Re: [PATCH] fs: jfs: fix a possible data race in txBegin()
On 2020/5/5 0:15, Markus Elfring wrote: Thus, a data race can occur for tblk->flag. To fix this data race, the spinlock log->gclock is used in txBegin(). This data race is found by our concurrency fuzzer. How do you think about a wording variant like the following? Change description: A data race can occur for the data structure member “flag”. This data race was found by our concurrency fuzzer. Thus use the spin lock “gclock” for the resetting of five data structure members in this function implementation. Would you like to add the tag “Fixes” to the commit message? Thanks, Markus. I am not sure how to add the tag "Fixes"... I need to find which previous commit add the code about txBegin()? Best wishes, Jia-Ju Bai
Re: [PATCH] fs: jfs: fix a possible data race in txBegin()
> Thus, a data race can occur for tblk->flag. > > To fix this data race, the spinlock log->gclock is used in > txBegin(). > > This data race is found by our concurrency fuzzer. How do you think about a wording variant like the following? Change description: A data race can occur for the data structure member “flag”. This data race was found by our concurrency fuzzer. Thus use the spin lock “gclock” for the resetting of five data structure members in this function implementation. Would you like to add the tag “Fixes” to the commit message? Regards, Markus
[PATCH] fs: jfs: fix a possible data race in txBegin()
The functions txBegin() and txLazyCommit() can be concurrently executed in the following call contexts: Thread1: jfs_write_inode() jfs_commit_inode() txBegin() Thread2: jfs_lazycommit() txLazyCommit() In txBegin(): tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0; In txLazyCommit(): spin_lock_irq(&log->gclock); ... tblk->flag |= tblkGC_COMMITTED; ... spin_unlock_irq(&log->gclock); Thus, a data race can occur for tblk->flag. To fix this data race, the spinlock log->gclock is used in txBegin(). This data race is found by our concurrency fuzzer. Signed-off-by: Jia-Ju Bai --- fs/jfs/jfs_txnmgr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/jfs/jfs_txnmgr.c b/fs/jfs/jfs_txnmgr.c index c8ce7f1bc594..a1f124aad2e0 100644 --- a/fs/jfs/jfs_txnmgr.c +++ b/fs/jfs/jfs_txnmgr.c @@ -415,7 +415,9 @@ tid_t txBegin(struct super_block *sb, int flag) * * memset(tblk, 0, sizeof(struct tblock)); */ + spin_lock_irq(&log->gclock); tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0; + spin_unlock_irq(&log->gclock); tblk->sb = sb; ++log->logtid; -- 2.17.1
