Re: [PATCH tip/core/rcu 4/4] srcu: Add READ_ONCE() to srcu_struct ->srcu_gp_seq load
From: Paul E. McKenney
Date: Tue Feb 18 2020 - 11:34:08 EST
On Tue, Feb 18, 2020 at 12:43:34PM +0100, Peter Zijlstra wrote:
> On Mon, Feb 17, 2020 at 10:32:20AM -0800, Paul E. McKenney wrote:
> > On Mon, Feb 17, 2020 at 01:45:07PM +0100, Peter Zijlstra wrote:
> > > On Fri, Feb 14, 2020 at 04:29:32PM -0800, paulmck@xxxxxxxxxx wrote:
> > > > From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
> > > >
> > > > The load of the srcu_struct structure's ->srcu_gp_seq field in
> > > > srcu_funnel_gp_start() is lockless, so this commit adds the requisite
> > > > READ_ONCE().
> > > >
> > > > This data race was reported by KCSAN.
> > >
> > > But is there in actual fact a data-race? AFAICT this code was just fine.
> >
> > Now that you mention it, the lock is held at that point, isn't it? So if
> > that READ_ONCE() actually does anything, there is a bug somewhere else.
> >
> > Good catch, I will drop this patch, thank you!
>
> Well, I didn't get further than the Changelog fails to describe an
> actual problem and it looks like compare-against-a-constant.
>
> (worse, it masks off everything but the 2 lowest bits, so even if there
> was a problem with load-tearing, it still wouldn't matter)
There is still the possibility of load fusing. And the possibility
of defending against possible future changes as well as the current
snapshot of the code base.
> I'm not going to argue with you if you want to use READ_ONCE() vs
> data_race() and a comment to denote false-positive KCSAN warnings, but I
> do feel somewhat strongly that the Changelog should describe the actual
> problem -- if there is one -- or just flat out state that this is to
> make KCSAN shut up but the code is fine.
The problem is that "the code is fine" is highly subjective and varies
over time. :-/
But in this case there was a real problem, just that I got confused
when analyzing.
> That is; every KCSAN report should be analysed, right? All I'm asking is
> for that analysis to end up in the Changelog.
Before responding further, I have to ask...
Are you intending your "every KCSAN report should be analyzed" to apply
globally or just when someone creates a patch based on such a report?
In any case, you have acked this patch's successor (thank you very
much!), so on this specific patch (or more accurately, its successor)
I presume that we are all good.
Thanx, Paul
> > > > Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxx>
> > > > ---
> > > > kernel/rcu/srcutree.c | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > >
> > > > diff --git a/kernel/rcu/srcutree.c b/kernel/rcu/srcutree.c
> > > > index 119a373..90ab475 100644
> > > > --- a/kernel/rcu/srcutree.c
> > > > +++ b/kernel/rcu/srcutree.c
> > > > @@ -678,7 +678,7 @@ static void srcu_funnel_gp_start(struct srcu_struct *ssp, struct srcu_data *sdp,
> > > >
> > > > /* If grace period not already done and none in progress, start it. */
> > > > if (!rcu_seq_done(&ssp->srcu_gp_seq, s) &&
> > > > - rcu_seq_state(ssp->srcu_gp_seq) == SRCU_STATE_IDLE) {
> > > > + rcu_seq_state(READ_ONCE(ssp->srcu_gp_seq)) == SRCU_STATE_IDLE) {
> > > > WARN_ON_ONCE(ULONG_CMP_GE(ssp->srcu_gp_seq, ssp->srcu_gp_seq_needed));
> > > > srcu_gp_start(ssp);
> > > > if (likely(srcu_init_done))
> > > > --
> > > > 2.9.5
> > > >