From: Chen Gang <chengang@emindsoft.com.cn>
To: Alexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
kasan-dev <kasan-dev@googlegroups.com>,
LKML <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Chen Gang <gang.chen.5i5j@gmail.com>
Subject: Re: [PATCH] mm/kasan/kasan.h: Fix boolean checking issue for kasan_report_enabled()
Date: Sat, 14 May 2016 11:30:16 +0800 [thread overview]
Message-ID: <57369BC8.7000602@emindsoft.com.cn> (raw)
In-Reply-To: <57278294.3060006@emindsoft.com.cn>
Hello all:
Shall I send patch v2 for it? (if really need, please let me know, and I
shall try).
Default, I shall continue to try to find and send another patches for mm
in "include/linux/*.h".
Thanks.
On 5/3/16 00:38, Chen Gang wrote:
> On 5/3/16 00:23, Chen Gang wrote:
>> On 5/2/16 23:35, Alexander Potapenko wrote:
>>> On Mon, May 2, 2016 at 5:13 PM, Chen Gang <chengang@emindsoft.com.cn> wrote:
>>>>
>>>> OK. But it does not look quite easy to use kasan_disable_current() for
>>>> INIT_KASAN which is used in INIT_TASK.
>>>>
>>>> If we have to set "kasan_depth == 1", we have to use kasan_depth-- in
>>>> kasan_enable_current().
>>> Agreed, decrementing the counter in kasan_enable_current() is more natural.
>>> I can fix this together with the comments.
>>
>> OK, thanks. And need I also send patch v2 for include/linux/kasan.h? (or
>> you will fix them together).
>>
>>>>
>>>> If we don't prevent the overflow, it will have negative effect with the
>>>> caller. When we issue an warning, it means the caller's hope fail, but
>>>> can not destroy the caller's original work. In our case:
>>>>
>>>> - Assume "kasan_depth-- for kasan_enable_current()", the first enable
>>>> will let kasan_depth be 0.
>>> Sorry, I'm not sure I follow.
>>> If we start with kasan_depth=0 (which is the default case for every
>>> task except for the init, which also gets kasan_depth=0 short after
>>> the kernel starts),
>>> then the first call to kasan_disable_current() will make kasan_depth
>>> nonzero and will disable KASAN.
>>> The subsequent call to kasan_enable_current() will enable KASAN back.
>>>
>>> There indeed is a problem when someone calls kasan_enable_current()
>>> without previously calling kasan_disable_current().
>>> In this case we need to check that kasan_depth was zero and print a
>>> warning if it was.
>>> It actually does not matter whether we modify kasan_depth after that
>>> warning or not, because we are already in inconsistent state.
>>> But I think we should modify kasan_depth anyway to ease the debugging.
>>>
>
> Oh, sorry, I forgot one of our original discussing content:
>
> - If we use signed int kasan_depth, and kasan_depth <= 0 means enable, I
> guess, we can always modify kasan_depth.
>
> - When overflow/underflow (singed int overflow), we can use BUG_ON(),
> since it should be rarely happen.
>
> Thanks.
>
>>
>> For me, BUG_ON() will be better for debugging, but it is really not well
>> for using. For WARN_ON(), it already print warnings, so I am not quite
>> sure "always modifying kasan_depth will be ease the debugging".
>>
>> When we are in inconsistent state, for me, what we can do is:
>>
>> - Still try to do correct things within our control: "when the caller
>> make a mistake, if kasan_enable_current() notices about it, it need
>> issue warning, and prevent itself to make mistake (causing disable).
>>
>> - "try to let negative effect smaller to user", e.g. let users "loose
>> hope" (call enable has no effect) instead of destroying users'
>> original work (call enable, but get disable).
>>
>> Thanks.
>>
>
--
Chen Gang (陈刚)
Managing Natural Environments is the Duty of Human Beings.
next prev parent reply other threads:[~2016-05-14 5:26 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-02 5:36 [PATCH] mm/kasan/kasan.h: Fix boolean checking issue for kasan_report_enabled() chengang
2016-05-02 8:26 ` Dmitry Vyukov
2016-05-02 11:11 ` Chen Gang
2016-05-02 11:21 ` Dmitry Vyukov
2016-05-02 12:27 ` Chen Gang
2016-05-02 12:42 ` Alexander Potapenko
2016-05-02 13:51 ` Chen Gang
2016-05-02 14:23 ` Alexander Potapenko
2016-05-02 15:13 ` Chen Gang
2016-05-02 15:35 ` Alexander Potapenko
2016-05-02 16:23 ` Chen Gang
2016-05-02 16:38 ` Chen Gang
2016-05-14 3:30 ` Chen Gang [this message]
2016-05-02 11:34 ` Alexander Potapenko
2016-05-02 12:09 ` Chen Gang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57369BC8.7000602@emindsoft.com.cn \
--to=chengang@emindsoft.com.cn \
--cc=akpm@linux-foundation.org \
--cc=aryabinin@virtuozzo.com \
--cc=dvyukov@google.com \
--cc=gang.chen.5i5j@gmail.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).