| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Nov 2019 19:27:47 +0100
From: Marco Elver <elver@...gle.com>
To: elver@...gle.com
Cc: axboe@...nel.dk, linux-block@...r.kernel.org,
linux-kernel@...r.kernel.org,
syzbot+ba8947364367f96fe16b@...kaller.appspotmail.com
Subject: [PATCH] blk-wbt: Fix data race and avoid possible false sharing
The pattern here is to avoid possible false sharing. However, due to
compiler optimizations the code may simply collapse to the write if we
omit READ_ONCE/WRITE_ONCE:
https://github.com/google/ktsan/wiki/READ_ONCE-and-WRITE_ONCE#it-may-improve-performance
==================================================================
BUG: KCSAN: data-race in wbt_wait / wbt_wait
read to 0xffff88821aa6d140 of 8 bytes by task 10372 on cpu 1:
wb_timestamp block/blk-wbt.c:88 [inline]
wb_timestamp block/blk-wbt.c:83 [inline]
wbt_wait+0x1f9/0x250 block/blk-wbt.c:587
__rq_qos_throttle+0x47/0x70 block/blk-rq-qos.c:72
rq_qos_throttle block/blk-rq-qos.h:185 [inline]
blk_mq_make_request+0x29c/0xf60 block/blk-mq.c:1971
generic_make_request block/blk-core.c:1064 [inline]
generic_make_request+0x196/0x740 block/blk-core.c:1006
submit_bio+0x96/0x3c0 block/blk-core.c:1190
submit_bh_wbc+0x40f/0x460 fs/buffer.c:3095
submit_bh fs/buffer.c:3101 [inline]
__bread_slow fs/buffer.c:1177 [inline]
__bread_gfp+0xe7/0x1e0 fs/buffer.c:1359
sb_bread include/linux/buffer_head.h:307 [inline]
fat__get_entry+0x35e/0x4f0 fs/fat/dir.c:100
fat_get_entry fs/fat/dir.c:128 [inline]
fat_get_short_entry+0x103/0x200 fs/fat/dir.c:877
fat_subdirs+0x6b/0x110 fs/fat/dir.c:943
fat_read_root fs/fat/inode.c:1416 [inline]
fat_fill_super+0x1552/0x1f50 fs/fat/inode.c:1862
vfat_fill_super+0x3b/0x50 fs/fat/namei_vfat.c:1050
mount_bdev+0x262/0x2d0 fs/super.c:1415
vfat_mount+0x3e/0x60 fs/fat/namei_vfat.c:1057
write to 0xffff88821aa6d140 of 8 bytes by task 10375 on cpu 0:
wb_timestamp block/blk-wbt.c:89 [inline]
wb_timestamp block/blk-wbt.c:83 [inline]
wbt_wait+0x21e/0x250 block/blk-wbt.c:587
__rq_qos_throttle+0x47/0x70 block/blk-rq-qos.c:72
rq_qos_throttle block/blk-rq-qos.h:185 [inline]
blk_mq_make_request+0x29c/0xf60 block/blk-mq.c:1971
generic_make_request block/blk-core.c:1064 [inline]
generic_make_request+0x196/0x740 block/blk-core.c:1006
submit_bio+0x96/0x3c0 block/blk-core.c:1190
mpage_bio_submit fs/mpage.c:66 [inline]
mpage_readpages+0x36c/0x3c0 fs/mpage.c:410
blkdev_readpages+0x36/0x50 fs/block_dev.c:620
read_pages+0xa2/0x2d0 mm/readahead.c:126
__do_page_cache_readahead+0x353/0x390 mm/readahead.c:212
force_page_cache_readahead+0x13a/0x1f0 mm/readahead.c:243
page_cache_sync_readahead+0x1cf/0x1e0 mm/readahead.c:522
generic_file_buffered_read mm/filemap.c:2050 [inline]
generic_file_read_iter+0xeb6/0x1440 mm/filemap.c:2323
blkdev_read_iter+0xb2/0xe0 fs/block_dev.c:2010
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 10375 Comm: blkid Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
Reported-by: syzbot+ba8947364367f96fe16b@...kaller.appspotmail.com
Signed-off-by: Marco Elver <elver@...gle.com>
---
block/blk-wbt.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/block/blk-wbt.c b/block/blk-wbt.c
index 8641ba9793c5..ce281a9007a6 100644
--- a/block/blk-wbt.c
+++ b/block/blk-wbt.c
@@ -85,8 +85,8 @@ static void wb_timestamp(struct rq_wb *rwb, unsigned long *var)
if (rwb_enabled(rwb)) {
const unsigned long cur = jiffies;
- if (cur != *var)
- *var = cur;
+ if (cur != READ_ONCE(*var))
+ WRITE_ONCE(*var, cur);
}
}
--
2.24.0.rc1.363.gb1bccd3e3d-goog
Powered by blists - more mailing lists