From: "Theodore Ts'o" <tytso@mit.edu>
To: Marco Elver <elver@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>, Jan Kara <jack@suse.cz>,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
syzbot <syzbot+30774a6acf6a2cf6d535@syzkaller.appspotmail.com>,
Jan Kara <jack@suse.com>,
linux-ext4@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>,
syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Subject: Re: [syzbot] KCSAN: data-race in start_this_handle / start_this_handle
Date: Thu, 11 Mar 2021 10:30:09 -0500 [thread overview]
Message-ID: <YEo3gYOU/VnmHCeV@mit.edu> (raw)
In-Reply-To: <YEoybjJpCQzNx15r@elver.google.com>
On Thu, Mar 11, 2021 at 04:08:30PM +0100, Marco Elver wrote:
> If the outcome of the check does not affect correctness and the code is
> entirely fault tolerant to the precise value being read, then a
> data_race(!journal->j_running_transaction) marking here would be fine.
So a very common coding pattern is to check a value w/o the lock, and
if it looks like we might need to check *with* a lock, we'll grab the
lock and recheck. Does KCSAN understand that this sort of thing is
safe automatically?
In thie particular case, it's a bit more complicated than that; we're
checking a value, and then allocating memory, grabbing the spin lock,
and then re-checking the value, so we don't have to drop the spinlock,
allocate the memory, grab the lock again, and then rechecking the
value. So even if KCSAN catches the simpler case as described above,
we still might need to explicitly mark the data_race explicitly.
But the more we could have the compiler automatically figure out
things without needing an explicit tag, it would seem to me that this
would be better, since manual tagging is going to be more error-prone.
Cheers,
- Ted
next prev parent reply other threads:[~2021-03-11 15:31 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-11 10:59 [syzbot] KCSAN: data-race in start_this_handle / start_this_handle syzbot
2021-03-11 14:25 ` Jan Kara
2021-03-11 14:53 ` Dmitry Vyukov
2021-03-11 15:08 ` Marco Elver
2021-03-11 15:30 ` Theodore Ts'o [this message]
2021-03-11 15:54 ` Marco Elver
2021-03-19 14:15 ` Tetsuo Handa
2021-03-19 17:23 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YEo3gYOU/VnmHCeV@mit.edu \
--to=tytso@mit.edu \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=jack@suse.com \
--cc=jack@suse.cz \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=syzbot+30774a6acf6a2cf6d535@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox