Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp4996260rwr; Sun, 23 Apr 2023 18:45:16 -0700 (PDT) X-Google-Smtp-Source: AKy350Zj6KZZ8zZ/4F+46eDipMjUdM1cBPBniXPC8E8GWeL6323QaRCFafRgIN02GQ26qRZ3dqNR X-Received: by 2002:a05:6a21:3382:b0:ee:a720:c707 with SMTP id yy2-20020a056a21338200b000eea720c707mr17094062pzb.18.1682300716371; Sun, 23 Apr 2023 18:45:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682300716; cv=none; d=google.com; s=arc-20160816; b=VVw7aJ+KwAIKs1VZ51vTaaeTNKDfGMKn9A5N+chgPl0qQ8nykQpd0vR/ayCitc1PzJ jb1w0It5y5Q9jgg38bZTvyxrpb0sxd029t8dHxaYIrxcq0jhS/jtqv8PeHCq+ia2/iE6 e2e2xjRacqShxiW0IDHjpnNr5R+feMsgnb4FQpFe/tmOokhGOwIuDkNQTa/5B5wDpYnt 4kBiItpuaui0cmCDMplZhXfjWpOlkHFwTwKuuH1Iy5Lk6Od82tJ3RtHfIu18KVhIR0ak k8Wse3pChiEHNrYe9giw70XlS+uMELYM7WtHiih+2vwm80NvH2e+NTpUQTI0Rz1w9UFA /bow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=KnTrtTm+OMCxuJ2cui1HShdRgBlCVQjiqFOyYRdpUv4=; b=yLbz48JrUFZKsvFk6Dfm7FI4cptdDq42/uMgU1DuoqU7snE83wYUwasiZOtrxFH9w2 hoTZzbA9hhgJyzs80gQo+fdRp0c/SGFTgcLH+ddNYETsWORsYJhWMYYtrHNMN+i/lgI+ E0wzNAN3FzfucwTfSWXctFXbYz0rze4bg9qITWZSEsCdPcv870PBXccbZn2o9/2rT7Wl GEhbJa+jDmziOG91Xi0cTvL8axfJAFn0IPRC/YPf351hn3f+b1HOdWSr8qNqKfNwfvj8 G8HITXDaGgpI3EpOg65/pKhEn+lAFyQs7BBoK2kvXy/wbXDAfecYoIVBH6SH0zFF+oLp 4pkg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.org.uk header.s=zeniv-20220401 header.b=RSfblOJj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zeniv.linux.org.uk Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r190-20020a632bc7000000b0051b29733bc9si10090893pgr.715.2023.04.23.18.45.02; Sun, 23 Apr 2023 18:45:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.org.uk header.s=zeniv-20220401 header.b=RSfblOJj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zeniv.linux.org.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230268AbjDXAol (ORCPT + 99 others); Sun, 23 Apr 2023 20:44:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55736 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229929AbjDXAok (ORCPT ); Sun, 23 Apr 2023 20:44:40 -0400 Received: from zeniv.linux.org.uk (zeniv.linux.org.uk [IPv6:2a03:a000:7:0:5054:ff:fe1c:15ff]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9D2B210D7 for ; Sun, 23 Apr 2023 17:44:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=linux.org.uk; s=zeniv-20220401; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=KnTrtTm+OMCxuJ2cui1HShdRgBlCVQjiqFOyYRdpUv4=; b=RSfblOJjwSmzlEGHhYs57Ku4Uk +q/ZmAVRNInmIhRwLWGAqo7WDH44SD2SnYL85cuh4prbt8DWsgAhy2QtcEp23PJHyylrflbJpfEyw DsYrdlleZSLqDCbFrgjR3HR5hqD6qCCzDRgVkX8tTeH22XrvNGqwth543XqJdkDBiUksDH+pkfc3y qPh5emtAU9DL8aZtlefwGH9OBXxk98QxUThVg/TL/PMWh9wSwGLOsAd/H1TvKDpDg3gGBJTp6P93j MU1G7qvkCh1sxK2Jhy9FW2X0DsJI4k6j4SZGYFZ/8886p8PVaxQKYrpIZM0NECAz2ETbzaG2eeA2E tiHtjp2w==; Received: from viro by zeniv.linux.org.uk with local (Exim 4.96 #2 (Red Hat Linux)) id 1pqkJj-00BxTH-0T; Mon, 24 Apr 2023 00:44:31 +0000 Date: Mon, 24 Apr 2023 01:44:31 +0100 From: Al Viro To: Tetsuo Handa Cc: Dmitry Vyukov , syzbot , Greg Kroah-Hartman , Jiri Slaby , linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Re: [syzbot] [kernel?] KCSAN: data-race in __fput / __tty_hangup (4) Message-ID: <20230424004431.GG3390869@ZenIV> References: <00000000000013aaac05f9d44e7a@google.com> <6ff6fdea-c955-f9dd-289e-b0d613a28280@I-love.SAKURA.ne.jp> <20230423233433.GF3390869@ZenIV> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: Al Viro X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 24, 2023 at 08:55:58AM +0900, Tetsuo Handa wrote: > On 2023/04/24 8:34, Al Viro wrote: > > As for the original report - add a (failing) ->splice_read() in hung_ut_tty_fops > > to deal with the original problem. > > Yes, adding a dummy splice_read callback is OK for avoiding NULL pointer dereference. > But we need more changes for avoiding KCSAN race reporting. > > Are you OK with https://lkml.kernel.org/r/6bec279c-07b3-d6f1-0860-4d6b136a2025@I-love.SAKURA.ne.jp > which will require touching so many locations ? > > If you want tty layer handle this race without rewriting all f_op dereferences, > we would need to replace > > filp->f_op = &hung_up_tty_fops; > > with > > data_race(filp->some_flags_for_tty = true); > > rather than > > data_race(filp->f_op = &hung_up_tty_fops); > > and check > > if (data_race(filp->some_flags_for_tty)) { > return error; > } > > from each "struct tty_operations" callback function. What struct tty_operations? It's file_operations, unfortunately, and their calls are on quite a few fast paths. Do you mean doing that in method instances that are present in tty_fops you mean doing that in method instances that are present in tty_fops and different in hung_up_tty_fops?