Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2074045yba; Sun, 5 May 2019 22:04:24 -0700 (PDT) X-Google-Smtp-Source: APXvYqwtNBHW32/UXchoLdHzY9ya8zX9zuS5Jbam3WGaBhAspOWN74aG6AkSIqr1xab6wONA4N1e X-Received: by 2002:a17:902:8ecc:: with SMTP id x12mr30215821plo.0.1557119064613; Sun, 05 May 2019 22:04:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557119064; cv=none; d=google.com; s=arc-20160816; b=wEo9bzOM4JmSS1WU+muvAruj5SNzb+cM6gVaP+6M6JQ3LpwhCUOIUFn0ZtJQb27CYd Sc2sylgGyIQqcecY6J10Y9pJcuJKXqPeQigz5G2RsWeA8Z853N/r1gRLt9j51Ad33QTp Pzhwnd2B+bWQbdbGDXbGQ/NnGLLXxbPMd2dJmqHn2R7sfYipHsycEGfpKjErDbiJ8C3x 3hvSBCx5dHCx1fRk8mRqIlzvQ2fXvfe6LzQEnT2VheMebZcjiCKzAnAjvH4/8buRVy7V Xu1+9R5qb+Jw/JSOm5Qo820DnbKVnaNim2w+CCHMd4PDsPc8youkh3nCEuAc/vKk5c13 mR4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:date:from:dkim-signature; bh=0iwgFxx37HBfD23g1KI0JAhY1B0UoYTsAYZb53CyeGM=; b=ofFuQNwREwhysA9sz1AQ1N1bg1qPfrA/+vqokCShIQoD/9rHJKrXnoL7kHqdIu65HX +9F9SSCwz5R3OgsGV1DMwrTkm66y9sZ/bHhHC+r4TgPb5cTpw85kutETRIgsHR0n8WwS Bn9w6vht6i2zlWuWxD8DSyeNM994qT45ngjDzqc4KDh3pIbtiNYb6aGmmNgWDMxK8FlD oimjuk96YX60DO0iOHJLdbFGp1abzSPgIv5u8FqdFbtGAWhhMkXa69BpL8kAVIarJ1/L kiLZT5Tt52jAnAYoFL8LPG9GSgYkCg1JyzTshO917Or4/UhDO2AftxjCPc00+lqpXAts Xyqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=XOHzuPSu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u63si14293721pfu.88.2019.05.05.22.04.08; Sun, 05 May 2019 22:04:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=XOHzuPSu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725852AbfEFFDT (ORCPT + 99 others); Mon, 6 May 2019 01:03:19 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:52204 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725773AbfEFFDT (ORCPT ); Mon, 6 May 2019 01:03:19 -0400 Received: by mail-wm1-f66.google.com with SMTP id o189so3073224wmb.1; Sun, 05 May 2019 22:03:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:date:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=0iwgFxx37HBfD23g1KI0JAhY1B0UoYTsAYZb53CyeGM=; b=XOHzuPSuLJL/Z10dbyoEM7k+gBvAnZCCF6rys475o3DudxtZhkJs94DWcWh36Tx5Q2 6veOGvtrG/zfcjByqw9WJr9sF1L89x3/ner70GXftq3Xpx+eO4w5sz5Ep4lFeffoYuQW oz9xDZkMJyxn5G4h3srytj2jHzjlr5jgWbK4WRl5MmDANdruV3ipHTQ8IofQwb030C5D EBLLyRHp4eIZkMck4c/1gyfxR9bwUpbRbor8qXPOMtl3RFWQojQJ4ClZXzcZPLY2jgjW AyJgzRDb5TDXx/JFdJo3p6x5x3KmO+Im1SUL8xkkngPcUtFtYMGh5YwJbIeneqCfAz/f yK9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:date:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=0iwgFxx37HBfD23g1KI0JAhY1B0UoYTsAYZb53CyeGM=; b=DSIk4LQcH0RM8osBGxnlRuG7UY04uPHGqedhfRBvquA0KFJdINXoHHYg+bd9Z7pZDc UO/3+qIA54LJrAWwKH5CMTJxxSKrMcPptshCuXZqR94GUPY2+FLqHGKYyxAvKf8vFD3l cdYMYEnXG346HdnYYq6AqUh4xmxU/iAYGc2tIZQNpYfBm8MWETDAzCbaNzMJLoRgpCBf XAqBv2em+gS+4FcUzBvxuG1ibpAMi+fCUM3esbpEx6RCw3cMEPjzxjQsWz5BSRIrOLrk Q6pBK0lGHt/N96hvtS5HXMhHsQMiKfp757tre1RNTQNk4GclMF352xnCcll955BY5YkQ z9uA== X-Gm-Message-State: APjAAAUq9OSoDy8e/AF7g7s0qhgwU0i3PGoRnSMibVO5B4fpcHctDCW6 aqnRWiksY5cTs5UWldUFTQs= X-Received: by 2002:a1c:cf83:: with SMTP id f125mr14014904wmg.96.1557118996660; Sun, 05 May 2019 22:03:16 -0700 (PDT) Received: from felia ([2001:16b8:2d26:d900:408f:de1d:7b39:73c4]) by smtp.gmail.com with ESMTPSA id j13sm31019135wrd.88.2019.05.05.22.03.14 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 05 May 2019 22:03:15 -0700 (PDT) From: Lukas Bulwahn X-Google-Original-From: Lukas Bulwahn Date: Mon, 6 May 2019 07:03:00 +0200 (CEST) X-X-Sender: lukas@felia To: NeilBrown cc: Lukas Bulwahn , Shaohua Li , Arnd Bergmann , Himanshu Jha , clang-built-linux@googlegroups.com, linux-raid@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] md: properly lock and unlock in rdev_attr_store() In-Reply-To: <877ebd693t.fsf@notabene.neil.brown.name> Message-ID: References: <20190428104041.11262-1-lukas.bulwahn@gmail.com> <877ebd693t.fsf@notabene.neil.brown.name> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 29 Apr 2019, NeilBrown wrote: > On Sun, Apr 28 2019, Lukas Bulwahn wrote: > > > rdev_attr_store() should lock and unlock mddev->reconfig_mutex in a > > balanced way with mddev_lock() and mddev_unlock(). > > It does. > > > > > But when rdev->mddev is NULL, rdev_attr_store() would try to unlock > > without locking before. Resolve this locking issue.. > > This is incorrect. > > > > > This locking issue was detected with Clang Thread Safety Analyser: > > Either the Clang Thread Safety Analyser is broken, or you used it > incorrectly. > Please ignore this patch. Clang Thread Safety Analyser cannot handle the original code, but can handle my semantically equivalent code. I did not get that at first, and thought I fixed an issue, but I did not. Sorry for the noise. Lukas > > > > drivers/md/md.c:3393:3: warning: releasing mutex 'mddev->reconfig_mutex' that was not held [-Wthread-safety-analysis] > > mddev_unlock(mddev); > > ^ > > > > This warning was reported after annotating mutex functions and > > mddev_lock() and mddev_unlock(). > > > > Fixes: 27c529bb8e90 ("md: lock access to rdev attributes properly") > > Link: https://groups.google.com/d/topic/clang-built-linux/CvBiiQLB0H4/discussion > > Signed-off-by: Lukas Bulwahn > > --- > > Arnd, Neil, here a proposal to fix lock and unlocking asymmetry. > > > > I quite sure that if mddev is NULL, it should just return. > > If mddev is NULL, the code does return (with -EBUSY). All you've done > is change things so it returns from a different part of the code. You > haven't changed the behaviour at all. > > > > > I am still puzzled if the return value from mddev_lock() should be really > > return by rdev_attr_store() when it is not 0. But that was the behaviour > > before, so I will keep it that way. > > Certainly it should. mddev_lock() either returns 0 to indicate success > or -EINTR if it received a signal. > If it was interrupted by a signal, then rdev_attr_store() should return > -EINTR as well. > > As Arnd tried to explain, the only possible problem here is that the C > compiler is allowed to assume that rdev->mddev never changes value, so > in > rv = mddev ? mddev_lock(mddev) : =EBUSY > > it could load rdev->mddev, test if it is NULL, then load it again and > pass that value to mddev_lock() - the new value might be NULL which > would cause problems. > > This could be fixed by changing > > struct mddev *mddev = rdev->mddev; > to > struct mddev *mddev = READ_ONCE(rdev->mddev); > > That is the only change that might be useful here. > > NeilBrown > > > > > > drivers/md/md.c | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/md/md.c b/drivers/md/md.c > > index 05ffffb8b769..a9735d8f1e70 100644 > > --- a/drivers/md/md.c > > +++ b/drivers/md/md.c > > @@ -3384,7 +3384,9 @@ rdev_attr_store(struct kobject *kobj, struct attribute *attr, > > return -EIO; > > if (!capable(CAP_SYS_ADMIN)) > > return -EACCES; > > - rv = mddev ? mddev_lock(mddev): -EBUSY; > > + if (!mddev) > > + return -EBUSY; > > + rv = mddev_lock(mddev); > > if (!rv) { > > if (rdev->mddev == NULL) > > rv = -EBUSY; > > -- > > 2.17.1 >