From: Andrew Morton <akpm@linux-foundation.org>
To: akpm@linux-foundation.org, cai@lca.pw, dan.j.williams@intel.com,
david@redhat.com, elver@google.com, ira.weiny@intel.com,
jack@suse.cz, jhubbard@nvidia.com, linux-mm@kvack.org,
mm-commits@vger.kernel.org, paulmck@kernel.org,
torvalds@linux-foundation.org
Subject: [patch 32/39] mm: annotate a data race in page_zonenum()
Date: Fri, 14 Aug 2020 17:31:53 -0700 [thread overview]
Message-ID: <20200815003153.u2a5W_kRT%akpm@linux-foundation.org> (raw)
In-Reply-To: <20200814172939.55d6d80b6e21e4241f1ee1f3@linux-foundation.org>
From: Qian Cai <cai@lca.pw>
Subject: mm: annotate a data race in page_zonenum()
BUG: KCSAN: data-race in page_cpupid_xchg_last / put_page
write (marked) to 0xfffffc0d48ec1a00 of 8 bytes by task 91442 on cpu 3:
page_cpupid_xchg_last+0x51/0x80
page_cpupid_xchg_last at mm/mmzone.c:109 (discriminator 11)
wp_page_reuse+0x3e/0xc0
wp_page_reuse at mm/memory.c:2453
do_wp_page+0x472/0x7b0
do_wp_page at mm/memory.c:2798
__handle_mm_fault+0xcb0/0xd00
handle_pte_fault at mm/memory.c:4049
(inlined by) __handle_mm_fault at mm/memory.c:4163
handle_mm_fault+0xfc/0x2f0
handle_mm_fault at mm/memory.c:4200
do_page_fault+0x263/0x6f9
do_user_addr_fault at arch/x86/mm/fault.c:1465
(inlined by) do_page_fault at arch/x86/mm/fault.c:1539
page_fault+0x34/0x40
read to 0xfffffc0d48ec1a00 of 8 bytes by task 94817 on cpu 69:
put_page+0x15a/0x1f0
page_zonenum at include/linux/mm.h:923
(inlined by) is_zone_device_page at include/linux/mm.h:929
(inlined by) page_is_devmap_managed at include/linux/mm.h:948
(inlined by) put_page at include/linux/mm.h:1023
wp_page_copy+0x571/0x930
wp_page_copy at mm/memory.c:2615
do_wp_page+0x107/0x7b0
__handle_mm_fault+0xcb0/0xd00
handle_mm_fault+0xfc/0x2f0
do_page_fault+0x263/0x6f9
page_fault+0x34/0x40
Reported by Kernel Concurrency Sanitizer on:
CPU: 69 PID: 94817 Comm: systemd-udevd Tainted: G W O L 5.5.0-next-20200204+ #6
Hardware name: HPE ProLiant DL385 Gen10/ProLiant DL385 Gen10, BIOS A40 07/10/2019
A page never changes its zone number. The zone number happens to be
stored in the same word as other bits which are modified, but the zone
number bits will never be modified by any other write, so it can accept
a reload of the zone bits after an intervening write and it don't need
to use READ_ONCE(). Thus, annotate this data race using
ASSERT_EXCLUSIVE_BITS() to also assert that there are no concurrent
writes to it.
Link: http://lkml.kernel.org/r/1581619089-14472-1-git-send-email-cai@lca.pw
Signed-off-by: Qian Cai <cai@lca.pw>
Suggested-by: Marco Elver <elver@google.com>
Cc: Paul E. McKenney <paulmck@kernel.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Jan Kara <jack@suse.cz>
Cc: John Hubbard <jhubbard@nvidia.com>
Cc: Ira Weiny <ira.weiny@intel.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
include/linux/mm.h | 1 +
1 file changed, 1 insertion(+)
--- a/include/linux/mm.h~mm-annotate-a-data-race-in-page_zonenum
+++ a/include/linux/mm.h
@@ -1067,6 +1067,7 @@ vm_fault_t finish_mkwrite_fault(struct v
static inline enum zone_type page_zonenum(const struct page *page)
{
+ ASSERT_EXCLUSIVE_BITS(page->flags, ZONES_MASK << ZONES_PGSHIFT);
return (page->flags >> ZONES_PGSHIFT) & ZONES_MASK;
}
_
next prev parent reply other threads:[~2020-08-15 22:11 UTC|newest]
Thread overview: 152+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-15 0:29 incoming Andrew Morton
2020-08-15 0:30 ` [patch 01/39] asm-generic: pgalloc.h: use correct #ifdef to enable pud_alloc_one() Andrew Morton
2020-08-15 0:30 ` [patch 02/39] Revert "mm/vmstat.c: do not show lowmem reserve protection information of empty zone" Andrew Morton
2020-08-15 0:30 ` [patch 03/39] lz4: fix kernel decompression speed Andrew Morton
2020-08-15 0:30 ` [patch 04/39] exec: restore EACCES of S_ISDIR execve() Andrew Morton
2020-08-15 0:30 ` [patch 05/39] selftests/exec: add file type errno tests Andrew Morton
2020-08-15 0:30 ` [patch 06/39] mailmap: add entry for Greg Kurz Andrew Morton
2020-08-15 0:30 ` [patch 07/39] mm: store compound_nr as well as compound_order Andrew Morton
2020-08-15 0:30 ` [patch 08/39] mm: move page-flags include to top of file Andrew Morton
2020-08-15 0:30 ` [patch 09/39] mm: add thp_order Andrew Morton
2020-08-15 0:30 ` [patch 10/39] mm: add thp_size Andrew Morton
2020-08-15 0:30 ` [patch 11/39] mm: replace hpage_nr_pages with thp_nr_pages Andrew Morton
2020-08-15 0:30 ` [patch 12/39] mm: add thp_head Andrew Morton
2020-08-15 0:30 ` [patch 13/39] mm: introduce offset_in_thp Andrew Morton
2020-08-15 0:30 ` [patch 14/39] fs: autofs: delete repeated words in comments Andrew Morton
2020-08-15 0:30 ` [patch 15/39] mm/madvise: pass task and mm to do_madvise Andrew Morton
2020-08-15 0:30 ` [patch 16/39] pid: move pidfd_get_pid() to pid.c Andrew Morton
2020-08-15 0:30 ` [patch 17/39] mm/madvise: introduce process_madvise() syscall: an external memory hinting API Andrew Morton
2020-08-16 8:12 ` Christian Brauner
2020-08-17 15:10 ` Minchan Kim
2020-08-15 0:31 ` [patch 18/39] mm/madvise: check fatal signal pending of target process Andrew Morton
2020-08-15 2:53 ` Linus Torvalds
2020-08-15 2:53 ` Linus Torvalds
2020-08-15 4:59 ` Minchan Kim
2020-08-15 14:57 ` Linus Torvalds
2020-08-15 14:57 ` Linus Torvalds
2020-08-15 18:34 ` Minchan Kim
2020-08-16 1:43 ` Linus Torvalds
2020-08-16 1:43 ` Linus Torvalds
2020-08-16 5:58 ` Minchan Kim
2020-08-15 0:31 ` [patch 19/39] all arch: remove system call sys_sysctl Andrew Morton
2020-08-15 0:31 ` [patch 20/39] mm/kmemleak: silence KCSAN splats in checksum Andrew Morton
2020-08-15 0:31 ` [patch 21/39] mm/frontswap: mark various intentional data races Andrew Morton
2020-08-15 0:31 ` [patch 22/39] mm/page_io: " Andrew Morton
2020-08-15 0:31 ` [patch 23/39] mm/swap_state: " Andrew Morton
2020-08-15 0:31 ` [patch 24/39] mm/filemap.c: fix a data race in filemap_fault() Andrew Morton
2020-08-15 0:31 ` [patch 25/39] mm/swapfile: fix and annotate various data races Andrew Morton
2020-08-15 0:31 ` [patch 26/39] mm/page_counter: fix various data races at memsw Andrew Morton
2020-08-15 0:31 ` [patch 27/39] mm/memcontrol: fix a data race in scan count Andrew Morton
2020-08-15 0:31 ` [patch 28/39] mm/list_lru: fix a data race in list_lru_count_one Andrew Morton
2020-08-15 0:31 ` [patch 29/39] mm/mempool: fix a data race in mempool_free() Andrew Morton
2020-08-15 0:31 ` [patch 30/39] mm/rmap: annotate a data race at tlb_flush_batched Andrew Morton
2020-08-15 0:31 ` [patch 31/39] mm/swap.c: annotate data races for lru_rotate_pvecs Andrew Morton
2020-08-15 0:31 ` Andrew Morton [this message]
2020-08-15 0:31 ` [patch 33/39] include/asm-generic/vmlinux.lds.h: align ro_after_init Andrew Morton
2020-08-15 0:32 ` [patch 34/39] sh: clkfwk: remove r8/r16/r32 Andrew Morton
2020-08-15 0:32 ` [patch 35/39] sh: use generic strncpy() Andrew Morton
2020-08-15 0:32 ` [patch 36/39] iomap: constify ioreadX() iomem argument (as in generic implementation) Andrew Morton
2020-08-15 0:32 ` [patch 37/39] rtl818x: " Andrew Morton
2020-08-15 0:32 ` [patch 38/39] ntb: intel: " Andrew Morton
2020-08-15 0:32 ` [patch 39/39] virtio: pci: " Andrew Morton
2020-08-18 23:03 ` + mailmap-add-andi-kleen.patch added to -mm tree Andrew Morton
2020-08-18 23:05 ` + mm-account-pmd-tables-like-pte-tables.patch " Andrew Morton
2020-08-18 23:09 ` + mm-remove-activate_page-from-unuse_pte.patch " Andrew Morton
2020-08-18 23:09 ` + mm-remove-superfluous-__clearpageactive.patch " Andrew Morton
2020-08-18 23:09 ` + mm-remove-superfluous-__clearpagewaiters.patch " Andrew Morton
2020-08-18 23:49 ` + mm-madvise-introduce-process_madvise-syscall-an-external-memory-hinting-api-fix.patch " Andrew Morton
2020-08-18 23:50 ` + mm-slab-remove-duplicate-include.patch " Andrew Morton
2020-08-18 23:53 ` + mm-memory-fix-typo-in-__do_fault-comment.patch " Andrew Morton
2020-08-18 23:56 ` + proc-add-struct-mount-struct-super_block-addr-in-lx-mounts-command.patch " Andrew Morton
2020-08-18 23:56 ` + tasks-add-headers-and-improve-spacing-format.patch " Andrew Morton
2020-08-18 23:57 ` + mm-memoryc-replace-vmf-vma-with-variable-vma.patch " Andrew Morton
2020-08-19 1:30 ` + mm-page_reporting-drop-stale-list-head-check-in-page_reporting_cycle.patch " Andrew Morton
2020-08-19 1:31 ` + checkpatch-add-kconfig-prefix.patch " Andrew Morton
2020-08-19 1:32 ` + mm-memory-failure-do-pgoff-calculation-before-for_each_process.patch " Andrew Morton
2020-08-19 1:41 ` + hugetlb_cgroup-convert-comma-to-semicolon.patch " Andrew Morton
2020-08-19 1:42 ` + checkpatch-move-repeated-word-test.patch " Andrew Morton
2020-08-19 1:55 ` + mmap-locking-api-add-mmap_lock_is_contended.patch " Andrew Morton
2020-08-19 1:55 ` + mm-smaps-extend-smap_gather_stats-to-support-specified-beginning.patch " Andrew Morton
2020-08-19 1:55 ` + mm-proc-smaps_rollup-do-not-stall-write-attempts-on-mmap_lock.patch " Andrew Morton
2020-08-19 2:18 ` + romfs-fix-uninitialized-memory-leak-in-romfs_dev_read.patch " Andrew Morton
2020-08-19 2:23 ` + mm-util-update-the-kerneldoc-for-kstrdup_const.patch " Andrew Morton
2020-08-19 2:39 ` + kernel-relayc-fix-memleak-on-destroy-relay-channel.patch " Andrew Morton
2020-08-19 2:44 ` + device-dax-fix-mismatches-of-request_mem_region.patch " Andrew Morton
2020-08-19 2:49 ` + uprobes-__replace_page-avoid-bug-in-munlock_vma_page.patch " Andrew Morton
2020-08-19 2:55 ` + mm-page_alloc-tweak-comments-in-has_unmovable_pages.patch " Andrew Morton
2020-08-19 2:55 ` + mm-page_isolation-exit-early-when-pageblock-is-isolated-in-set_migratetype_isolate.patch " Andrew Morton
2020-08-19 2:55 ` + mm-page_isolation-drop-warn_on_once-in-set_migratetype_isolate.patch " Andrew Morton
2020-08-19 2:55 ` + mm-page_isolation-cleanup-set_migratetype_isolate.patch " Andrew Morton
2020-08-19 2:55 ` + virtio-mem-dont-special-case-zone_movable.patch " Andrew Morton
2020-08-19 2:55 ` + mm-document-semantics-of-zone_movable.patch " Andrew Morton
2020-08-19 3:09 ` + mm-gup_benchmark-use-pin_user_pages-for-foll_longterm-flag.patch " Andrew Morton
2020-08-19 3:13 ` + squashfs-avoid-bio_alloc-failure-with-1mbyte-blocks.patch " Andrew Morton
2020-08-19 3:19 ` + mm-include-cma-pages-in-lowmem_reserve-at-boot.patch " Andrew Morton
2020-08-19 3:21 ` + mm-dmapoolc-replace-open-coded-list_for_each_entry_safe.patch " Andrew Morton
2020-08-19 3:21 ` + mm-dmapoolc-replace-hard-coded-function-name-with-__func__.patch " Andrew Morton
2020-08-19 3:27 ` + mm-slub-branch-optimization-in-free-slowpath.patch " Andrew Morton
2020-08-19 3:39 ` [to-be-updated] mm-page_alloc-keep-memoryless-cpuless-node-0-offline.patch removed from " Andrew Morton
2020-08-19 3:39 ` [to-be-updated] powerpc-numa-set-numa_node-for-all-possible-cpus.patch " Andrew Morton
2020-08-19 3:39 ` [to-be-updated] powerpc-numa-prefer-node-id-queried-from-vphn.patch " Andrew Morton
2020-08-19 3:50 ` + mm-memcg-warning-on-memcg-after-readahead-page-charged.patch added to " Andrew Morton
2020-08-19 3:50 ` + mm-memcg-remove-useless-check-on-page-mem_cgroup.patch " Andrew Morton
2020-08-19 3:50 ` + mm-thp-move-lru_add_page_tail-func-to-huge_memoryc.patch " Andrew Morton
2020-08-19 3:50 ` + mm-thp-clean-up-lru_add_page_tail.patch " Andrew Morton
2020-08-19 3:50 ` + mm-thp-remove-code-path-which-never-got-into.patch " Andrew Morton
2020-08-19 3:50 ` + mm-thp-narrow-lru-locking.patch " Andrew Morton
2020-08-19 3:56 ` + mm-slub-fix-missing-alloc_slowpath-stat-when-bulk-alloc.patch " Andrew Morton
2020-08-19 17:20 ` + mm-mmap-add-inline-munmap_vma_range-for-code-readability.patch " Andrew Morton
2020-08-19 17:20 ` + mm-mmap-add-inline-vma_next-for-readability-of-mmap-code.patch " Andrew Morton
2020-08-19 17:47 ` + mm-gup-dont-permit-users-to-call-get_user_pages-with-foll_longterm.patch " Andrew Morton
2020-08-19 18:20 ` + mm-memory_hotplug-inline-__offline_pages-into-offline_pages.patch " Andrew Morton
2020-08-19 18:20 ` + mm-memory_hotplug-enforce-section-granularity-when-onlining-offlining.patch " Andrew Morton
2020-08-19 18:20 ` + mm-memory_hotplug-simplify-page-offlining.patch " Andrew Morton
2020-08-19 18:20 ` + mm-page_alloc-simplify-__offline_isolated_pages.patch " Andrew Morton
2020-08-19 18:20 ` + mm-memory_hotplug-drop-nr_isolate_pageblock-in-offline_pages.patch " Andrew Morton
2020-08-19 18:20 ` + mm-page_isolation-simplify-return-value-of-start_isolate_page_range.patch " Andrew Morton
2020-08-19 18:20 ` + mm-memory_hotplug-simplify-page-onlining.patch " Andrew Morton
2020-08-19 18:20 ` + mm-page_alloc-drop-stale-pageblock-comment-in-memmap_init_zone.patch " Andrew Morton
2020-08-19 18:21 ` + mm-pass-migratetype-into-memmap_init_zone-and-move_pfn_range_to_zone.patch " Andrew Morton
2020-08-19 18:21 ` + mm-memory_hotplug-mark-pageblocks-migrate_isolate-while-onlining-memory.patch " Andrew Morton
2020-08-19 18:31 ` + mm-migrate-avoid-possible-unnecessary-process-right-check-in-kernel_move_pages.patch " Andrew Morton
2020-08-19 18:34 ` + mm-fix-missing-function-declaration.patch " Andrew Morton
2020-08-19 18:36 ` + ia64-fix-build-error-with-coredump.patch " Andrew Morton
2020-08-19 19:01 ` + mm-debug-do-not-dereference-i_ino-blindly.patch " Andrew Morton
2020-08-19 19:02 ` + mm-highmem-clean-up-endif-comments.patch " Andrew Morton
2020-08-19 19:27 ` + kvm-ppc-book3s-hv-simplify-kvm_cma_reserve.patch " Andrew Morton
2020-08-19 19:27 ` + dma-contiguous-simplify-cma_early_percent_memory.patch " Andrew Morton
2020-08-19 19:27 ` + arm-xtensa-simplify-initialization-of-high-memory-pages.patch " Andrew Morton
2020-08-19 19:27 ` + arm64-numa-simplify-dummy_numa_init.patch " Andrew Morton
2020-08-19 19:27 ` + h8300-nds32-openrisc-simplify-detection-of-memory-extents.patch " Andrew Morton
2020-08-19 19:27 ` + riscv-drop-unneeded-node-initialization.patch " Andrew Morton
2020-08-19 19:27 ` + mircoblaze-drop-unneeded-numa-and-sparsemem-initializations.patch " Andrew Morton
2020-08-19 19:27 ` + memblock-make-for_each_memblock_type-iterator-private.patch " Andrew Morton
2020-08-19 19:27 ` + memblock-make-memblock_debug-and-related-functionality-private.patch " Andrew Morton
2020-08-19 19:27 ` + memblock-make-memblock_debug-and-related-functionality-private-fix.patch " Andrew Morton
2020-08-19 19:27 ` + memblock-reduce-number-of-parameters-in-for_each_mem_range.patch " Andrew Morton
2020-08-19 19:27 ` + arch-mm-replace-for_each_memblock-with-for_each_mem_pfn_range.patch " Andrew Morton
2020-08-19 19:27 ` + arch-drivers-replace-for_each_membock-with-for_each_mem_range.patch " Andrew Morton
2020-08-19 19:28 ` + x86-setup-simplify-initrd-relocation-and-reservation.patch " Andrew Morton
2020-08-19 19:28 ` + x86-setup-simplify-reserve_crashkernel.patch " Andrew Morton
2020-08-19 19:28 ` + memblock-remove-unused-memblock_mem_size.patch " Andrew Morton
2020-08-19 19:28 ` + memblock-implement-for_each_reserved_mem_region-using-__next_mem_region.patch " Andrew Morton
2020-08-19 19:28 ` + memblock-use-separate-iterators-for-memory-and-reserved-regions.patch " Andrew Morton
2020-08-19 19:31 ` + fs-ocfs2-delete-repeated-words-in-comments.patch " Andrew Morton
2020-08-19 19:32 ` + fs-configfs-delete-repeated-words-in-comments.patch " Andrew Morton
2020-08-19 19:37 ` + mm-slub-make-add_full-condition-more-explicit.patch " Andrew Morton
2020-08-19 19:39 ` + memremap-convert-devmap-static-branch-to-incdec.patch " Andrew Morton
2020-08-19 19:53 ` + scripts-tagssh-exclude-tools-directory-from-tags-generation.patch " Andrew Morton
2020-08-19 19:54 ` + docs-vm-fix-mm_count-vs-mm_users-counter-confusion.patch " Andrew Morton
2020-08-19 20:08 ` + mm-thp-swap-fix-allocating-cluster-for-swapfile-by-mistake.patch " Andrew Morton
2020-08-19 20:14 ` + mm-mmap-rename-__vma_unlink_common-to-__vma_unlink.patch " Andrew Morton
2020-08-19 20:14 ` + mm-mmap-leverage-vma_rb_erase_ignore-to-implement-vma_rb_erase.patch " Andrew Morton
2020-08-19 20:19 ` + mm-slub-re-initialize-randomized-freelist-sequence-in-calculate_sizes.patch " Andrew Morton
2020-08-19 20:32 ` + mm-dump_page-rename-head_mapcount-head_compound_mapcount.patch " Andrew Morton
2020-08-19 20:35 ` + bitops-simplify-get_count_order_long.patch " Andrew Morton
2020-08-19 20:35 ` + bitops-use-the-same-mechanism-for-get_count_order.patch " Andrew Morton
2020-08-19 21:14 ` + panic-dump-registers-on-panic_on_warn.patch " Andrew Morton
2020-08-19 21:29 ` + mm-slub-re-initialize-randomized-freelist-sequence-in-calculate_sizes-fix.patch " Andrew Morton
2020-08-19 21:31 ` + checkpatch-add-test-for-comma-use-that-should-be-semicolon.patch " Andrew Morton
2020-08-19 21:43 ` + mm-memcontrol-use-flex_array_size-helper-in-memcpy.patch " Andrew Morton
2020-08-19 21:43 ` + mm-memcontrol-use-the-preferred-form-for-passing-the-size-of-a-structure-type.patch " Andrew Morton
2020-08-19 23:09 ` mmotm 2020-08-19-16-09 uploaded Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200815003153.u2a5W_kRT%akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=cai@lca.pw \
--cc=dan.j.williams@intel.com \
--cc=david@redhat.com \
--cc=elver@google.com \
--cc=ira.weiny@intel.com \
--cc=jack@suse.cz \
--cc=jhubbard@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mm-commits@vger.kernel.org \
--cc=paulmck@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.