From patchwork Thu Jan 30 02:51:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qian Cai X-Patchwork-Id: 11357347 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A73EA1395 for ; Thu, 30 Jan 2020 02:52:36 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 65A0E2082E for ; Thu, 30 Jan 2020 02:52:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=lca.pw header.i=@lca.pw header.b="tEF/LwJu" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 65A0E2082E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=lca.pw Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 979E86B02D5; Wed, 29 Jan 2020 21:52:35 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 929616B02D6; Wed, 29 Jan 2020 21:52:35 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 840986B02D7; Wed, 29 Jan 2020 21:52:35 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0154.hostedemail.com [216.40.44.154]) by kanga.kvack.org (Postfix) with ESMTP id 6EF3B6B02D5 for ; Wed, 29 Jan 2020 21:52:35 -0500 (EST) Received: from smtpin12.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 2CB3B1269 for ; Thu, 30 Jan 2020 02:52:35 +0000 (UTC) X-FDA: 76432777470.12.uncle58_6dd7d519efb29 X-Spam-Summary: 2,0,0,9db331fafb1d05ac,d41d8cd98f00b204,cai@lca.pw,:akpm@linux-foundation.org:dennis@kernel.org:tj@kernel.org:cl@linux.com:elver@google.com::linux-kernel@vger.kernel.org:cai@lca.pw,RULES_HIT:41:355:379:541:800:960:973:988:989:1260:1311:1314:1345:1437:1515:1534:1541:1711:1730:1747:1777:1792:2194:2199:2393:2559:2562:2918:3138:3139:3140:3141:3142:3352:3865:3866:3867:3871:3872:5007:6261:6653:7903:10004:11026:11232:11473:11658:11914:12043:12296:12297:12438:12517:12519:12555:12895:13069:13311:13357:13894:14018:14096:14104:14181:14384:14394:14721:21080:21444:21627:30054:30065,0,RBL:209.85.160.196:@lca.pw:.lbl8.mailshell.net-62.14.0.100 66.201.201.201,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:fp,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:56,LUA_SUMMARY:none X-HE-Tag: uncle58_6dd7d519efb29 X-Filterd-Recvd-Size: 4512 Received: from mail-qt1-f196.google.com (mail-qt1-f196.google.com [209.85.160.196]) by imf10.hostedemail.com (Postfix) with ESMTP for ; Thu, 30 Jan 2020 02:52:34 +0000 (UTC) Received: by mail-qt1-f196.google.com with SMTP id w47so1311014qtk.4 for ; Wed, 29 Jan 2020 18:52:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lca.pw; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Fp57d/JKXnMqmgYr0vSN02/fASnL3H+Ky3w8XxIPCaQ=; b=tEF/LwJupjgrD1yNKXCBInP8hYvl4p97L94ordXjGDRZuOVgeE/D4dWe5fbmDNYh2g BZTrzdydRdLD8pxIIaJibbW5Dl9HOVxuhoxUW2kCrKhSHcsd02TihcbxgGlj0uqOgrDs TNcbpbgK7KkW2tx3cl27fKI2C/Ev9lRcCBrU//n7jBRNLA6wTuilcwmjv0ECSI0yzcrs h389G7FOw1Zflpj9DDy19GWqHvwUhVHZbaox/6QvbDnLQcgtHVPYZo5Y0zJtZJ2Djh4E Fz2mR361rRrrgv4XKJjcsh1SWC+2/YLj0VAsZlLVZd5yjwtHb4JNEzIK10UAcoWX5HN+ +0iQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Fp57d/JKXnMqmgYr0vSN02/fASnL3H+Ky3w8XxIPCaQ=; b=lwy3RLEmvwQhDW2NC0M1Lo5dxEOphkAZJ89C+7IapbqFqvwXIzPQNapXwFP6NZ3i/O OCbFiCAGhEBfh7bJ0bMbB0blRI3Awkdyy0ljIYOCZruh0JTsshY1AjxK5stnjR7M93F0 ASzMKY76H45PJ5hNvs/ZVzHPLxx8H5JfKBAz5PvNWDCnFBlvgT0Q6UgDuuQLXxbnM9Cm PFHAwYOTjT3MXypd/q+Fedis+HJxROoaOgV9pUsv7bMTh5E1vKFbY8ieQrLyc+T9XD/r IZE4nG9w+ma5i8YvfnOvkaLAzTMfIOToSZs/DRrNfwOmdI73CJhsl3iKQhjs1kmDqkNX TIrA== X-Gm-Message-State: APjAAAU/9m3K5Wqz4qEs27nJe2kv1GE8TKgBdeJeTW/MNsIPJ4FpLoyB TJn0G/VGM67q7FdBY7hMtOH9nw== X-Google-Smtp-Source: APXvYqzmKdvh/9iYNgzjribGqy9CKBLO1mlwsETVrJbdJw981kmV06pWEvMMhXBCwLNp1ktxwY94RA== X-Received: by 2002:ac8:1c1d:: with SMTP id a29mr2612883qtk.183.1580352754005; Wed, 29 Jan 2020 18:52:34 -0800 (PST) Received: from ovpn-120-127.rdu2.redhat.com (pool-71-184-117-43.bstnma.fios.verizon.net. [71.184.117.43]) by smtp.gmail.com with ESMTPSA id 65sm2232926qtf.95.2020.01.29.18.52.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 29 Jan 2020 18:52:33 -0800 (PST) From: Qian Cai To: akpm@linux-foundation.org Cc: dennis@kernel.org, tj@kernel.org, cl@linux.com, elver@google.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Qian Cai Subject: [PATCH] mm/util: fix a data race in __vm_enough_memory() Date: Wed, 29 Jan 2020 21:51:33 -0500 Message-Id: <20200130025133.5232-1-cai@lca.pw> X-Mailer: git-send-email 2.21.0 (Apple Git-122.2) MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.001251, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: "vm_committed_as.count" could be accessed concurrently as reported by KCSAN, read to 0xffffffff923164f8 of 8 bytes by task 1268 on cpu 38: __vm_enough_memory+0x43/0x280 mm/util.c:801 mmap_region+0x1b2/0xb90 mm/mmap.c:1726 do_mmap+0x45c/0x700 vm_mmap_pgoff+0xc0/0x130 vm_mmap+0x71/0x90 elf_map+0xa1/0x1b0 load_elf_binary+0x9de/0x2180 search_binary_handler+0xd8/0x2b0 __do_execve_file+0xb61/0x1080 __x64_sys_execve+0x5f/0x70 do_syscall_64+0x91/0xb47 entry_SYSCALL_64_after_hwframe+0x49/0xbe write to 0xffffffff923164f8 of 8 bytes by task 1265 on cpu 41: percpu_counter_add_batch+0x83/0xd0 lib/percpu_counter.c:91 exit_mmap+0x178/0x220 include/linux/mman.h:68 mmput+0x10e/0x270 flush_old_exec+0x572/0xfe0 load_elf_binary+0x467/0x2180 search_binary_handler+0xd8/0x2b0 __do_execve_file+0xb61/0x1080 __x64_sys_execve+0x5f/0x70 do_syscall_64+0x91/0xb47 entry_SYSCALL_64_after_hwframe+0x49/0xbe Since only the read is operating as lockless, fix it by using READ_ONLY() for it to avoid any possible false warning due to load tearing. Signed-off-by: Qian Cai --- mm/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/util.c b/mm/util.c index 988d11e6c17c..58cd8f28651c 100644 --- a/mm/util.c +++ b/mm/util.c @@ -798,7 +798,7 @@ int __vm_enough_memory(struct mm_struct *mm, long pages, int cap_sys_admin) { long allowed; - VM_WARN_ONCE(percpu_counter_read(&vm_committed_as) < + VM_WARN_ONCE(READ_ONCE(vm_committed_as.count) < -(s64)vm_committed_as_batch * num_online_cpus(), "memory commitment underflow");