From: Waiman Long <longman@redhat.com>
To: Luis Henriques <lhenriques@suse.com>
Cc: Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@redhat.com>, Will Deacon <will.deacon@arm.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>,
linux-kernel@vger.kernel.org, x86@kernel.org,
Davidlohr Bueso <dave@stgolabs.net>,
Linus Torvalds <torvalds@linux-foundation.org>,
Tim Chen <tim.c.chen@linux.intel.com>,
huang ying <huang.ying.caritas@gmail.com>
Subject: Re: [PATCH v8 13/19] locking/rwsem: Make rwsem->owner an atomic_long_t
Date: Fri, 19 Jul 2019 15:32:10 -0400 [thread overview]
Message-ID: <2ed44afa-4528-a785-f188-2daf24343f97@redhat.com> (raw)
In-Reply-To: <20190719184538.GA20324@hermes.olymp>
On 7/19/19 2:45 PM, Luis Henriques wrote:
> On Mon, May 20, 2019 at 04:59:12PM -0400, Waiman Long wrote:
>> The rwsem->owner contains not just the task structure pointer, it also
>> holds some flags for storing the current state of the rwsem. Some of
>> the flags may have to be atomically updated. To reflect the new reality,
>> the owner is now changed to an atomic_long_t type.
>>
>> New helper functions are added to properly separate out the task
>> structure pointer and the embedded flags.
> I started seeing KASAN use-after-free with current master, and a bisect
> showed me that this commit 94a9717b3c40 ("locking/rwsem: Make
> rwsem->owner an atomic_long_t") was the problem. Does it ring any
> bells? I can easily reproduce it with xfstests (generic/464).
>
> Cheers,
> --
> Luís
This patch shouldn't change the behavior of the rwsem code. The code
only access data within the rw_semaphore structures. I don't know why it
will cause a KASAN error. I will have to reproduce it and figure out
exactly which statement is doing the invalid access.
Thanks,
Longman
next prev parent reply other threads:[~2019-07-19 19:32 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-20 20:58 [PATCH v8 00/19] locking/rwsem: Rwsem rearchitecture part 2 Waiman Long
2019-05-20 20:59 ` [PATCH v8 01/19] locking/rwsem: Make owner available even if !CONFIG_RWSEM_SPIN_ON_OWNER Waiman Long
2019-06-17 14:23 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 02/19] locking/rwsem: Remove rwsem_wake() wakeup optimization Waiman Long
2019-06-17 14:24 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 03/19] locking/rwsem: Implement a new locking scheme Waiman Long
2019-06-17 14:24 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 04/19] locking/rwsem: Merge rwsem.h and rwsem-xadd.c into rwsem.c Waiman Long
2019-06-17 14:25 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 05/19] locking/rwsem: Code cleanup after files merging Waiman Long
2019-06-17 14:26 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 06/19] locking/rwsem: Make rwsem_spin_on_owner() return owner state Waiman Long
2019-06-17 14:27 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 07/19] locking/rwsem: Implement lock handoff to prevent lock starvation Waiman Long
2019-06-04 3:03 ` Yuyang Du
2019-06-04 3:26 ` Yuyang Du
2019-06-04 9:12 ` Boqun Feng
2019-06-04 16:00 ` Waiman Long
2019-06-05 7:48 ` Yuyang Du
2019-06-04 13:21 ` Waiman Long
2019-06-17 14:27 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 08/19] locking/rwsem: Always release wait_lock before waking up tasks Waiman Long
2019-06-17 14:28 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 09/19] locking/rwsem: More optimal RT task handling of null owner Waiman Long
2019-06-17 14:29 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 10/19] locking/rwsem: Wake up almost all readers in wait queue Waiman Long
2019-06-17 14:29 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 11/19] locking/rwsem: Clarify usage of owner's nonspinaable bit Waiman Long
2019-06-17 14:30 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 12/19] locking/rwsem: Enable readers spinning on writer Waiman Long
2019-06-17 14:31 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 13/19] locking/rwsem: Make rwsem->owner an atomic_long_t Waiman Long
2019-06-04 8:52 ` Peter Zijlstra
2019-06-04 15:44 ` Waiman Long
2019-06-17 14:32 ` [tip:locking/core] " tip-bot for Waiman Long
2019-07-19 18:45 ` [PATCH v8 13/19] " Luis Henriques
2019-07-19 19:32 ` Waiman Long [this message]
2019-07-19 19:45 ` Luis Henriques
2019-07-19 20:14 ` Waiman Long
2019-07-19 19:51 ` Linus Torvalds
2019-07-20 8:41 ` Luis Henriques
2019-07-20 9:32 ` Luis Henriques
2019-07-20 9:45 ` Luis Henriques
2019-07-20 11:10 ` Peter Zijlstra
2019-07-20 15:04 ` Waiman Long
2019-07-21 20:49 ` Luis Henriques
2019-07-23 2:57 ` Waiman Long
2019-07-25 15:59 ` [tip:locking/core] locking/rwsem: Don't call owner_on_cpu() on read-owner tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 14/19] locking/rwsem: Enable time-based spinning on reader-owned rwsem Waiman Long
2019-06-04 9:03 ` Peter Zijlstra
2019-06-04 16:54 ` Waiman Long
2019-06-17 14:32 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 15/19] locking/rwsem: Adaptive disabling of reader optimistic spinning Waiman Long
2019-06-04 9:10 ` Peter Zijlstra
2019-06-04 17:28 ` Waiman Long
2019-06-04 9:14 ` Peter Zijlstra
2019-06-04 17:29 ` Waiman Long
2019-06-04 9:20 ` Peter Zijlstra
2019-06-04 17:30 ` Waiman Long
2019-06-04 17:38 ` Peter Zijlstra
2019-06-04 18:04 ` Waiman Long
2019-06-04 18:14 ` Peter Zijlstra
2019-06-04 18:21 ` Waiman Long
2019-06-05 18:13 ` Waiman Long
2019-06-05 20:19 ` Peter Zijlstra
2019-06-05 20:52 ` Linus Torvalds
2019-06-06 8:03 ` Peter Zijlstra
2019-06-06 8:11 ` Peter Zijlstra
2019-06-04 10:58 ` Peter Zijlstra
2019-06-17 14:33 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 16/19] locking/rwsem: Guard against making count negative Waiman Long
2019-06-11 13:11 ` Peter Zijlstra
2019-06-11 13:27 ` Peter Zijlstra
2019-06-11 13:13 ` Peter Zijlstra
2019-06-17 14:34 ` [tip:locking/core] " tip-bot for Waiman Long
2019-05-20 20:59 ` [PATCH v8 17/19] locking/rwsem: Merge owner into count on x86-64 Waiman Long
2019-06-04 9:45 ` Peter Zijlstra
2019-06-04 15:47 ` Waiman Long
2019-06-04 17:02 ` Peter Zijlstra
2019-06-04 17:06 ` Waiman Long
2019-06-04 17:18 ` Peter Zijlstra
2019-05-20 20:59 ` [PATCH v8 18/19] locking/rwsem: Remove redundant computation of writer lock word Waiman Long
2019-05-20 20:59 ` [PATCH v8 19/19] locking/rwsem: Disable preemption in down_read*() if owner in count Waiman Long
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2ed44afa-4528-a785-f188-2daf24343f97@redhat.com \
--to=longman@redhat.com \
--cc=bp@alien8.de \
--cc=dave@stgolabs.net \
--cc=hpa@zytor.com \
--cc=huang.ying.caritas@gmail.com \
--cc=lhenriques@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=tim.c.chen@linux.intel.com \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.