diff options
author | Dmitry Vyukov <dvyukov@google.com> | 2015-09-18 15:54:23 +0200 |
---|---|---|
committer | Thomas Gleixner <tglx@linutronix.de> | 2015-09-22 15:43:18 +0200 |
commit | 3ed769bdb2a2484fd7f9f7f3047413053aacbe21 (patch) | |
tree | 75f0039968b1b80ffe61b6d446f34ade7b24cf11 /kernel/time/timer.c | |
parent | 571af55a31d3652ac1f758f116835a76d0335661 (diff) | |
download | op-kernel-dev-3ed769bdb2a2484fd7f9f7f3047413053aacbe21.zip op-kernel-dev-3ed769bdb2a2484fd7f9f7f3047413053aacbe21.tar.gz |
timers: Fix data race in timer_stats_account_timer()
timer_stats_account_timer() reads timer->start_site, then checks it
for NULL and then re-reads it again, while
timer_stats_timer_clear_start_info() can concurrently reset
timer->start_site to NULL. This should not lead to crashes, but can
double number of entries in timer stats as start_site is used during
comparison, the doubled entries will have unuseful NULL start_site.
Read timer->start_site only once in timer_stats_account_timer().
The data race was found with KernelThreadSanitizer (KTSAN).
Signed-off-by: Dmitry Vyukov <dvyukov@google.com>
Cc: andreyknvl@google.com
Cc: glider@google.com
Cc: kcc@google.com
Cc: ktsan@googlegroups.com
Cc: john.stultz@linaro.org
Link: http://lkml.kernel.org/r/1442584463-69553-1-git-send-email-dvyukov@google.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Diffstat (limited to 'kernel/time/timer.c')
-rw-r--r-- | kernel/time/timer.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/kernel/time/timer.c b/kernel/time/timer.c index 84190f0..d3f5e92 100644 --- a/kernel/time/timer.c +++ b/kernel/time/timer.c @@ -461,10 +461,17 @@ void __timer_stats_timer_set_start_info(struct timer_list *timer, void *addr) static void timer_stats_account_timer(struct timer_list *timer) { - if (likely(!timer->start_site)) + void *site; + + /* + * start_site can be concurrently reset by + * timer_stats_timer_clear_start_info() + */ + site = READ_ONCE(timer->start_site); + if (likely(!site)) return; - timer_stats_update_stats(timer, timer->start_pid, timer->start_site, + timer_stats_update_stats(timer, timer->start_pid, site, timer->function, timer->start_comm, timer->flags); } |