From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.9 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 20192C35242 for ; Tue, 11 Feb 2020 03:55:49 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id D3A5D20714 for ; Tue, 11 Feb 2020 03:55:48 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lca.pw header.i=@lca.pw header.b="VO6oLe3N" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D3A5D20714 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=lca.pw Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 6E2206B0278; Mon, 10 Feb 2020 22:55:48 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 692BF6B0279; Mon, 10 Feb 2020 22:55:48 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 581206B027A; Mon, 10 Feb 2020 22:55:48 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0189.hostedemail.com [216.40.44.189]) by kanga.kvack.org (Postfix) with ESMTP id 40C4E6B0278 for ; Mon, 10 Feb 2020 22:55:48 -0500 (EST) Received: from smtpin11.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id DADF7180AD802 for ; Tue, 11 Feb 2020 03:55:47 +0000 (UTC) X-FDA: 76476482334.11.beam26_32942b7bfe741 X-HE-Tag: beam26_32942b7bfe741 X-Filterd-Recvd-Size: 5626 Received: from mail-qk1-f196.google.com (mail-qk1-f196.google.com [209.85.222.196]) by imf44.hostedemail.com (Postfix) with ESMTP for ; Tue, 11 Feb 2020 03:55:47 +0000 (UTC) Received: by mail-qk1-f196.google.com with SMTP id p7so3910889qkh.10 for ; Mon, 10 Feb 2020 19:55:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lca.pw; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=6HJ00E5SaMJNd5jovvaBQPAR0zDWE5jfRsYbSlTxML4=; b=VO6oLe3NkOb/LbLNPK1KR16jo0KlzLn1LJ5uVe4IuhOO3oxJFJZsm+spOrlR3bt+oa hZn7blI23Icaz1LM4HTjXmprpS/J5mXdVnrn/l0ii0a6oJ///z8lMLQrnA+pWoD9LtI/ mKgCRwf/JaMT6Ai4t3nQfYdPKkp5kds36lrdwOlFWgRIIQpGXiLLaDQiiEhLvf4GMb/P cNTiigB2wP4MmELLeMhWBgVFKpR0oCP91rrINsHY73xYwSVOywyPV/KxgLxnbGZwAJL1 LTPnTB5shlCi6HqgPrVMYNWtt4sD4mnDy+fINpwKZL6hp/1/f7Op+5tdAwHuD0Q8kZjK 2nvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=6HJ00E5SaMJNd5jovvaBQPAR0zDWE5jfRsYbSlTxML4=; b=mApaqAhu3ziw/gQVZ4YXLgR8a6i37VuJ4BV3QCgFbxIO5eIC6wavXfI2atU+lCoH75 evUalqjdVQnDFBfvwpMO05ZwRSavWEtlgfepoLGYlutkT8pWSYA+238vU8PNYquJyfMm 7N9GNFgtPNqYUevXLkbN+tkyTytLWapdUP1qmOWYBEuXUa+aJo6nuIM5OioIoovsSJ1h ffvs4panAD3AGgCDK7evK2twxZbUzqZ9Vj0e5czq3Q+AOEEdM/HTYtpQIkIiKsSp6Fzp iY2sPk7QL5i1K+8FFC3Kncxm/q/kgyq65KdSlRvgitC+Q1z0IvGReyHX20j1dOxibMs2 o99w== X-Gm-Message-State: APjAAAWnYHw1meimKxDkF0Dw0PsOzZw5lf/VqCiUS8kiZR5nyPkEGLtC TQ1sdjSOIUKj7YPUykQ0GbEI+A== X-Google-Smtp-Source: APXvYqx8bxSLg1xrPhfvR/4ejVl1qRQWHN8fmi2yNwQgrBpbmQV+hAjmIguunvgGgizIY+zk/9M0og== X-Received: by 2002:a05:620a:108f:: with SMTP id g15mr1028131qkk.321.1581393346926; Mon, 10 Feb 2020 19:55:46 -0800 (PST) Received: from [192.168.1.153] (pool-71-184-117-43.bstnma.fios.verizon.net. [71.184.117.43]) by smtp.gmail.com with ESMTPSA id f59sm1355949qtb.75.2020.02.10.19.55.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 10 Feb 2020 19:55:46 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\)) Subject: Re: [PATCH v2] mm/filemap: fix a data race in filemap_fault() From: Qian Cai In-Reply-To: <20200211034900.GQ8731@bombadil.infradead.org> Date: Mon, 10 Feb 2020 22:55:45 -0500 Cc: Andrew Morton , Marco Elver , Linux Memory Management List , linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Content-Transfer-Encoding: quoted-printable Message-Id: <2EFC8936-4569-418F-82EC-6F7868BEEAE2@lca.pw> References: <20200211030134.1847-1-cai@lca.pw> <20200211034900.GQ8731@bombadil.infradead.org> To: Matthew Wilcox X-Mailer: Apple Mail (2.3608.60.0.2.5) X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: > On Feb 10, 2020, at 10:49 PM, Matthew Wilcox = wrote: >=20 > On Mon, Feb 10, 2020 at 10:01:34PM -0500, Qian Cai wrote: >> struct file_ra_state ra.mmap_miss could be accessed concurrently = during >> page faults as noticed by KCSAN, >>=20 >> BUG: KCSAN: data-race in filemap_fault / filemap_map_pages >>=20 >> write to 0xffff9b1700a2c1b4 of 4 bytes by task 3292 on cpu 30: >> filemap_fault+0x920/0xfc0 >> do_sync_mmap_readahead at mm/filemap.c:2384 >> (inlined by) filemap_fault at mm/filemap.c:2486 >> __xfs_filemap_fault+0x112/0x3e0 [xfs] >> xfs_filemap_fault+0x74/0x90 [xfs] >> __do_fault+0x9e/0x220 >> do_fault+0x4a0/0x920 >> __handle_mm_fault+0xc69/0xd00 >> handle_mm_fault+0xfc/0x2f0 >> do_page_fault+0x263/0x6f9 >> page_fault+0x34/0x40 >>=20 >> read to 0xffff9b1700a2c1b4 of 4 bytes by task 3313 on cpu 32: >> filemap_map_pages+0xc2e/0xd80 >> filemap_map_pages at mm/filemap.c:2625 >> do_fault+0x3da/0x920 >> __handle_mm_fault+0xc69/0xd00 >> handle_mm_fault+0xfc/0x2f0 >> do_page_fault+0x263/0x6f9 >> page_fault+0x34/0x40 >>=20 >> Reported by Kernel Concurrency Sanitizer on: >> CPU: 32 PID: 3313 Comm: systemd-udevd Tainted: G W L = 5.5.0-next-20200210+ #1 >> Hardware name: HPE ProLiant DL385 Gen10/ProLiant DL385 Gen10, BIOS = A40 07/10/2019 >>=20 >> ra.mmap_miss is used to contribute the readahead decisions, a data = race >> could be undesirable. Both the read and write is only under >> non-exclusive mmap_sem, two concurrent writers could even overflow = the >> counter. Fixing the underflow by writing to a local variable before >> committing a final store to ra.mmap_miss given a small inaccuracy of = the >> counter should be acceptable. >>=20 >> Suggested-by: Kirill A. Shutemov >> Signed-off-by: Qian Cai >=20 > That's more than Suggested-by. The correct way to submit this patch = is: >=20 > From: Kirill A. Shutemov > (at the top of the patch, so it gets credited to Kirill) Sure, if Kirill is going to provide his Signed-off-by in the first = place, I=E2=80=99ll be happy to submit it on his behalf. >=20 > then in this section: >=20 > Signed-off-by: Kirill A. Shutemov > Tested-by: Qian Cai >=20 > And now you can add: >=20 > Reviewed-by: Matthew Wilcox (Oracle)