On Mon, 25 Oct 2021, Yuanzheng Song wrote:
> When reading the pcpu_nr_empty_pop_pages in pcpu_alloc()
> and writing the pcpu_nr_empty_pop_pages in
> pcpu_update_empty_pages() at the same time,
> the data-race occurs.
Looks like a use case for the atomic RMV instructions.
> To fix this issue, use READ_ONCE() and WRITE_ONCE() to
> read and write the pcpu_nr_empty_pop_pages.
Never thought that READ_ONCE and WRITE_ONCE can fix races like
this. Really?
> diff --git a/mm/percpu.c b/mm/percpu.c
> index 293009cc03ef..e8ef92e698ab 100644
> --- a/mm/percpu.c
> +++ b/mm/percpu.c
> @@ -574,7 +574,9 @@ static void pcpu_isolate_chunk(struct pcpu_chunk *chunk)
>
> if (!chunk->isolated) {
> chunk->isolated = true;
> - pcpu_nr_empty_pop_pages -= chunk->nr_empty_pop_pages;
> + WRITE_ONCE(pcpu_nr_empty_pop_pages,
> + READ_ONCE(pcpu_nr_empty_pop_pages) -
> + chunk->nr_empty_pop_pages);
atomic_sub()?
> }
> list_move(&chunk->list, &pcpu_chunk_lists[pcpu_to_depopulate_slot]);
> }
> @@ -585,7 +587,9 @@ static void pcpu_reintegrate_chunk(struct pcpu_chunk *chunk)
>
> if (chunk->isolated) {
> chunk->isolated = false;
> - pcpu_nr_empty_pop_pages += chunk->nr_empty_pop_pages;
> + WRITE_ONCE(pcpu_nr_empty_pop_pages,
> + READ_ONCE(pcpu_nr_empty_pop_pages) +
> + chunk->nr_empty_pop_pages);
atomic_add()?
