From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EA5B6C636CC
	for <linux-mm@archiver.kernel.org>; Tue, 31 Jan 2023 08:41:16 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 882A26B0089; Tue, 31 Jan 2023 03:41:16 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 832A36B008C; Tue, 31 Jan 2023 03:41:16 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 721536B0093; Tue, 31 Jan 2023 03:41:16 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 612446B0089
	for <linux-mm@kvack.org>; Tue, 31 Jan 2023 03:41:16 -0500 (EST)
Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id 3B9BF1407C0
	for <linux-mm@kvack.org>; Tue, 31 Jan 2023 08:41:16 +0000 (UTC)
X-FDA: 80414449752.28.5E6E32F
Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173])
	by imf05.hostedemail.com (Postfix) with ESMTP id 6132F10000D
	for <linux-mm@kvack.org>; Tue, 31 Jan 2023 08:41:13 +0000 (UTC)
Authentication-Results: imf05.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=ETAdz3U3;
	spf=pass (imf05.hostedemail.com: domain of elver@google.com designates 209.85.219.173 as permitted sender) smtp.mailfrom=elver@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1675154473;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=yvlc2S1AAw794p9I4WDQhqKM70Pw3dKGUU8UcdesOEI=;
	b=svaD4Wz9xDCM727vIxNNnK0MKDWDEzCwlsURg5Lck1paMB7TVwrRJMoUeIio6xdOMsoITp
	1QsFrGosQCVZEkxtbeJlx598wmw9ckff7cZsWWutf2Hjxe7kbuSr/+MYL+DMnfb0803ZbU
	p890PUxhB7zdLtpBG1l9BXPvtNQvX6k=
ARC-Authentication-Results: i=1;
	imf05.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=ETAdz3U3;
	spf=pass (imf05.hostedemail.com: domain of elver@google.com designates 209.85.219.173 as permitted sender) smtp.mailfrom=elver@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675154473; a=rsa-sha256;
	cv=none;
	b=TLkRNZ3nCvC06tqdHxlf5TOcFvNnyv7oLue1/+e7rVCOH9DsuhF93zl7NKzE9+AkrizFig
	NQvGDpVnuBbFaqIBkG4QVEj3boR3//F6JJBPRylpui+nCZBfXl6dYApLQATtuy/yLMUQHt
	dV0q3pNZ85jbljWHTh46lFCuRuvUxB8=
Received: by mail-yb1-f173.google.com with SMTP id d8so15232939ybe.9
        for <linux-mm@kvack.org>; Tue, 31 Jan 2023 00:41:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=yvlc2S1AAw794p9I4WDQhqKM70Pw3dKGUU8UcdesOEI=;
        b=ETAdz3U3iNorPk84Yo4YoksElTYXnqVqZKrk2FroxySyZLZvoNSNOznI63RFjEG/xl
         Fz5M3bWAsdxuMGGqV4/qvkgxV0I4CGBcgHocdhltUuCGYUxnk+yVcVNGPFRzBzUrnhLL
         KC4Nk1wb11wQ7rbXMxNCXyXQrxU7I8Xa6/gfSw/dI8VX7FKuh20ZT/jZ4REoRD9PZm7N
         7V71u2T60cJ7snnDfNm1pyusI+CObJJ84/29UT/HGdME247p+EvumJfu+xZBWmcHtlHQ
         l2bKyx96NJl+jga8SynzI6QDqPu3uciRI7koEvCdwLRG2P06/zzZ+JAh7AQtNtSDhMvL
         2khw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=yvlc2S1AAw794p9I4WDQhqKM70Pw3dKGUU8UcdesOEI=;
        b=yrpnDQPsanCVlgowUXNyS0O2R9imG+i3Xv3m5/IXdWQ3gGrlr+n73oi49HYT/qNLRC
         /BYdvMbC9BfQKLYi54ysqblio3bO/ahi/raq3ZTjqoS1nGIX7F6Ul9YVD2SLVYiFf78w
         avrK5gfP9suY/qROdoElHgneO3zDzfhB4oAIvmmUmIHGAFyoxgy0NqOGQkNw435zyLHe
         +UMC4AXxc7mOvFGI16iuNEuLkxvK7RtXvrgtli99+Z9gldi+jxJRzyfRjLylvPNONAV5
         7JJ+mk+j2GkdpKO4hW4yx0l7JWUrSOW4/imxhILZWQ0XcZH3qCgeLZbpXOHsS8tAuBZV
         6W8w==
X-Gm-Message-State: AO0yUKWUe05OcxXEh9U8VCu89xGGQD/FVhXZfFUEqbexxftPsop03wvh
	vtLp5zLJ2OaBabrfi2U98Z0rOKgqLvp2exT4PpFCXA==
X-Google-Smtp-Source: AK7set8rzeOh/YFX5uCS8Lf39fShXP8hu1yIak538VPbc6REwLQF2e2K5bOTsWogNSa9ylGuYFd0+IwMG7MGZBKOz1Q=
X-Received: by 2002:a25:d1d1:0:b0:80b:4d84:b25 with SMTP id
 i200-20020a25d1d1000000b0080b4d840b25mr2338010ybg.584.1675154472393; Tue, 31
 Jan 2023 00:41:12 -0800 (PST)
MIME-Version: 1.0
References: <cover.1675111415.git.andreyknvl@google.com> <19512bb03eed27ced5abeb5bd03f9a8381742cb1.1675111415.git.andreyknvl@google.com>
In-Reply-To: <19512bb03eed27ced5abeb5bd03f9a8381742cb1.1675111415.git.andreyknvl@google.com>
From: Marco Elver <elver@google.com>
Date: Tue, 31 Jan 2023 09:40:36 +0100
Message-ID: <CANpmjNNzNSDrxfrZUcRtt7=hV=Mz8_kyCpqVnyAqzhaiyipXCg@mail.gmail.com>
Subject: Re: [PATCH 16/18] lib/stackdepot: annotate racy slab_index accesses
To: andrey.konovalov@linux.dev
Cc: Alexander Potapenko <glider@google.com>, Andrey Konovalov <andreyknvl@gmail.com>, 
	Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com, 
	Evgenii Stepanov <eugenis@google.com>, Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org, 
	linux-kernel@vger.kernel.org, Andrey Konovalov <andreyknvl@google.com>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Server: rspam07
X-Rspamd-Queue-Id: 6132F10000D
X-Rspam-User: 
X-Stat-Signature: asdst9semmyxcjkbczrna3zm8kq46o7r
X-HE-Tag: 1675154473-778287
X-HE-Meta: U2FsdGVkX18w0fXN0BbJ70OvjlQmc392yHGLRuV2LOHivb8Xf77285l3Ux9GNFv/Yb+pZqHAisz5+T8NGWQTUC4fqRi/hmS8pov91TUSpDkwya1/MYJ7DeLodW54I380hrqiYR+4Xzq6bC2gjYVaaEnOaJLNqwVbdSG9f6grjf1tBtB4J6l3RQijli8vU65xw3bYT/pnFun2UhufZveCgzKTixHiEVEhibXkpVMf2UdO56e5J4sYy5OrZXtK6NpoIqVkhTOzfNuAh1zZM4+cp5BYrqbcPSbqrG9Bv75idZFvrN6Ze+e3Kdppv5j9vX4Qp7I43fi4L0pjsNoQWnTSVP9E2CJ0pmIofdHBFxDjx1/kkuLnc0al1KmaemPNZ6C7hxo5dnjBk+R734nOLZuEFsU9/O/p1Uj7IMcoi4Ho6Owzi4nECSsmnXH/8Q1UMTOnmPFpVNCz+wdubUlp5p5j9eldgrVAT2TCVGStRtvEm47v29LC5sbTRLIA8YRoGIYe8nnHMgVFS1rQH21vSt6aSM86bISSR7aHOpbVczazMnUJMDeu9LzLEsIAU2wWg7AELLEPOq6HAGrAK5r3inqbvG0NDfieeveeDvrFHCcqkzcDqXa8lcxnRwsWdNqIqPs1CFpfJzW1/rC96RHD2SCJDPyc4ee7wuY8e+Gc0m1gYxKcZ7Cu0ShSluKXkdCcRDpkPI3sYewokeV4kKhPymSYUE/1QCY8sIaQO6EdOC6hPeGireq9ig25HDO5ORutKYAcLAsSdxUysq9Undm6OUhMKOCOxUcKAHHS1tZyTV8qubBEm0sFFbgoxvTpdS8rBXVD4K2WjUT6FA8KlWBgU5b5sBez7Y51Z19c8AgkFNpr9ihVaDuXoPMFZDyD98XzKY0kSm98s7Y4s149bFVz1SXZT6e5oO4FdvrFhqsz+I/J9wJjgcXSfBeyUn2qsMYQL++SCoHYzBQbNjobTrsy2Uj
 6Tj1e4QI
 hRft6u21ohp8HZ0nRhNWkcMndpU/YKIOel6lPvP9Oo+dvZFp7v0LISO7xzz7cvSyqh2rIcSJiff4u9C76fgbUs3SACPtttW/E+z8UkbIwXzy8QzGTjh6YHGmzHFUuIU5K9PC8xaXzmdulPVtPqis/Ebdq3/hogrCDQBG9lp2uOV+aGOrSuMCQKS5UmW8jJMHK+tFVgh8yCHHT5xD49Z/v371gOCW4huz9dtS8fVnLHQ8lk2Qvqi+tkxxQ94Mv7IUeIEYNurlc7vxyM4HUX9F0mYjGpvipUYpuU6FcdNK0yAAgh6b/RKctF14+ag==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, 30 Jan 2023 at 21:51, <andrey.konovalov@linux.dev> wrote:
>
> From: Andrey Konovalov <andreyknvl@google.com>
>
> Accesses to slab_index are protected by slab_lock everywhere except
> in a sanity check in stack_depot_fetch. The read access there can race
> with the write access in depot_alloc_stack.
>
> Use WRITE/READ_ONCE() to annotate the racy accesses.
>
> As the sanity check is only used to print a warning in case of a
> violation of the stack depot interface usage, it does not make a lot
> of sense to use proper synchronization.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> ---
>  lib/stackdepot.c | 13 +++++++++----
>  1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/lib/stackdepot.c b/lib/stackdepot.c
> index f291ad6a4e72..cc2fe8563af4 100644
> --- a/lib/stackdepot.c
> +++ b/lib/stackdepot.c
> @@ -269,8 +269,11 @@ depot_alloc_stack(unsigned long *entries, int size, u32 hash, void **prealloc)
>                         return NULL;
>                 }
>
> -               /* Move on to the next slab. */
> -               slab_index++;
> +               /*
> +                * Move on to the next slab.
> +                * WRITE_ONCE annotates a race with stack_depot_fetch.

"Pairs with potential concurrent read in stack_depot_fetch()." would be clearer.

I wouldn't say WRITE_ONCE annotates a race (race = involves 2+
accesses, but here's just 1), it just marks this access here which
itself is paired with the potential racing read in the other function.

> +                */
> +               WRITE_ONCE(slab_index, slab_index + 1);
>                 slab_offset = 0;
>                 /*
>                  * smp_store_release() here pairs with smp_load_acquire() in
> @@ -492,6 +495,8 @@ unsigned int stack_depot_fetch(depot_stack_handle_t handle,
>                                unsigned long **entries)
>  {
>         union handle_parts parts = { .handle = handle };
> +       /* READ_ONCE annotates a race with depot_alloc_stack. */
> +       int slab_index_cached = READ_ONCE(slab_index);
>         void *slab;
>         size_t offset = parts.offset << DEPOT_STACK_ALIGN;
>         struct stack_record *stack;
> @@ -500,9 +505,9 @@ unsigned int stack_depot_fetch(depot_stack_handle_t handle,
>         if (!handle)
>                 return 0;
>
> -       if (parts.slab_index > slab_index) {
> +       if (parts.slab_index > slab_index_cached) {
>                 WARN(1, "slab index %d out of bounds (%d) for stack id %08x\n",
> -                       parts.slab_index, slab_index, handle);
> +                       parts.slab_index, slab_index_cached, handle);
>                 return 0;
>         }
>         slab = stack_slabs[parts.slab_index];
> --
> 2.25.1
>