linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Daniel Axtens <dja@axtens.net>
To: Marco Elver <elver@google.com>,
	kasan-dev <kasan-dev@googlegroups.com>,
	LKML <linux-kernel@vger.kernel.org>
Cc: Dmitry Vyukov <dvyukov@google.com>,
	Andrey Konovalov <andreyknvl@google.com>,
	Alexander Potapenko <glider@google.com>,
	paulmck@linux.ibm.com, Paul Turner <pjt@google.com>,
	Anatol Pomazau <anatol@google.com>,
	Will Deacon <willdeacon@google.com>,
	Andrea Parri <parri.andrea@gmail.com>,
	stern@rowland.harvard.edu, akiyks@gmail.com, npiggin@gmail.com,
	boqun.feng@gmail.com, dlustig@nvidia.com, j.alglave@ucl.ac.uk,
	luc.maranget@inria.fr
Subject: Re: Kernel Concurrency Sanitizer (KCSAN)
Date: Wed, 02 Oct 2019 00:50:03 +1000	[thread overview]
Message-ID: <8736gc4j1g.fsf@dja-thinkpad.axtens.net> (raw)
In-Reply-To: <CANpmjNPJ_bHjfLZCAPV23AXFfiPiyXXqqu72n6TgWzb2Gnu1eA@mail.gmail.com>

Hi Marco,

> We would like to share a new data-race detector for the Linux kernel:
> Kernel Concurrency Sanitizer (KCSAN) --
> https://github.com/google/ktsan/wiki/KCSAN  (Details:
> https://github.com/google/ktsan/blob/kcsan/Documentation/dev-tools/kcsan.rst)

This builds and begins to boot on powerpc, which is fantastic.

I'm seeing a lot of reports for locks are changed while being watched by
kcsan, so many that it floods the console and stalls the boot.

I think, if I've understood correctly, that this is because powerpc
doesn't use the queued lock implementation for its spinlock but rather
its own assembler locking code. This means the writes aren't
instrumented by the compiler, while some reads are. (see
__arch_spin_trylock in e.g. arch/powerpc/include/asm/spinlock.h)

Would the correct way to deal with this be for the powerpc code to call
out to __tsan_readN/__tsan_writeN before invoking the assembler that
reads and writes the lock?

Regards,
Daniel


[   24.612864] ==================================================================
[   24.614188] BUG: KCSAN: racing read in __spin_yield+0xa8/0x180
[   24.614669] 
[   24.614799] race at unknown origin, with read to 0xc00000003fff9d00 of 4 bytes by task 449 on cpu 11:
[   24.616024]  __spin_yield+0xa8/0x180
[   24.616377]  _raw_spin_lock_irqsave+0x1a8/0x1b0
[   24.616850]  release_pages+0x3a0/0x880
[   24.617203]  free_pages_and_swap_cache+0x13c/0x220
[   24.622548]  tlb_flush_mmu+0x210/0x2f0
[   24.622979]  tlb_finish_mmu+0x12c/0x240
[   24.623286]  exit_mmap+0x138/0x2c0
[   24.623779]  mmput+0xe0/0x330
[   24.624504]  do_exit+0x65c/0x1050
[   24.624835]  do_group_exit+0xb4/0x210
[   24.625458]  __wake_up_parent+0x0/0x80
[   24.625985]  system_call+0x5c/0x70
[   24.626415] 
[   24.626651] Reported by Kernel Concurrency Sanitizer on:
[   24.628329] CPU: 11 PID: 449 Comm: systemd-bless-b Not tainted 5.3.0-00007-gad29ff6c190d-dirty #9
[   24.629508] ==================================================================

[   24.672860] ==================================================================
[   24.675901] BUG: KCSAN: data-race in _raw_spin_lock_irqsave+0x13c/0x1b0 and _raw_spin_unlock_irqrestore+0x94/0x100
[   24.680847] 
[   24.682743] write to 0xc0000001ffeefe00 of 4 bytes by task 455 on cpu 5:
[   24.683402]  _raw_spin_unlock_irqrestore+0x94/0x100
[   24.684593]  release_pages+0x250/0x880
[   24.685148]  free_pages_and_swap_cache+0x13c/0x220
[   24.686068]  tlb_flush_mmu+0x210/0x2f0
[   24.690190]  tlb_finish_mmu+0x12c/0x240
[   24.691082]  exit_mmap+0x138/0x2c0
[   24.693216]  mmput+0xe0/0x330
[   24.693597]  do_exit+0x65c/0x1050
[   24.694170]  do_group_exit+0xb4/0x210
[   24.694658]  __wake_up_parent+0x0/0x80
[   24.696230]  system_call+0x5c/0x70
[   24.700414] 
[   24.712991] read to 0xc0000001ffeefe00 of 4 bytes by task 454 on cpu 20:
[   24.714419]  _raw_spin_lock_irqsave+0x13c/0x1b0
[   24.715018]  pagevec_lru_move_fn+0xfc/0x1d0
[   24.715527]  __lru_cache_add+0x124/0x1a0
[   24.716072]  lru_cache_add+0x30/0x50
[   24.716411]  add_to_page_cache_lru+0x134/0x250
[   24.717938]  mpage_readpages+0x220/0x3f0
[   24.719737]  blkdev_readpages+0x50/0x80
[   24.721891]  read_pages+0xb4/0x340
[   24.722834]  __do_page_cache_readahead+0x318/0x350
[   24.723290]  force_page_cache_readahead+0x150/0x280
[   24.724391]  page_cache_sync_readahead+0xe4/0x110
[   24.725087]  generic_file_buffered_read+0xa20/0xdf0
[   24.727003]  generic_file_read_iter+0x220/0x310
[   24.728906] 
[   24.730044] Reported by Kernel Concurrency Sanitizer on:
[   24.732185] CPU: 20 PID: 454 Comm: systemd-gpt-aut Not tainted 5.3.0-00007-gad29ff6c190d-dirty #9
[   24.734317] ==================================================================


>
> Thanks,
> -- Marco

  parent reply	other threads:[~2019-10-01 14:50 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-20 14:18 Kernel Concurrency Sanitizer (KCSAN) Marco Elver
2019-09-20 15:54 ` Will Deacon
2019-09-20 17:50   ` Marco Elver
2019-09-23  4:31   ` Boqun Feng
2019-09-23  8:21     ` Dmitry Vyukov
2019-09-23  8:54       ` Boqun Feng
2019-09-23  8:59         ` Dmitry Vyukov
2019-09-23 11:01           ` Marco Elver
2019-09-23 12:32             ` Boqun Feng
2019-10-05  0:58   ` Eric Dumazet
2019-10-05  4:16     ` Dmitry Vyukov
2019-10-09  7:45       ` Dmitry Vyukov
2019-10-09 16:39         ` Eric Dumazet
2019-10-09 20:17         ` Andrea Parri
2019-09-20 16:31 ` Mark Rutland
2019-09-20 16:46   ` Dmitry Vyukov
2019-09-20 17:51     ` Marco Elver
2019-10-03 16:12       ` Mark Rutland
2019-10-03 19:27         ` Marco Elver
2019-10-01 14:50 ` Daniel Axtens [this message]
2019-10-02 19:42   ` Marco Elver
2019-10-11  3:45     ` Daniel Axtens
2019-10-01 21:19 ` Joel Fernandes
2019-10-02 19:51   ` Marco Elver
2019-10-03 13:13     ` Dmitry Vyukov
2019-10-03 16:00       ` Dmitry Vyukov
2019-10-03 19:39         ` Christian Brauner
2019-10-04 16:48     ` Joel Fernandes
2019-10-04 16:52       ` Dmitry Vyukov
2019-10-04 16:57         ` Joel Fernandes
2019-10-04 17:01           ` Dmitry Vyukov
2019-10-04 18:08             ` Joel Fernandes
2019-10-04 18:28               ` Dmitry Vyukov
     [not found] ` <CADyx2V6j+do+CmmSYEUr0iP7TUWD7xHLP2ZJPrqB1Y+QEAwzhw@mail.gmail.com>
2019-12-12 20:53   ` Marco Elver

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8736gc4j1g.fsf@dja-thinkpad.axtens.net \
    --to=dja@axtens.net \
    --cc=akiyks@gmail.com \
    --cc=anatol@google.com \
    --cc=andreyknvl@google.com \
    --cc=boqun.feng@gmail.com \
    --cc=dlustig@nvidia.com \
    --cc=dvyukov@google.com \
    --cc=elver@google.com \
    --cc=glider@google.com \
    --cc=j.alglave@ucl.ac.uk \
    --cc=kasan-dev@googlegroups.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luc.maranget@inria.fr \
    --cc=npiggin@gmail.com \
    --cc=parri.andrea@gmail.com \
    --cc=paulmck@linux.ibm.com \
    --cc=pjt@google.com \
    --cc=stern@rowland.harvard.edu \
    --cc=willdeacon@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).