Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp5029448ybl; Wed, 22 Jan 2020 09:01:01 -0800 (PST) X-Google-Smtp-Source: APXvYqzsd62/hxz8Q/e3vk/XWZxvDd6w3brzWzCzSXuz0ayG2Trvd0CdobJvUEcMvEupOztcQYTj X-Received: by 2002:a05:6830:2111:: with SMTP id i17mr7737433otc.24.1579712461652; Wed, 22 Jan 2020 09:01:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579712461; cv=none; d=google.com; s=arc-20160816; b=plog4UDzsGT7T3IJuo53B5SDyt4301ImHRvkH/pwDW7R0+3gBBr99PZNbr2laY2Dgt sPXeMoqgMJYdmaLuqmo4npUxo95pGKs2jOtRlbxF/S/U7o7RF8lJtvGqzm2/cQ8A/hkb hcQQEAZSp3G/wTxvrcy4xKTFUDaj/mZ+Zqj1/o86FJ/94Rz+nJtIxeS2JBfe/u9aCrKR VLz0zvKLw0mmCok263tkOfebNsPBLv3tgeg6g/nsdLEYWKHKxc6zk7fEllXflqBEIRez BiqO7fGZEFT+ADnUCMo1tERlmjj8vMaQ1RNj3DFWxt0Q5X6jP4qFWbmInFiwYzJtcTOd P4fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=VWPU0aHlHE7QBLgTtf7CXDOAcCFiNJkUodg4S2OpoJg=; b=Lp5Sp/mUUsUty3iXrgXlyRvdgK0Up4tPU/Jia0x4TdCrvpOKSNFB1/czrTmxpcCISR M+vZEz9xhncVQt8NtWUwret0L/tRFMMz1IuBIGnu9CWh7HxVfAk88VtXtNHiYT4RFsBz Zp7Etgdedd19SvakbjzZ9DwR4cMHyUKW+TBFhvoBTso7qJm62QP7dSmr8SPFvgJ0Lv8q 1X3R5Td6IYMEs8ww93fpwm6peffGBPmduC8vo+Te07DqQpiE+FXY1O5lqlOeRqJzF18/ syEfSX0YM0XAniXkUyuh0LEdH3+Mfq3GUuOJP35hoQpASWdchUQpoLA43Hv6c/DAg+8P Y6Zg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="NCzGgx/3"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c19si24102499otn.7.2020.01.22.09.00.47; Wed, 22 Jan 2020 09:01:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="NCzGgx/3"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729012AbgAVQ7o (ORCPT + 99 others); Wed, 22 Jan 2020 11:59:44 -0500 Received: from mail.kernel.org ([198.145.29.99]:42396 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725883AbgAVQ7o (ORCPT ); Wed, 22 Jan 2020 11:59:44 -0500 Received: from willie-the-truck (236.31.169.217.in-addr.arpa [217.169.31.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D12FE21569; Wed, 22 Jan 2020 16:59:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1579712383; bh=axCIRA2Fp40xz/PdCBrqisOsaXQORO761mDIdm/EdF0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=NCzGgx/3vnrSJJuVUl7qDvT6q3vrPzmFP2jhpCD5p16G6vIJ0G1RmelNZl8L+ChQq YvNxtFTXPdfCfTyvyDIze5uxkYkOyVaBo4tu0bKT1bgCQqxJrYm29QJ8YhQvXTt0Di 14RsZw9x+SkRtVfLQ1Bfmwe18/9oZKd5Dj9LB1go= Date: Wed, 22 Jan 2020 16:59:39 +0000 From: Will Deacon To: Qian Cai Cc: mingo@redhat.com, peterz@infradead.org, elver@google.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH] locking/osq_lock: fix a data race in osq_wait_next Message-ID: <20200122165938.GA16974@willie-the-truck> References: <20200122163857.4605-1-cai@lca.pw> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200122163857.4605-1-cai@lca.pw> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 22, 2020 at 11:38:57AM -0500, Qian Cai wrote: > KCSAN complains, > > write (marked) to 0xffff941ca3b3be00 of 8 bytes by task 670 on cpu 6: > osq_lock+0x24c/0x340 > __mutex_lock+0x277/0xd20 > mutex_lock_nested+0x31/0x40 > memcg_create_kmem_cache+0x2e/0x190 > memcg_kmem_cache_create_func+0x40/0x80 > process_one_work+0x54c/0xbe0 > worker_thread+0x80/0x650 > kthread+0x1e0/0x200 > ret_from_fork+0x27/0x50 > > read to 0xffff941ca3b3be00 of 8 bytes by task 703 on cpu 44: > osq_lock+0x18e/0x340 > __mutex_lock+0x277/0xd20 > mutex_lock_nested+0x31/0x40 > memcg_create_kmem_cache+0x2e/0x190 > memcg_kmem_cache_create_func+0x40/0x80 > process_one_work+0x54c/0xbe0 > worker_thread+0x80/0x650 > kthread+0x1e0/0x200 > ret_from_fork+0x27/0x50 > > which points to those lines in osq_wait_next(), > > next = xchg(&node->next, NULL); > if (next) > break; > > Since only the read is outside of critical sections, fixed it by adding > a READ_ONCE(). > > Signed-off-by: Qian Cai > --- > kernel/locking/osq_lock.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/locking/osq_lock.c b/kernel/locking/osq_lock.c > index 6ef600aa0f47..8f565165019a 100644 > --- a/kernel/locking/osq_lock.c > +++ b/kernel/locking/osq_lock.c > @@ -77,7 +77,7 @@ osq_wait_next(struct optimistic_spin_queue *lock, > */ > if (node->next) { > next = xchg(&node->next, NULL); > - if (next) > + if (READ_ONCE(next)) > break; > } I don't understand this; 'next' is a local variable. Not keen on the onslaught of random "add a READ_ONCE() to shut the sanitiser up" patches we're going to get from kcsan :( Will