workqueue: Mark up unlocked access to wq->first_flusher

[ 7329.671518] BUG: KCSAN: data-race in flush_workqueue / flush_workqueue
[ 7329.671549]
[ 7329.671572] write to 0xffff8881f65fb250 of 8 bytes by task 37173 on cpu 2:
[ 7329.671607]  flush_workqueue+0x3bc/0x9b0 (kernel/workqueue.c:2844)
[ 7329.672527]
[ 7329.672540] read to 0xffff8881f65fb250 of 8 bytes by task 37175 on cpu 0:
[ 7329.672571]  flush_workqueue+0x28d/0x9b0 (kernel/workqueue.c:2835)

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Tejun Heo <tj@kernel.org>
Cc: Lai Jiangshan <jiangshanlai@gmail.com>
Signed-off-by: Tejun Heo <tj@kernel.org>

diff --git a/kernel/workqueue.c b/kernel/workqueue.c
index 5afa9ad45eba18cd54565400778d90c537b24f48..40a4ba39ad5eb331ed16896dbb22e77d1e52a08a 100644 (file)
--- a/kernel/workqueue.c
+++ b/kernel/workqueue.c
@@ -2832,7 +2832,7 @@ void flush_workqueue(struct workqueue_struct *wq)
         * First flushers are responsible for cascading flushes and
         * handling overflow.  Non-first flushers can simply return.
         */
-       if (wq->first_flusher != &this_flusher)
+       if (READ_ONCE(wq->first_flusher) != &this_flusher)
                return;
 
        mutex_lock(&wq->mutex);
@@ -2841,7 +2841,7 @@ void flush_workqueue(struct workqueue_struct *wq)
        if (wq->first_flusher != &this_flusher)
                goto out_unlock;
 
-       wq->first_flusher = NULL;
+       WRITE_ONCE(wq->first_flusher, NULL);
 
        WARN_ON_ONCE(!list_empty(&this_flusher.list));
        WARN_ON_ONCE(wq->flush_color != this_flusher.flush_color);