Re: [PATCH -next] mm/percpu: fix data-race with pcpu_nr_empty_pop_pages
From: Dennis Zhou <dennis@kernel.org>
Date: 2021-10-26 02:41:57
Also in:
lkml
Hello, On Mon, Oct 25, 2021 at 09:50:48AM +0200, Christoph Lameter wrote:
On Mon, 25 Oct 2021, Yuanzheng Song wrote:quoted
When reading the pcpu_nr_empty_pop_pages in pcpu_alloc() and writing the pcpu_nr_empty_pop_pages in pcpu_update_empty_pages() at the same time, the data-race occurs.Looks like a use case for the atomic RMV instructions.
Yeah. I see 2 options. Switch the variable over to an atomic or we can move the read behind pcpu_lock. All the writes are already behind it othewise that would actually be problematic. In this particular case, reading a wrong # of empty pages isn't a big deal as eventually the background work will get scheduled. Thanks, Dennis
quoted
To fix this issue, use READ_ONCE() and WRITE_ONCE() to read and write the pcpu_nr_empty_pop_pages.Never thought that READ_ONCE and WRITE_ONCE can fix races like this. Really?quoted
diff --git a/mm/percpu.c b/mm/percpu.c index 293009cc03ef..e8ef92e698ab 100644 --- a/mm/percpu.c +++ b/mm/percpu.c@@ -574,7 +574,9 @@ static void pcpu_isolate_chunk(struct pcpu_chunk *chunk) if (!chunk->isolated) { chunk->isolated = true; - pcpu_nr_empty_pop_pages -= chunk->nr_empty_pop_pages; + WRITE_ONCE(pcpu_nr_empty_pop_pages, + READ_ONCE(pcpu_nr_empty_pop_pages) - + chunk->nr_empty_pop_pages);atomic_sub()?quoted
} list_move(&chunk->list, &pcpu_chunk_lists[pcpu_to_depopulate_slot]); }@@ -585,7 +587,9 @@ static void pcpu_reintegrate_chunk(struct pcpu_chunk *chunk) if (chunk->isolated) { chunk->isolated = false; - pcpu_nr_empty_pop_pages += chunk->nr_empty_pop_pages; + WRITE_ONCE(pcpu_nr_empty_pop_pages, + READ_ONCE(pcpu_nr_empty_pop_pages) + + chunk->nr_empty_pop_pages);atomic_add()?