From: Waiman Long <llong@redhat.com>
To: "A. Sverdlin" <alexander.sverdlin@siemens.com>,
Marco Elver <elver@google.com>,
linux-kernel@vger.kernel.org
Cc: Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@redhat.com>, Will Deacon <will@kernel.org>,
Boqun Feng <boqun.feng@gmail.com>,
"Paul E . McKenney" <paulmck@kernel.org>,
Adrian Freihofer <adrian.freihofer@siemens.com>
Subject: Re: [PATCH] locking/spinlock/debug: Fix data-race in do_raw_write_lock
Date: Thu, 5 Dec 2024 12:18:40 -0500 [thread overview]
Message-ID: <2486c017-dfe0-45ee-bd44-e05acdec4f3f@redhat.com> (raw)
In-Reply-To: <20241205170143.4105094-1-alexander.sverdlin@siemens.com>
On 12/5/24 12:01 PM, A. Sverdlin wrote:
> From: Alexander Sverdlin <alexander.sverdlin@siemens.com>
>
> KCSAN reports:
>
> BUG: KCSAN: data-race in do_raw_write_lock / do_raw_write_lock
>
> write (marked) to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1:
> do_raw_write_lock+0x120/0x204
> _raw_write_lock_irq
> do_exit
> call_usermodehelper_exec_async
> ret_from_fork
>
> read to 0xffff800009cf504c of 4 bytes by task 1103 on cpu 0:
> do_raw_write_lock+0x88/0x204
> _raw_write_lock_irq
> do_exit
> call_usermodehelper_exec_async
> ret_from_fork
>
> value changed: 0xffffffff -> 0x00000001
>
> Reported by Kernel Concurrency Sanitizer on:
> CPU: 0 PID: 1103 Comm: kworker/u4:1 6.1.111
>
> Commit 1a365e822372 ("locking/spinlock/debug: Fix various data races") has
> adressed most of these races, but seems to be not consistent/not complete.
>
> From do_raw_write_lock() only debug_write_lock_after() part has been
> converted to WRITE_ONCE(), but not debug_write_lock_before() part.
> Do it now.
>
> Fixes: 1a365e822372 ("locking/spinlock/debug: Fix various data races")
> Reported-by: Adrian Freihofer <adrian.freihofer@siemens.com>
> Signed-off-by: Alexander Sverdlin <alexander.sverdlin@siemens.com>
> ---
> There are still some inconsistencies remaining IMO:
> - lock->magic is sometimes accessed with READ_ONCE() even though it's only
> being plain-written;
> - debug_spin_unlock() and debug_write_unlock() both do WRITE_ONCE() on
> lock->owner and lock->owner_cpu, but examine them with plain read accesses.
>
> kernel/locking/spinlock_debug.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/locking/spinlock_debug.c b/kernel/locking/spinlock_debug.c
> index 87b03d2e41dbb..2338b3adfb55f 100644
> --- a/kernel/locking/spinlock_debug.c
> +++ b/kernel/locking/spinlock_debug.c
> @@ -184,8 +184,8 @@ void do_raw_read_unlock(rwlock_t *lock)
> static inline void debug_write_lock_before(rwlock_t *lock)
> {
> RWLOCK_BUG_ON(lock->magic != RWLOCK_MAGIC, lock, "bad magic");
> - RWLOCK_BUG_ON(lock->owner == current, lock, "recursion");
> - RWLOCK_BUG_ON(lock->owner_cpu == raw_smp_processor_id(),
> + RWLOCK_BUG_ON(READ_ONCE(lock->owner) == current, lock, "recursion");
> + RWLOCK_BUG_ON(READ_ONCE(lock->owner_cpu) == raw_smp_processor_id(),
> lock, "cpu recursion");
> }
>
LGTM
Acked-by: Waiman Long <longman@redhat.com>
prev parent reply other threads:[~2024-12-05 17:18 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-05 17:01 [PATCH] locking/spinlock/debug: Fix data-race in do_raw_write_lock A. Sverdlin
2024-12-05 17:18 ` Waiman Long [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2486c017-dfe0-45ee-bd44-e05acdec4f3f@redhat.com \
--to=llong@redhat.com \
--cc=adrian.freihofer@siemens.com \
--cc=alexander.sverdlin@siemens.com \
--cc=boqun.feng@gmail.com \
--cc=elver@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.