[PATCH v2] fs: jfs: fix a possible data race in txBegin()
From: Jia-Ju Bai
Date: Tue May 05 2020 - 10:51:02 EST
The functions txBegin() and txLazyCommit() can be concurrently executed
in the following call contexts:
Thread1:
jfs_write_inode()
jfs_commit_inode()
txBegin()
Thread2:
jfs_lazycommit()
txLazyCommit()
In txBegin():
tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;
In txLazyCommit():
spin_lock_irq(&log->gclock);
...
tblk->flag |= tblkGC_COMMITTED;
...
spin_unlock_irq(&log->gclock);
A data race can occur for the data structure member "flag".
This data race was found by our concurrency fuzzer.
Thus use the spin lock "gclock" for the resetting of five
data structure members in this function implementation.
Signed-off-by: Jia-Ju Bai <baijiaju1990@xxxxxxxxx>
---
v2:
* Change the description.
Thank Markus Elfring for good advice.
fs/jfs/jfs_txnmgr.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/jfs/jfs_txnmgr.c b/fs/jfs/jfs_txnmgr.c
index c8ce7f1bc594..a1f124aad2e0 100644
--- a/fs/jfs/jfs_txnmgr.c
+++ b/fs/jfs/jfs_txnmgr.c
@@ -415,7 +415,9 @@ tid_t txBegin(struct super_block *sb, int flag)
*
* memset(tblk, 0, sizeof(struct tblock));
*/
+ spin_lock_irq(&log->gclock);
tblk->next = tblk->last = tblk->xflag = tblk->flag = tblk->lsn = 0;
+ spin_unlock_irq(&log->gclock);
tblk->sb = sb;
++log->logtid;
--
2.17.1