From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.9 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D0F50C43331 for ; Mon, 11 Nov 2019 23:51:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 972F3214DB for ; Mon, 11 Nov 2019 23:51:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1573516286; bh=Holydj0puWmzItoMY11fraej1BUm5SwvcVicyzxx6hI=; h=References:In-Reply-To:From:Date:Subject:To:Cc:List-ID:From; b=e8VfVi9O2LHqlzws2H7K6cQYlL8hgPtVZLAzWxJ11ml/dd1YW3GR5ROtZ+N1DSxoq VO0Fj4MH7BD0Kguxujnk/rAByzpEhBG3vJ1IRxaj3x9uL4Zq1I2nrwiIQwZUiKlcFp 5lRWrN6TQ/iI53wJ8takkwpRzYAgUL7jAfBsJlvA= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727069AbfKKXvZ (ORCPT ); Mon, 11 Nov 2019 18:51:25 -0500 Received: from mail-lj1-f177.google.com ([209.85.208.177]:45573 "EHLO mail-lj1-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726877AbfKKXvZ (ORCPT ); Mon, 11 Nov 2019 18:51:25 -0500 Received: by mail-lj1-f177.google.com with SMTP id n21so15666450ljg.12 for ; Mon, 11 Nov 2019 15:51:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2Jr8GhMrrt/B5MXgl6TQY/T7xl692bmOyZCXN0LAOj8=; b=IbYZZWEI4KLhUtWSkrs7hcs68+mEge6/KLgmu1047nQtr8xXaC+fl5/qcP+Z0UfI2r FK4INqmH+Qpf28gOugYt+TB7BEFWjBUtO/OlIANn3GeMtU8xVQCR4bgX9tvJDsGcfGgt 8RhepscHXu3gvogkyKNhV60hOA+mHP91rWAbw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2Jr8GhMrrt/B5MXgl6TQY/T7xl692bmOyZCXN0LAOj8=; b=mpfoasA7G1W0E2TlsNZK9acr/wEYzof3qv4nIb3zyWVSqR3Ptzefp7IRhT0PqHtiOy 3ua41BAQPyc+oRejCnf5ITe8Y2QVaK8OvL29Mze/ngn6m2K/nNkrPhaekTRkMGQH/lwV yH9vOguVJLkMawQ400wm7W8IQ1S5Yurk6e02kbX3tjnOuZAFnCcG9txJEEWXQonNQnip BiiX9M8EaKcgJRObH8Jq11sQ39iFkrDJAh2hQ0bwIr1qn9d+exLHP2RD8Ul8j6hQ91Iz BOecmaiUKpFLL78gaDyQOXeYPy+bcHP4oHpfuRtsZCrgtjsS+n+hzHRN3t1OAYA7Ld1G dSJQ== X-Gm-Message-State: APjAAAUfDs/HnxjvCszoEHYoZqv6GlB0raNNv32u7LwCAaLAsgVU1wGd KNhbkOut6hX20x0dUJToCLv0hr4KRyQ= X-Google-Smtp-Source: APXvYqy6leR3v87NjH+8LhQ3yigIygpHVrW+oqKqV7M5VWTIT/Ygpmmya3ZHpalLB9NMCrxZ0bI6bA== X-Received: by 2002:a2e:9106:: with SMTP id m6mr3692254ljg.146.1573516280635; Mon, 11 Nov 2019 15:51:20 -0800 (PST) Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com. [209.85.167.54]) by smtp.gmail.com with ESMTPSA id 15sm7200266ljq.62.2019.11.11.15.51.20 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 11 Nov 2019 15:51:20 -0800 (PST) Received: by mail-lf1-f54.google.com with SMTP id y186so5463956lfa.1 for ; Mon, 11 Nov 2019 15:51:20 -0800 (PST) X-Received: by 2002:ac2:5bca:: with SMTP id u10mr17489031lfn.134.1573516279685; Mon, 11 Nov 2019 15:51:19 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Mon, 11 Nov 2019 15:51:03 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: KCSAN: data-race in __alloc_file / __alloc_file To: Eric Dumazet , Al Viro , Kirill Smelkov Cc: Alan Stern , Marco Elver , Eric Dumazet , syzbot , linux-fsdevel , Linux Kernel Mailing List , syzkaller-bugs , Andrea Parri , "Paul E. McKenney" , LKMM Maintainers -- Akira Yokosawa Content-Type: multipart/mixed; boundary="000000000000e6518e05971aced8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --000000000000e6518e05971aced8 Content-Type: text/plain; charset="UTF-8" On Mon, Nov 11, 2019 at 11:00 AM Linus Torvalds wrote: > > > if (ppos) { > > pos = *ppos; // data-race > > That code uses "fdget_pos(). > > Which does mutual exclusion _if_ the file is something we care about > pos for, and if it has more than one process using it. That said, the more I look at that code, the less I like it. I have this feeling we really should get rid of FMODE_ATOMIC_POS entirely, now that we have the much nicer FMODE_STREAM to indicate that 'pos' really doesn't matter. Also, the test for "file_count(file) > 1" really is wrong, in that it means that we protect against other processes, but not other threads. So maybe we really should do the attached thing. Adding Al and Kirill to the cc for comments. Kirill did some fairly in-depth review of the whole locking on f_pos, it might be good to get his comments. Al? Note the change from - if (file_count(file) > 1) { + if ((v & FDPUT_FPUT) || file_count(file) > 1) { in __fdget_pos(). It basically says that the threaded case also does the pos locking. NOTE! This is entirely untested. It might be totally broken. It passes my "LooksSuperficiallyFine(tm)" test, but that's all I'm going to say about the patch. Linus --000000000000e6518e05971aced8 Content-Type: text/x-patch; charset="US-ASCII"; name="patch.diff" Content-Disposition: attachment; filename="patch.diff" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_k2v2y66l0 IGZzL2ZpbGUuYyAgICAgICAgICB8IDQgKystLQogZnMvb3Blbi5jICAgICAgICAgIHwgNiArLS0t LS0KIGluY2x1ZGUvbGludXgvZnMuaCB8IDIgLS0KIDMgZmlsZXMgY2hhbmdlZCwgMyBpbnNlcnRp b25zKCspLCA5IGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL2ZzL2ZpbGUuYyBiL2ZzL2ZpbGUu YwppbmRleCAzZGE5MWExMTJiYWIuLjcwOGU1YzJiN2Q2NSAxMDA2NDQKLS0tIGEvZnMvZmlsZS5j CisrKyBiL2ZzL2ZpbGUuYwpAQCAtNzk1LDggKzc5NSw4IEBAIHVuc2lnbmVkIGxvbmcgX19mZGdl dF9wb3ModW5zaWduZWQgaW50IGZkKQogCXVuc2lnbmVkIGxvbmcgdiA9IF9fZmRnZXQoZmQpOwog CXN0cnVjdCBmaWxlICpmaWxlID0gKHN0cnVjdCBmaWxlICopKHYgJiB+Myk7CiAKLQlpZiAoZmls ZSAmJiAoZmlsZS0+Zl9tb2RlICYgRk1PREVfQVRPTUlDX1BPUykpIHsKLQkJaWYgKGZpbGVfY291 bnQoZmlsZSkgPiAxKSB7CisJaWYgKGZpbGUgJiYgIShmaWxlLT5mX21vZGUgJiBGTU9ERV9TVFJF QU0pKSB7CisJCWlmICgodiAmIEZEUFVUX0ZQVVQpIHx8IGZpbGVfY291bnQoZmlsZSkgPiAxKSB7 CiAJCQl2IHw9IEZEUFVUX1BPU19VTkxPQ0s7CiAJCQltdXRleF9sb2NrKCZmaWxlLT5mX3Bvc19s b2NrKTsKIAkJfQpkaWZmIC0tZ2l0IGEvZnMvb3Blbi5jIGIvZnMvb3Blbi5jCmluZGV4IGI2MmY1 YzA5MjNhOC4uNWM2ODI4MmVhNzllIDEwMDY0NAotLS0gYS9mcy9vcGVuLmMKKysrIGIvZnMvb3Bl bi5jCkBAIC03NzEsMTAgKzc3MSw2IEBAIHN0YXRpYyBpbnQgZG9fZGVudHJ5X29wZW4oc3RydWN0 IGZpbGUgKmYsCiAJCWYtPmZfbW9kZSB8PSBGTU9ERV9XUklURVI7CiAJfQogCi0JLyogUE9TSVgu MS0yMDA4L1NVU3Y0IFNlY3Rpb24gWFNJIDIuOS43ICovCi0JaWYgKFNfSVNSRUcoaW5vZGUtPmlf bW9kZSkgfHwgU19JU0RJUihpbm9kZS0+aV9tb2RlKSkKLQkJZi0+Zl9tb2RlIHw9IEZNT0RFX0FU T01JQ19QT1M7Ci0KIAlmLT5mX29wID0gZm9wc19nZXQoaW5vZGUtPmlfZm9wKTsKIAlpZiAoV0FS Tl9PTighZi0+Zl9vcCkpIHsKIAkJZXJyb3IgPSAtRU5PREVWOwpAQCAtMTI1Niw3ICsxMjUyLDcg QEAgRVhQT1JUX1NZTUJPTChub25zZWVrYWJsZV9vcGVuKTsKICAqLwogaW50IHN0cmVhbV9vcGVu KHN0cnVjdCBpbm9kZSAqaW5vZGUsIHN0cnVjdCBmaWxlICpmaWxwKQogewotCWZpbHAtPmZfbW9k ZSAmPSB+KEZNT0RFX0xTRUVLIHwgRk1PREVfUFJFQUQgfCBGTU9ERV9QV1JJVEUgfCBGTU9ERV9B VE9NSUNfUE9TKTsKKwlmaWxwLT5mX21vZGUgJj0gfihGTU9ERV9MU0VFSyB8IEZNT0RFX1BSRUFE IHwgRk1PREVfUFdSSVRFKTsKIAlmaWxwLT5mX21vZGUgfD0gRk1PREVfU1RSRUFNOwogCXJldHVy biAwOwogfQpkaWZmIC0tZ2l0IGEvaW5jbHVkZS9saW51eC9mcy5oIGIvaW5jbHVkZS9saW51eC9m cy5oCmluZGV4IGUwZDkwOWQzNTc2My4uYTdjM2Y2ZGQ1NzAxIDEwMDY0NAotLS0gYS9pbmNsdWRl L2xpbnV4L2ZzLmgKKysrIGIvaW5jbHVkZS9saW51eC9mcy5oCkBAIC0xNDgsOCArMTQ4LDYgQEAg dHlwZWRlZiBpbnQgKGRpb19pb2RvbmVfdCkoc3RydWN0IGtpb2NiICppb2NiLCBsb2ZmX3Qgb2Zm c2V0LAogLyogRmlsZSBpcyBvcGVuZWQgd2l0aCBPX1BBVEg7IGFsbW9zdCBub3RoaW5nIGNhbiBi ZSBkb25lIHdpdGggaXQgKi8KICNkZWZpbmUgRk1PREVfUEFUSAkJKChfX2ZvcmNlIGZtb2RlX3Qp MHg0MDAwKQogCi0vKiBGaWxlIG5lZWRzIGF0b21pYyBhY2Nlc3NlcyB0byBmX3BvcyAqLwotI2Rl ZmluZSBGTU9ERV9BVE9NSUNfUE9TCSgoX19mb3JjZSBmbW9kZV90KTB4ODAwMCkKIC8qIFdyaXRl IGFjY2VzcyB0byB1bmRlcmx5aW5nIGZzICovCiAjZGVmaW5lIEZNT0RFX1dSSVRFUgkJKChfX2Zv cmNlIGZtb2RlX3QpMHgxMDAwMCkKIC8qIEhhcyByZWFkIG1ldGhvZChzKSAqLwo= --000000000000e6518e05971aced8--