2024 at 3:38=E2=80=AFPM Matthew Wilcox <willy@infradead.org=
> wrote:
>
> On Wed, Jan 17, 2024 at 03:08:47PM -0500, Gabriel Ryan wrote:
> > We found a race in the mm subsystem in kernel version v5.18-rc5 that
>
> What an odd kernel version to be analysing.  It's simultaneously almost
> two years old, and yet not an actual release.  You'd be better off
> choosing an LTS kernel as your version to analyse, something like v6.6
> or v6.1.  Or staying right on the bleeding edge and using something more
> recent like v6.7.
>
> > appears to be potentially harmful using a race testing tool we are
> > developing. The race occurs between:
> >
> > mm/readahead.c:140 file_ra_state_init
> >
> >     ra->ra_pages =3D inode_to_bdi(mapping->host)->ra_pages;
> >
> > block/ioctl.c:497 blkdev_common_ioctl
> >
> >     bdev->bd_disk->bdi->ra_pages =3D (arg * 512) / PAGE_SIZE;
> >
> >
> > which both set the ra->ra_pages value. It appears this race could lead
> > to undefined behavior, if multiple threads set ra->ra_pages to
> > different values simultaneously for a single file inode.
>
> Undefined behaviour from the C spec point of view, sure.  But from a
> realistic hardware/compiler point of view, not really.  These are going
> to be simple loads & stores. since bdi->ra_pages is an unsigned long.
> And if it does happen to be garbage, how much harm is really done?
> We'll end up with the wrong readahead value for a single open file.
> Performance might not be so great, but it's not like we're going to
> grant root access as a result.
>
> We should probably add READ_ONCE / WRITE_ONCE annotations to be
> certain the compiler doesn't get all clever, but that brings me to the
> question about why you're developing this tool.  We already have tooling
> to annoy people with these kinds of nitpicks (KCSAN).