[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20211005105905.1994700-1-elver@google.com>
Date: Tue, 5 Oct 2021 12:58:42 +0200
From: Marco Elver <elver@...gle.com>
To: elver@...gle.com, "Paul E . McKenney" <paulmck@...nel.org>
Cc: Alexander Potapenko <glider@...gle.com>,
Boqun Feng <boqun.feng@...il.com>,
Borislav Petkov <bp@...en8.de>,
Dmitry Vyukov <dvyukov@...gle.com>,
Ingo Molnar <mingo@...nel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Mark Rutland <mark.rutland@....com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Waiman Long <longman@...hat.com>,
Will Deacon <will@...nel.org>, kasan-dev@...glegroups.com,
linux-arch@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org, x86@...nel.org
Subject: [PATCH -rcu/kcsan 00/23] kcsan: Support detecting a subset of missing
memory barriers
Detection of some missing memory barriers has been on the KCSAN feature
wishlist for some time: this series adds support for modeling a subset
of weak memory as defined by the LKMM, which enables detection of a
subset of data races due to missing memory barriers.
KCSAN's approach to detecting missing memory barriers is based on
modeling access reordering. Each memory access for which a watchpoint is
set up, is also selected for simulated reordering within the scope of
its function (at most 1 in-flight access).
We are limited to modeling the effects of "buffering" (delaying the
access), since the runtime cannot "prefetch" accesses. Once an access
has been selected for reordering, it is checked along every other access
until the end of the function scope. If an appropriate memory barrier is
encountered, the access will no longer be considered for reordering.
When the result of a memory operation should be ordered by a barrier,
KCSAN can then detect data races where the conflict only occurs as a
result of a missing barrier due to reordering accesses.
Some more details and an example are captured in the updated
<Documentation/dev-tools/kcsan.rst>.
Some light fuzzing with the feature also resulted in a discussion [1]
around an issue which appears to be allowed, but unlikely in practice.
[1] https://lkml.kernel.org/r/YRo58c+JGOvec7tc@elver.google.com
The first half of the series are core KCSAN changes, documentation
updates, and test changes. The second half adds instrumentation to
barriers, atomics, bitops, along with enabling barrier instrumentation
for some currently uninstrumented subsystems. The last two patches are
objtool changes to add the usual entries to the uaccess whitelist, but
also instruct objtool to remove memory barrier instrumentation from
noinstr code (on x86).
The series is rebased on -rcu/kcsan. The objtool patches currently
conflict with pending changes in -tip/objtool/core, which could be
separated from this series if needed.
Marco Elver (23):
kcsan: Refactor reading of instrumented memory
kcsan: Remove redundant zero-initialization of globals
kcsan: Avoid checking scoped accesses from nested contexts
kcsan: Add core support for a subset of weak memory modeling
kcsan: Add core memory barrier instrumentation functions
kcsan, kbuild: Add option for barrier instrumentation only
kcsan: Call scoped accesses reordered in reports
kcsan: Show location access was reordered to
kcsan: Document modeling of weak memory
kcsan: test: Match reordered or normal accesses
kcsan: test: Add test cases for memory barrier instrumentation
kcsan: Ignore GCC 11+ warnings about TSan runtime support
kcsan: selftest: Add test case to check memory barrier instrumentation
locking/barriers, kcsan: Add instrumentation for barriers
locking/barriers, kcsan: Support generic instrumentation
locking/atomics, kcsan: Add instrumentation for barriers
asm-generic/bitops, kcsan: Add instrumentation for barriers
x86/barriers, kcsan: Use generic instrumentation for non-smp barriers
x86/qspinlock, kcsan: Instrument barrier of pv_queued_spin_unlock()
mm, kcsan: Enable barrier instrumentation
sched, kcsan: Enable memory barrier instrumentation
objtool, kcsan: Add memory barrier instrumentation to whitelist
objtool, kcsan: Remove memory barrier instrumentation from noinstr
Documentation/dev-tools/kcsan.rst | 72 ++-
arch/x86/include/asm/barrier.h | 10 +-
arch/x86/include/asm/qspinlock.h | 1 +
include/asm-generic/barrier.h | 54 ++-
.../asm-generic/bitops/instrumented-atomic.h | 3 +
.../asm-generic/bitops/instrumented-lock.h | 3 +
include/linux/atomic/atomic-instrumented.h | 135 +++++-
include/linux/kcsan-checks.h | 51 ++-
include/linux/kcsan.h | 11 +-
include/linux/sched.h | 3 +
include/linux/spinlock.h | 2 +-
init/init_task.c | 9 +-
kernel/kcsan/Makefile | 2 +
kernel/kcsan/core.c | 326 +++++++++++---
kernel/kcsan/kcsan_test.c | 416 ++++++++++++++++--
kernel/kcsan/report.c | 51 ++-
kernel/kcsan/selftest.c | 141 ++++++
kernel/sched/Makefile | 7 +-
lib/Kconfig.kcsan | 16 +
mm/Makefile | 2 +
scripts/Makefile.kcsan | 15 +-
scripts/Makefile.lib | 5 +
scripts/atomic/gen-atomic-instrumented.sh | 41 +-
tools/objtool/check.c | 36 +-
24 files changed, 1240 insertions(+), 172 deletions(-)
--
2.33.0.800.g4c38ced690-goog
Powered by blists - more mailing lists