* [PATCH] fs: jfs: fix a possible data race in txBegin()
@ 2020-05-04 15:34 Jia-Ju Bai
0 siblings, 0 replies; 5+ messages in thread
From: Jia-Ju Bai @ 2020-05-04 15:34 UTC (permalink / raw)
To: shaggy; +Cc: jfs-discussion, linux-kernel, Jia-Ju Bai
The functions txBegin() and txLazyCommit() can be concurrently executed
in the following call contexts:
Thread1:
jfs_write_inode()
jfs_commit_inode()
txBegin()
Thread2:
jfs_lazycommit()
txLazyCommit()
In txBegin():
tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;
In txLazyCommit():
spin_lock_irq(&log->gclock);
...
tblk->flag |= tblkGC_COMMITTED;
...
spin_unlock_irq(&log->gclock);
Thus, a data race can occur for tblk->flag.
To fix this data race, the spinlock log->gclock is used in
txBegin().
This data race is found by our concurrency fuzzer.
Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
---
fs/jfs/jfs_txnmgr.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/jfs/jfs_txnmgr.c b/fs/jfs/jfs_txnmgr.c
index c8ce7f1bc594..a1f124aad2e0 100644
--- a/fs/jfs/jfs_txnmgr.c
+++ b/fs/jfs/jfs_txnmgr.c
@@ -415,7 +415,9 @@ tid_t txBegin(struct super_block *sb, int flag)
*
* memset(tblk, 0, sizeof(struct tblock));
*/
+ spin_lock_irq(&log->gclock);
tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;
+ spin_unlock_irq(&log->gclock);
tblk->sb = sb;
++log->logtid;
--
2.17.1
^ permalink raw reply related [flat|nested] 5+ messages in thread* Re: [PATCH] fs: jfs: fix a possible data race in txBegin()
@ 2020-05-04 16:15 ` Markus Elfring
0 siblings, 0 replies; 5+ messages in thread
From: Markus Elfring @ 2020-05-04 16:15 UTC (permalink / raw)
To: Jia-Ju Bai, jfs-discussion; +Cc: linux-kernel, kernel-janitors, Dave Kleikamp
> Thus, a data race can occur for tblk->flag.
>
> To fix this data race, the spinlock log->gclock is used in
> txBegin().
>
> This data race is found by our concurrency fuzzer.
How do you think about a wording variant like the following?
Change description:
A data race can occur for the data structure member “flag”.
This data race was found by our concurrency fuzzer.
Thus use the spin lock “gclock” for the resetting of five
data structure members in this function implementation.
Would you like to add the tag “Fixes” to the commit message?
Regards,
Markus
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fs: jfs: fix a possible data race in txBegin()
@ 2020-05-04 16:15 ` Markus Elfring
0 siblings, 0 replies; 5+ messages in thread
From: Markus Elfring @ 2020-05-04 16:15 UTC (permalink / raw)
To: Jia-Ju Bai, jfs-discussion; +Cc: linux-kernel, kernel-janitors, Dave Kleikamp
> Thus, a data race can occur for tblk->flag.
>
> To fix this data race, the spinlock log->gclock is used in
> txBegin().
>
> This data race is found by our concurrency fuzzer.
How do you think about a wording variant like the following?
Change description:
A data race can occur for the data structure member “flag”.
This data race was found by our concurrency fuzzer.
Thus use the spin lock “gclock” for the resetting of five
data structure members in this function implementation.
Would you like to add the tag “Fixes” to the commit message?
Regards,
Markus
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fs: jfs: fix a possible data race in txBegin()
2020-05-04 16:15 ` Markus Elfring
@ 2020-05-05 4:10 ` Jia-Ju Bai
-1 siblings, 0 replies; 5+ messages in thread
From: Jia-Ju Bai @ 2020-05-05 4:10 UTC (permalink / raw)
To: Markus Elfring, jfs-discussion
Cc: linux-kernel, kernel-janitors, Dave Kleikamp
On 2020/5/5 0:15, Markus Elfring wrote:
>> Thus, a data race can occur for tblk->flag.
>>
>> To fix this data race, the spinlock log->gclock is used in
>> txBegin().
>>
>> This data race is found by our concurrency fuzzer.
> How do you think about a wording variant like the following?
>
> Change description:
> A data race can occur for the data structure member “flag”.
> This data race was found by our concurrency fuzzer.
>
> Thus use the spin lock “gclock” for the resetting of five
> data structure members in this function implementation.
>
>
> Would you like to add the tag “Fixes” to the commit message?
>
Thanks, Markus.
I am not sure how to add the tag "Fixes"...
I need to find which previous commit add the code about txBegin()?
Best wishes,
Jia-Ju Bai
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fs: jfs: fix a possible data race in txBegin()
@ 2020-05-05 4:10 ` Jia-Ju Bai
0 siblings, 0 replies; 5+ messages in thread
From: Jia-Ju Bai @ 2020-05-05 4:10 UTC (permalink / raw)
To: Markus Elfring, jfs-discussion
Cc: linux-kernel, kernel-janitors, Dave Kleikamp
On 2020/5/5 0:15, Markus Elfring wrote:
>> Thus, a data race can occur for tblk->flag.
>>
>> To fix this data race, the spinlock log->gclock is used in
>> txBegin().
>>
>> This data race is found by our concurrency fuzzer.
> How do you think about a wording variant like the following?
>
> Change description:
> A data race can occur for the data structure member “flag”.
> This data race was found by our concurrency fuzzer.
>
> Thus use the spin lock “gclock” for the resetting of five
> data structure members in this function implementation.
>
>
> Would you like to add the tag “Fixes” to the commit message?
>
Thanks, Markus.
I am not sure how to add the tag "Fixes"...
I need to find which previous commit add the code about txBegin()?
Best wishes,
Jia-Ju Bai
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-05-05 4:10 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-04 15:34 [PATCH] fs: jfs: fix a possible data race in txBegin() Jia-Ju Bai
2020-05-04 16:15 Markus Elfring
2020-05-04 16:15 ` Markus Elfring
2020-05-05 4:10 ` Jia-Ju Bai
2020-05-05 4:10 ` Jia-Ju Bai
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.