lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Mon, 26 Sep 2022 21:02:22 -0700 (PDT)
From:   Hugh Dickins <hughd@...gle.com>
To:     Hillf Danton <hdanton@...a.com>
cc:     Hugh Dickins <hughd@...gle.com>, Keith Busch <kbusch@...nel.org>,
        Jan Kara <jack@...e.cz>, Jens Axboe <axboe@...nel.dk>,
        Yu Kuai <yukuai1@...weicloud.com>,
        Liu Song <liusong@...ux.alibaba.com>,
        linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH next] sbitmap: fix lockup while swapping

On Sat, 24 Sep 2022, Hillf Danton wrote:
> 
> I think the lockup can be avoided by
> a) either advancing wake_index as early as I can [1],
> b) or doing wakeup in case of zero wait_cnt to kill all cases of waitqueue_active().
> 
> Only for thoughts now.

Thanks Hillf: I gave your __sbq_wake_up() patch below several tries,
and as far as I could tell, it works just as well as my one-liner.

But I don't think it's what we would want to do: doesn't it increment
wake_index on every call to __sbq_wake_up()? whereas I thought it was
intended to be incremented only after wake_batch calls (thinking in
terms of nr 1).

I'll not be surprised if your advance-wake_index-earlier idea ends
up as a part of the solution: but mainly I agree with Jan that the
whole code needs a serious redesign (or perhaps the whole design
needs a serious recode).  So I didn't give your version more thought.

Hugh

> 
> Hillf
> 
> [1] https://lore.kernel.org/lkml/afe5b403-4e37-80fd-643d-79e0876a7047@linux.alibaba.com/
> 
> +++ b/lib/sbitmap.c
> @@ -613,6 +613,16 @@ static bool __sbq_wake_up(struct sbitmap
>  	if (!ws)
>  		return false;
>  
> +	do {
> +		/* open code sbq_index_atomic_inc(&sbq->wake_index) to avoid race */
> +		int old = atomic_read(&sbq->wake_index);
> +		int new = sbq_index_inc(old);
> +
> +		/* try another ws if someone else takes care of this one */
> +		if (old != atomic_cmpxchg(&sbq->wake_index, old, new))
> +			return true;
> +	} while (0);
> +
>  	cur = atomic_read(&ws->wait_cnt);
>  	do {
>  		/*
> @@ -620,7 +630,7 @@ static bool __sbq_wake_up(struct sbitmap
>  		 * function again to wakeup a new batch on a different 'ws'.
>  		 */
>  		if (cur == 0)
> -			return true;
> +			goto out;
>  		sub = min(*nr, cur);
>  		wait_cnt = cur - sub;
>  	} while (!atomic_try_cmpxchg(&ws->wait_cnt, &cur, wait_cnt));
> @@ -634,6 +644,7 @@ static bool __sbq_wake_up(struct sbitmap
>  
>  	*nr -= sub;
>  
> +out:
>  	/*
>  	 * When wait_cnt == 0, we have to be particularly careful as we are
>  	 * responsible to reset wait_cnt regardless whether we've actually
> @@ -661,12 +672,6 @@ static bool __sbq_wake_up(struct sbitmap
>  	 */
>  	smp_mb__before_atomic();
>  
> -	/*
> -	 * Increase wake_index before updating wait_cnt, otherwise concurrent
> -	 * callers can see valid wait_cnt in old waitqueue, which can cause
> -	 * invalid wakeup on the old waitqueue.
> -	 */
> -	sbq_index_atomic_inc(&sbq->wake_index);
>  	atomic_set(&ws->wait_cnt, wake_batch);
>  
>  	return ret || *nr;

Powered by blists - more mailing lists