lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 26 Feb 2020 08:49:30 -0500
From:   Qian Cai <cai@....pw>
To:     Matthew Wilcox <willy@...radead.org>
Cc:     akpm@...ux-foundation.org, elver@...gle.com, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] mm/vmscan: fix data races at kswapd_classzone_idx

On Tue, 2020-02-25 at 20:06 -0800, Matthew Wilcox wrote:
> On Tue, Feb 25, 2020 at 10:58:27PM -0500, Qian Cai wrote:
> > pgdat->kswapd_classzone_idx could be accessed concurrently in
> > wakeup_kswapd(). Plain writes and reads without any lock protection
> > result in data races. Fix them by adding a pair of READ|WRITE_ONCE() as
> > well as saving a branch (compilers might well optimize the original code
> > in an unintentional way anyway). While at it, also take care of
> > pgdat->kswapd_order and non-kswapd threads in allow_direct_reclaim().
> 
> I don't understand why the usages of kswapd_classzone_idx in kswapd() and
> kswapd_try_to_sleep() don't need changing too?  kswapd_classzone_idx()
> looks safe to me, but I'm prone to missing stupid things that compilers
> are allowed to do.

Right, I did capture the race this time. I'll post a v3.

[  924.803628][ T6299] BUG: KCSAN: data-race in kswapd / wakeup_kswapd 
[  924.809949][ T6299]  
[  924.812170][ T6299] write to 0xffff90973ffff2dc of 4 bytes by task 820 on cpu
6: 
[  924.819630][ T6299]  kswapd+0x27c/0x8d0 
[  924.823509][ T6299]  kthread+0x1e0/0x200 
[  924.827471][ T6299]  ret_from_fork+0x27/0x50 
[  924.831774][ T6299]  
[  924.833987][ T6299] read to 0xffff90973ffff2dc of 4 bytes by task 6299 on cpu
0: 
[  924.841442][ T6299]  wakeup_kswapd+0xf3/0x450 
[  924.845838][ T6299]  wake_all_kswapds+0x59/0xc0 
[  924.850409][ T6299]  __alloc_pages_slowpath+0xdcc/0x1290 
[  924.855769][ T6299]  __alloc_pages_nodemask+0x3bb/0x450 
[  924.861040][ T6299]  alloc_pages_vma+0x8a/0x2c0 
[  924.865612][ T6299]  do_anonymous_page+0x170/0x700 
[  924.870443][ T6299]  __handle_mm_fault+0xc9f/0xd00 
[  924.875276][ T6299]  handle_mm_fault+0xfc/0x2f0 
[  924.879849][ T6299]  do_page_fault+0x263/0x6f9 
[  924.884334][ T6299]  page_fault+0x34/0x40 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ