linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2] fs: jfs: fix a possible data race in txBegin()
@ 2020-05-05 14:50 Jia-Ju Bai
  2020-05-12  3:09 ` [fs] 05c5a0273b: netperf.Throughput_total_tps -71.8% regression kernel test robot
  2020-05-14  5:13 ` [fs] 05c5a0273b: will-it-scale.per_thread_ops -74.6% regression kernel test robot
  0 siblings, 2 replies; 7+ messages in thread
From: Jia-Ju Bai @ 2020-05-05 14:50 UTC (permalink / raw)
  To: shaggy, Markus.Elfring; +Cc: jfs-discussion, linux-kernel, Jia-Ju Bai

The functions txBegin() and txLazyCommit() can be concurrently executed
in the following call contexts:

Thread1:
  jfs_write_inode()
    jfs_commit_inode()
      txBegin()

Thread2:
  jfs_lazycommit()
    txLazyCommit()

In txBegin():
  tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;

In txLazyCommit():
  spin_lock_irq(&log->gclock);
  ...
  tblk->flag |= tblkGC_COMMITTED;
  ...
  spin_unlock_irq(&log->gclock);

A data race can occur for the data structure member "flag". 
This data race was found by our concurrency fuzzer.

Thus use the spin lock "gclock" for the resetting of five 
data structure members in this function implementation.

Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
---
v2:
* Change the description.
  Thank Markus Elfring for good advice.

 fs/jfs/jfs_txnmgr.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/jfs/jfs_txnmgr.c b/fs/jfs/jfs_txnmgr.c
index c8ce7f1bc594..a1f124aad2e0 100644
--- a/fs/jfs/jfs_txnmgr.c
+++ b/fs/jfs/jfs_txnmgr.c
@@ -415,7 +415,9 @@ tid_t txBegin(struct super_block *sb, int flag)
 	 *
 	 * memset(tblk, 0, sizeof(struct tblock));
 	 */
+	spin_lock_irq(&log->gclock);
 	tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;
+	spin_unlock_irq(&log->gclock);
 
 	tblk->sb = sb;
 	++log->logtid;
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread
* [PATCH v2] fs: jfs: fix a possible data race in txBegin()
@ 2020-05-05 13:54 Jia-Ju Bai
  0 siblings, 0 replies; 7+ messages in thread
From: Jia-Ju Bai @ 2020-05-05 13:54 UTC (permalink / raw)
  To: shaggy, Markus.Elfring; +Cc: jfs-discussion, linux-kernel, Jia-Ju Bai

The functions txBegin() and txLazyCommit() can be concurrently executed
in the following call contexts:

Thread1:
  jfs_write_inode()
    jfs_commit_inode()
      txBegin()

Thread2:
  jfs_lazycommit()
    txLazyCommit()

In txBegin():
  tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;

In txLazyCommit():
  spin_lock_irq(&log->gclock);
  ...
  tblk->flag |= tblkGC_COMMITTED;
  ...
  spin_unlock_irq(&log->gclock);

A data race can occur for the data structure member "flag". 
This data race was found by our concurrency fuzzer.

Thus use the spin lock "gclock" for the resetting of five 
data structure members in this function implementation.

Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
---
v2:
* Change the description.
  Thank Markus Elfring for good advice.

---
 fs/jfs/jfs_txnmgr.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/jfs/jfs_txnmgr.c b/fs/jfs/jfs_txnmgr.c
index c8ce7f1bc594..a1f124aad2e0 100644
--- a/fs/jfs/jfs_txnmgr.c
+++ b/fs/jfs/jfs_txnmgr.c
@@ -415,7 +415,9 @@ tid_t txBegin(struct super_block *sb, int flag)
 	 *
 	 * memset(tblk, 0, sizeof(struct tblock));
 	 */
+	spin_lock_irq(&log->gclock);
 	tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;
+	spin_unlock_irq(&log->gclock);
 
 	tblk->sb = sb;
 	++log->logtid;
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2020-05-15  7:34 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-05 14:50 [PATCH v2] fs: jfs: fix a possible data race in txBegin() Jia-Ju Bai
2020-05-12  3:09 ` [fs] 05c5a0273b: netperf.Throughput_total_tps -71.8% regression kernel test robot
2020-05-14  4:27   ` [Jfs-discussion] " Christian Kujau
2020-05-14  5:12     ` Rong Chen
     [not found]     ` <20200514154251.18184-1-hdanton@sina.com>
2020-05-15  7:34       ` Jia-Ju Bai
2020-05-14  5:13 ` [fs] 05c5a0273b: will-it-scale.per_thread_ops -74.6% regression kernel test robot
  -- strict thread matches above, loose matches on Subject: below --
2020-05-05 13:54 [PATCH v2] fs: jfs: fix a possible data race in txBegin() Jia-Ju Bai

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).