Re: BUG: KCSAN: data-race in add_device_randomness+0x20d/0x290

From: Oleg Nesterov
Date: Tue Feb 15 2022 - 07:13:08 EST

Next message: Marc Zyngier: "Re: [PATCH 00/10] irqchip: Prevent drivers abusing irq_chip::name"
Previous message: Jani Nikula: "Re: linux-next: build failure after merge of the drm-intel tree"
In reply to: Jason A. Donenfeld: "Re: BUG: KCSAN: data-race in add_device_randomness+0x20d/0x290"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 02/15, Jason A. Donenfeld wrote:
>
> void release_task(struct task_struct *p)
> {
> [...]
> cgroup_release(p);
>
> write_lock_irq(&tasklist_lock);
> ptrace_release_task(p);
> thread_pid = get_pid(p->thread_pid);
> __exit_signal(p);
> [...]
> }
> static void __exit_signal(struct task_struct *tsk)
> {
> [...]
> add_device_randomness((const void*) &tsk->se.sum_exec_runtime,
> sizeof(unsigned long long));
> [...]
> }
>
> Apparently the data that is being read by add_device_randomness() is
> being modified while it's being read. This would be whatever is in
> `tsk->se.sum_exec_runtime`.
>
> I'm not sure what's happening there, if this is "normal" and the task
> can be scheduled out while exiting, causing the schedule to add to
> sum_exec_runtime, or what.

Yes, this is normal.

The parent can call release_task(child) right after the child has passed
exit_notify(), the exiting child still runs and can be scheduled out until
it does the last schedule from do_task_dead().

Oleg.

Next message: Marc Zyngier: "Re: [PATCH 00/10] irqchip: Prevent drivers abusing irq_chip::name"
Previous message: Jani Nikula: "Re: linux-next: build failure after merge of the drm-intel tree"
In reply to: Jason A. Donenfeld: "Re: BUG: KCSAN: data-race in add_device_randomness+0x20d/0x290"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]