Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp45457ybl; Thu, 12 Dec 2019 13:46:27 -0800 (PST) X-Google-Smtp-Source: APXvYqzlSsS4Y5uFgf32DwuCB/xZU8EOI1EmmXaH/Fdimc2bxd64suWTGEi+EP7+LLf00uftF86L X-Received: by 2002:a9d:3b09:: with SMTP id z9mr10794463otb.195.1576187187116; Thu, 12 Dec 2019 13:46:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576187187; cv=none; d=google.com; s=arc-20160816; b=uNwvrS5O7y1ZvWFX5r34bbsox46/HmWwDSsDiYvzu4URwdk1crxB4mJzgEYD+JyY47 3EMTALSiYw19quE6WDS97bDAnPyiJERVYX9tZacyYxu60mHC6ezoE3U7MXF0PqWIWTeJ jYbQTxfM7K46wDNssRbVnLV0w1tSk6i+CS/Md99uNAy4QHCCqyI6q5NytKJCPTwVxdg9 ZyYaxKYyR2sqiM1CXTsh+3RjkhMUAqEgnhqByCtrFfBFnkqLgl2E9lqQxoarwWDiuH5s 2LFj4y7hD7OATXRDxB2Bwd/od3v93MkHHrONnif3pDBzM4DRgpZjjUkPpjiSZlKX30ms Yy7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=q/kJv8AZtrQ1tJoTlAjQBJyNXaZYs14RTc7efEcCC3c=; b=zVyxbtqJ6kUDfWOReodVRq3lIGfHGCc2pJth7Jc42Mq1Reh1uQX00v350PeKKJLzsn G4jYtWYBXT3kaLL5ZaAEalUOOuq3ONZrH/+9egoP+BUmRr+BWxx71RcPT1pSbjf64iZX bw6NmMzK8vULwwe0ovzj1EX8n7OiIyZI1SRy03xW3Whd0/bAzIshWCHRTeeT7mfWG0jb uYjUKG7ZN10GDh7hS8BnI+Vn5p/b2+Ctd400RmMccKYI8xyHpEHnUgizgKHdLoIBfBiE ARwuhTWYt54Dbu2UExxqNAfpOa/LTeeftTgn9eEn4vKIcjQ1s3JrlOUpjbTWWYK5IF/6 V8dw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=CXoo+nHL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y130si4047014oiy.28.2019.12.12.13.46.14; Thu, 12 Dec 2019 13:46:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=CXoo+nHL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730934AbfLLUxn (ORCPT + 99 others); Thu, 12 Dec 2019 15:53:43 -0500 Received: from mail-oi1-f195.google.com ([209.85.167.195]:33477 "EHLO mail-oi1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730894AbfLLUxm (ORCPT ); Thu, 12 Dec 2019 15:53:42 -0500 Received: by mail-oi1-f195.google.com with SMTP id v140so218140oie.0 for ; Thu, 12 Dec 2019 12:53:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=q/kJv8AZtrQ1tJoTlAjQBJyNXaZYs14RTc7efEcCC3c=; b=CXoo+nHLTQb5saMEEZxOIXV69+PypiZhz14dMoSY3hEM8jydZwc0lVnHGgp1KmRWCm x9Zt1OeDWdpIagyI8VNBztutYR3xYV3nRsPDv5IpbgPHULq5tj9C1d4+P49+dlDwL9kj V+YcJ5lnN/rVoK5Wquw6sHWYyTAW4Q6Ny35Tubwvs8ZrVRdovAoR8QYWs0nn1YyJhth2 EC2w/nWqEo05KLJ5hCjRm/tUA+ivg7BfizrWMAhaKrtZjU/n8caKyIPASx9370KwhGNj GD3fA1e6nq01vUdftzjztPKNtanlqb0k39IIK9QTbpI2eSPrJ05SrMBQFYcVlHH+s06g hgqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=q/kJv8AZtrQ1tJoTlAjQBJyNXaZYs14RTc7efEcCC3c=; b=qesQW39Fa7jn8+XtN08ckUJAswGRt4/LiiuCxreR06B6mTITSCueWo5RZ9OREjmBoE kAH1dbL/MieU1Cg29bYNdyJFymbl4z3d0zsQBl1LuNfs/7SrpJKUMxIEfWczuX17Dcsk dbpBxy2auXDv6RxTMTuazfiEYbvhvoeafy2dH+YUmTocuBlu/nfO1HhYtQqkBmV6qsF8 X3wwtI6/WWrnKI9Wdqt4+t3r3leV/eiIeBarK63ygLAdlKc2SBoXQiHXLkAbio2MQTmv A3nXL8OIokhQMYkKNKdpmt/t5AmZ6FBbciwJ46/7bpVCiBNb5iI+8QOL+brsxGoJdNFm cpng== X-Gm-Message-State: APjAAAV1O9bKoZBaOnbVvcu9jHWRATkUZqw4DOIny1MI+3j33W9Yf8r/ NOVTvOrFmmBXdCp1IzX5FGv+GFYs3HQQyvMqBfXU4tmnQtoqDg== X-Received: by 2002:a05:6808:8d5:: with SMTP id k21mr6465600oij.121.1576184020952; Thu, 12 Dec 2019 12:53:40 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Marco Elver Date: Thu, 12 Dec 2019 21:53:29 +0100 Message-ID: Subject: Re: Kernel Concurrency Sanitizer (KCSAN) To: Walter Cc: kasan-dev , LKML , Dmitry Vyukov , Andrey Konovalov , Alexander Potapenko , "Paul E. McKenney" , Paul Turner , Daniel Axtens , Anatol Pomazau , Will Deacon , Andrea Parri , Alan Stern , LKMM Maintainers -- Akira Yokosawa , Nicholas Piggin , Boqun Feng , Daniel Lustig , Jade Alglave , Luc Maranget Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 12 Dec 2019 at 10:57, Walter wrote: > > Hi Marco, > > Data racing issues always bothers us, we are happy to use this debug tool to > detect the root cause. So, we need to understand this tool implementation, > we try to trace your code and have some questions, would you take the free time > to answer the question. > Thanks. > > Question: > We assume they access the same variable when use read() and write() > Below two Scenario are false negative? > > === > Scenario 1: > > CPU 0: CPU 1: > tsan_read() tsan_write() > check_access() check_access() > watchpoint=find_watchpoint() // watchpoint=NULL watchpoint=find_watchpoint() // watchpoint=NULL > kcsan_setup_watchpoint() kcsan_setup_watchpoint() > watchpoint = insert_watchpoint watchpoint = insert_watchpoint Assumption: have more than 1 free slot for the address, otherwise impossible that both set up a watchpoint. > if (!remove_watchpoint(watchpoint)) // no enter, no report if (!remove_watchpoint(watchpoint)) // no enter, no report Correct. > === > Scenario 2: > > CPU 0: CPU 1: > tsan_read() > check_access() > watchpoint=find_watchpoint() // watchpoint=NULL > kcsan_setup_watchpoint() > watchpoint = insert_watchpoint() > > tsan_read() tsan_write() > check_access() check_access() > find_watchpoint() > if(expect_write && !is_write) > continue > return NULL > kcsan_setup_watchpoint() > watchpoint = insert_watchpoint() > remove_watchpoint(watchpoint) > watchpoint = INVALID_WATCHPOINT > watchpoint = find_watchpoint() > kcsan_found_watchpoint() This is a bit incorrect, because if atomically setting watchpoint to INVALID_WATCHPOINT happened before concurrent find_watchpoint(), find_watchpoint will not return anything, thus not entering kcsan_found_watchpoint. If find_watchpoint happened before setting watchpoint to INVALID_WATCHPOINT, the rest of the trace matches. Either way, no reporting will happen. > consumed = try_consume_watchpoint() // consumed=false, no report Correct again, no reporting would happen. While running, have a look at /sys/kernel/debug/kcsan and look at the 'report_races' counter; that counter tells you how often this case actually occurred. In all our testing with the default config, this case is extremely rare. As it says on the tin, KCSAN is a *sampling watchpoint* based data race detector so all the above are expected. If you want to tweak KCSAN's config to be more aggressive, there are various options available. The most important ones: * KCSAN_UDELAY_{TASK,INTERRUPT} -- Watchpoint delay in microseconds for tasks and interrupts respectively. [Increasing this will make KCSAN more aggressive.] * KCSAN_SKIP_WATCH -- Skip instructions before setting up watchpoint. [Decreasing this will make KCSAN more aggressive.] Note, however, that making KCSAN more aggressive also implies a noticeable performance hit. Also, please find the latest version here: https://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git/log/?h=kcsan -- there have been a number of changes since the initial version from September/October. Thanks, -- Marco