Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp6578165ybx; Mon, 11 Nov 2019 11:14:37 -0800 (PST) X-Google-Smtp-Source: APXvYqxrBscI4B2SgiGbTRo87CwR8h/uxl/v9nemytm2ibH9ovP/SabAeq+IeYH48bI7Txz0TdcI X-Received: by 2002:aa7:d40b:: with SMTP id z11mr28073187edq.142.1573499676968; Mon, 11 Nov 2019 11:14:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573499676; cv=none; d=google.com; s=arc-20160816; b=t9ODxPghQxfnji+fHI5MoepNed26eP8XVjWXLZM4Sob0eLCsQ+9WUl7crVRKiXyO8R BLx90Ecxeoug7hT3w1mRY/7kAc4XyT5tcvH9JYc6ldqicNH34g5SSlXiMgJIkNIm84f1 GXV+LrSz20fiwcNhHagZ1nFZ3U5NuhsYr+qAhPtsaSjCtSrs/2MMs0gRXfMGipmZHdq9 1AWJK9QNg/4t2TZ/mXfwKhrvJexxT5EC7Dqe7IhzrO20uTE/+6YCNt9tRNgp8at7YIHZ MY4PC02lnHcKi96atBdcomqhlkcM+slTiOH0/vfK3TffAmAL4S3rIBBn63xlsO5isnes sD0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=6/VuShNsnnLijV7FTC/n5bXISdKsCNAaXvgZUSZTI2M=; b=QwpAoiPVamJm6ud1FB0FhrxXvep8nVm/T82cCJy/OlQiHpGTCBNU/fgbQ9AQLaMDyi Xij/1SRxYTSnMu2UbqpU77YD4WzPTImV9U5miFx3iWdwjYeTwu1L7Rl4wNrATErhctzG 5MCM5K4+Ps4KUY5tUyPBdSBp71ElkhtJuH9APJ+3BetOZbpsWdz0/8v+UnsYorFGp/ii ZMNuzTsc2jjaA1wpnpXArJ2GLxw0m01ZgzDUbsweh5lxrSQNfzibpDdX9ok3gO7E/cxL ecfbYvovNh763CRVrCbR8bi50dV5IJwN+5Nw7KWggZ+g5NHZOI4ZcnKHIVhgkGUMB5qC qUag== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=LJD0mvfv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b2si9879152eja.89.2019.11.11.11.14.13; Mon, 11 Nov 2019 11:14:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=LJD0mvfv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727126AbfKKTN0 (ORCPT + 99 others); Mon, 11 Nov 2019 14:13:26 -0500 Received: from mail-io1-f67.google.com ([209.85.166.67]:45775 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726962AbfKKTN0 (ORCPT ); Mon, 11 Nov 2019 14:13:26 -0500 Received: by mail-io1-f67.google.com with SMTP id v17so14716519iol.12 for ; Mon, 11 Nov 2019 11:13:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6/VuShNsnnLijV7FTC/n5bXISdKsCNAaXvgZUSZTI2M=; b=LJD0mvfv2cmwh1rKoSNdTEkyl/8Q60pawfFcL1Kw3tYIjHphsWJZb2VHREb0zO65uc hZvetOs6fqaX3107UfQ4zOYB7AaO45SnC7PkhUH4Kz31DyCORaPOy/9C6foVMLwO3D4p 7nt8q35NszzZrsPBZ8zY+O1iykoiIXmVu6glWUVlsHKfTAhoBU+4nR8qgwsgvBK6FfcO LD+1TXFb6raocmGQk4b9Sh4KZObiELFVAoi4YgJ8I69l515pvcQGtQuRnIFnZlBpY8yP HBSP3doCHTYo2Vgd8uGO38qecy2wPBX/Z5xB5jfDRmFU9N290xmG7r5aVThn9dt8MaIY yHuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6/VuShNsnnLijV7FTC/n5bXISdKsCNAaXvgZUSZTI2M=; b=QN+MiVsx1bqQIPouDBvZsYqslh6pu/tdMzs6cx8UBeZ5DoCJgtMcXrUAk4QFs5wGix gNTmK/u8Kp3gjmMsHwPtES861EEG8Y5DA4OqnBNZiNZTDW0s+02rKOp7bRPbfho1m1Sq vVAOfxqtEapfiFIb881Y8S6LzAuL/45un9Bj/1bBr3BMEc1/h5KGxKOhjZ1kCNpXMXLb vFRms3s1JtXE4r8DOOoSDZt0aToRdiIkCUEA8MvyQoQtcdRtxjLfM7aMLTWzRMlpVulP 9H5BOcgLIkik4ylM18IVkJLK70TZrsLVIiSl2O+x2e7wvZCsUfesq2xphL+DrfHdTM0L XRkw== X-Gm-Message-State: APjAAAU1HjkW8/yFXxyHqD35TW1lDNKHJbjj1Gh5ipmGqMCUcVt/9wBc LRrA0Plism/R1nn1FKyDCzxCYD+MwfZlUurqUutJgg== X-Received: by 2002:a05:6638:a27:: with SMTP id 7mr25838960jao.114.1573499604758; Mon, 11 Nov 2019 11:13:24 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Eric Dumazet Date: Mon, 11 Nov 2019 11:13:13 -0800 Message-ID: Subject: Re: KCSAN: data-race in __alloc_file / __alloc_file To: Linus Torvalds Cc: Alan Stern , Marco Elver , Eric Dumazet , syzbot , linux-fsdevel , Linux Kernel Mailing List , syzkaller-bugs , Al Viro , Andrea Parri , "Paul E. McKenney" , LKMM Maintainers -- Akira Yokosawa Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 11, 2019 at 11:01 AM Linus Torvalds wrote: > > On Mon, Nov 11, 2019 at 10:44 AM Eric Dumazet wrote: > > > > An interesting case is the race in ksys_write() > > Not really. > > > if (ppos) { > > pos = *ppos; // data-race > > That code uses "fdget_pos(). > > Which does mutual exclusion _if_ the file is something we care about > pos for, and if it has more than one process using it. > > Basically the rule there is that we don't care about the data race in > certain circumstances. We don't care about non-regular files, for > example, because those are what POSIX gives guarantees for. > > (We have since moved towards FMODE_STREAM handling instead of the > older FMODE_ATOMIC_POS which does this better, and it's possible we > should get rid of the FMODE_ATOMIC_POS behavior in favor of > FMODE_STREAM entirely) > > Again, that's pretty hard to tell something like KCSAN. Well, this is hard to explain to humans... Probably less than 10 on this planet could tell that. What about this other one, it looks like multiple threads can manipulate tsk->min_flt++; at the same time in faultin_page() Should we not care, or should we mirror min_flt with a second atomic_long_t, or simply convert min_flt to atomic_long_t ? BUG: KCSAN: data-race in __get_user_pages / __get_user_pages read to 0xffff8880b0b8f650 of 8 bytes by task 11553 on cpu 1: faultin_page mm/gup.c:653 [inline] __get_user_pages+0x78f/0x1160 mm/gup.c:845 __get_user_pages_locked mm/gup.c:1023 [inline] get_user_pages_remote+0x206/0x3e0 mm/gup.c:1163 process_vm_rw_single_vec mm/process_vm_access.c:109 [inline] process_vm_rw_core.isra.0+0x3a4/0x8c0 mm/process_vm_access.c:216 process_vm_rw+0x1c4/0x1e0 mm/process_vm_access.c:284 __do_sys_process_vm_writev mm/process_vm_access.c:306 [inline] __se_sys_process_vm_writev mm/process_vm_access.c:301 [inline] __x64_sys_process_vm_writev+0x8b/0xb0 mm/process_vm_access.c:301 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x44/0xa9 write to 0xffff8880b0b8f650 of 8 bytes by task 11531 on cpu 0: faultin_page mm/gup.c:653 [inline] __get_user_pages+0x7b1/0x1160 mm/gup.c:845 __get_user_pages_locked mm/gup.c:1023 [inline] get_user_pages_remote+0x206/0x3e0 mm/gup.c:1163 process_vm_rw_single_vec mm/process_vm_access.c:109 [inline] process_vm_rw_core.isra.0+0x3a4/0x8c0 mm/process_vm_access.c:216 process_vm_rw+0x1c4/0x1e0 mm/process_vm_access.c:284 __do_sys_process_vm_writev mm/process_vm_access.c:306 [inline] __se_sys_process_vm_writev mm/process_vm_access.c:301 [inline] __x64_sys_process_vm_writev+0x8b/0xb0 mm/process_vm_access.c:301 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 11531 Comm: syz-executor.4 Not tainted 5.4.0-rc6+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011