On Wed, 5 Jun 2024 at 00:36, Paul E. McKenney <paulmck@xxxxxxxxxx> wrote: > > On powerpc systems, spinlock acquisition does not order prior stores > against later loads. This means that this statement: > > rfcp->rfc_next = NULL; > > Can be reordered to follow this statement: > > WRITE_ONCE(*rfcpp, rfcp); > > Which is then a data race with rcu_torture_fwd_prog_cr(), specifically, > this statement: > > rfcpn = READ_ONCE(rfcp->rfc_next) > > KCSAN located this data race, which represents a real failure on powerpc. > > Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxx> > Cc: Marco Elver <elver@xxxxxxxxxx> > Cc: Andrey Konovalov <andreyknvl@xxxxxxxxx> > Cc: <kasan-dev@xxxxxxxxxxxxxxxx> Nice find - was this found by KCSAN's weak memory modeling, i.e. the report showed you that a reordered access resulted in a data race? Acked-by: Marco Elver <elver@xxxxxxxxxx> > --- > kernel/rcu/rcutorture.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/rcu/rcutorture.c b/kernel/rcu/rcutorture.c > index 44cc455e1b615..cafe047d046e8 100644 > --- a/kernel/rcu/rcutorture.c > +++ b/kernel/rcu/rcutorture.c > @@ -2630,7 +2630,7 @@ static void rcu_torture_fwd_cb_cr(struct rcu_head *rhp) > spin_lock_irqsave(&rfp->rcu_fwd_lock, flags); > rfcpp = rfp->rcu_fwd_cb_tail; > rfp->rcu_fwd_cb_tail = &rfcp->rfc_next; > - WRITE_ONCE(*rfcpp, rfcp); > + smp_store_release(rfcpp, rfcp); > WRITE_ONCE(rfp->n_launders_cb, rfp->n_launders_cb + 1); > i = ((jiffies - rfp->rcu_fwd_startat) / (HZ / FWD_CBS_HIST_DIV)); > if (i >= ARRAY_SIZE(rfp->n_launders_hist)) > -- > 2.40.1 >
