Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp4475113pxb; Tue, 5 Oct 2021 04:01:51 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx2kK340jnrKhDG0+Sh0xtVbBTaU2yiaiiRe0E25V4iT8s6cQqwSZIYx7BQFBD7CmuGx8Nk X-Received: by 2002:a17:906:2a8f:: with SMTP id l15mr14589626eje.156.1633431708566; Tue, 05 Oct 2021 04:01:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633431708; cv=none; d=google.com; s=arc-20160816; b=lfTxzNnu0Rk0t3jIZXIg+NWq8K/w3nPGUqNxTcgPJdpAnWy3KxbCOAC7bEAeXnUz8w ibhpvfXriny/uOiy175/Ow2hAWYp60WXba9eKHvyUwJ+7iCE1b90fsLsimbcCOBs8Pk6 5bhItiRm919zznSqHXbP2u5FdbSF7sk4orbXSVqpIbaxbFClN4dcIJ3gafpz9FfKuexC ZJ8UOeQl1STdnlPgeg4dudBJ8o/4SZ6E24sEPMGTYZ1ze3kbGO+N8Dng9mFVXH9kFUTI qGtPUas26ueOwyagPVmsJzNSlzignkhPEQniUyAvfHpL0jTbcWLvk9rWAErTnUjz8n11 KDRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date :dkim-signature; bh=7p97hglZNgfpwLYScP5gJSznCljkQgJf1oM6gC4sW1s=; b=WsuyZGOjumckYV46wvkFxwexSr0BeyCInDPdQuzGGXavnIGUpd4rAiuZr+6uiw7JSq X4N61EhdxFyPsHSdNZml3hk1AeMd7Ojec4yICekWy4n6BoB0W8NCEj8DGa1AZxmTsD1r ONpYQY81LBjEzPEZdCJLY6sTksTYpQ+bX1TBiKDLA9fc4EwupHCcuKVvEJEeNF1wffLi V1GVfLq/yzgID1ruuywjkagu+d1dcvowEhwS9KDOeNY0tkgdQcwo2pQvsH0RyoGLy6U1 wsdfP9B6blNdNZW7it9O4PbvoYydlAx+w6jloEdjb0u33K0ug/s3ZXX0bj6sZBHMrPVb ODHw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="C+l/ThvU"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m16si4171867edv.312.2021.10.05.04.01.17; Tue, 05 Oct 2021 04:01:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="C+l/ThvU"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234160AbhJELBg (ORCPT + 99 others); Tue, 5 Oct 2021 07:01:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234145AbhJELBf (ORCPT ); Tue, 5 Oct 2021 07:01:35 -0400 Received: from mail-qv1-xf4a.google.com (mail-qv1-xf4a.google.com [IPv6:2607:f8b0:4864:20::f4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 36B37C061749 for ; Tue, 5 Oct 2021 03:59:44 -0700 (PDT) Received: by mail-qv1-xf4a.google.com with SMTP id kj19-20020a056214529300b00382b3cb8ec5so10289686qvb.20 for ; Tue, 05 Oct 2021 03:59:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=7p97hglZNgfpwLYScP5gJSznCljkQgJf1oM6gC4sW1s=; b=C+l/ThvUROjSZj3WgNiRhFh/iKAes2tpTY59M3jBlJt1rMc1JuzxrSzdI6yfw+nSvX 9/DIymhhEHv/WEyxbhbWp6jAdLJwcYr6ebOxFD9ffGEfKQWVutaM1kKYoOxqAzFCo0m+ VUsJRx7fleGCq8czAZUq6m0rK4IcO2dl8DywRC2ZJOZtnaO/c5xvwp9pWEUmYYnfUWzD FTTrc8Np3ydXHObUwkrfxJDiJJK+oiVGXZhfP6huEaYO4eQnq0TTxJzBq51kvUjk3wyU AySN++yGjmq9dU838IWIdR+/E4kZSER9GqWlZzIDjO5G+k7pCP9aFNXp6pUC3NkimQ2D lY+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=7p97hglZNgfpwLYScP5gJSznCljkQgJf1oM6gC4sW1s=; b=zQ9owbeTh64T79bwexg6Eiq3S5Skv0IiQYYH0PdLrTUEoW2lYkl1Tpq6cEbVSIIqsI zB5yWh5nrwXRm2/kmkNrd75wmxZ+JRgrCZ9xkxGCJts65RtRnVNgLnK2GeaUf0ciGeSP N0lGCp0OZnSDDRrGTsII21pWGpRCaRLIMAUh/wBQ6pVemz/CuvjuLncGlWKUQmKs05bT v8D6XnWxE6uzYQgHBH9z8cRsl9EI/wx/hatPcIha/INXg6ubUGHyL6U5oaXzCBGRCOUR MOe6Z9Qet6HdIo1SN7A/rO5mBLxXvu015lbhLuz9P0T/VC93Nzy5Wc1OCZQ1n3Ugjda3 lAVw== X-Gm-Message-State: AOAM530H6PzD14AsKXYAuNKpnAyAkTsYCn/ast57Ince6XuOxjQiirhC 8jIwhLD/N74wJTuZy5PjmvfMwCuylQ== X-Received: from elver.muc.corp.google.com ([2a00:79e0:15:13:e44f:5054:55f8:fcb8]) (user=elver job=sendgmr) by 2002:a0c:aa15:: with SMTP id d21mr26637930qvb.18.1633431583153; Tue, 05 Oct 2021 03:59:43 -0700 (PDT) Date: Tue, 5 Oct 2021 12:58:42 +0200 Message-Id: <20211005105905.1994700-1-elver@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.33.0.800.g4c38ced690-goog Subject: [PATCH -rcu/kcsan 00/23] kcsan: Support detecting a subset of missing memory barriers From: Marco Elver To: elver@google.com, "Paul E . McKenney" Cc: Alexander Potapenko , Boqun Feng , Borislav Petkov , Dmitry Vyukov , Ingo Molnar , Josh Poimboeuf , Mark Rutland , Peter Zijlstra , Thomas Gleixner , Waiman Long , Will Deacon , kasan-dev@googlegroups.com, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, x86@kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Detection of some missing memory barriers has been on the KCSAN feature wishlist for some time: this series adds support for modeling a subset of weak memory as defined by the LKMM, which enables detection of a subset of data races due to missing memory barriers. KCSAN's approach to detecting missing memory barriers is based on modeling access reordering. Each memory access for which a watchpoint is set up, is also selected for simulated reordering within the scope of its function (at most 1 in-flight access). We are limited to modeling the effects of "buffering" (delaying the access), since the runtime cannot "prefetch" accesses. Once an access has been selected for reordering, it is checked along every other access until the end of the function scope. If an appropriate memory barrier is encountered, the access will no longer be considered for reordering. When the result of a memory operation should be ordered by a barrier, KCSAN can then detect data races where the conflict only occurs as a result of a missing barrier due to reordering accesses. Some more details and an example are captured in the updated . Some light fuzzing with the feature also resulted in a discussion [1] around an issue which appears to be allowed, but unlikely in practice. [1] https://lkml.kernel.org/r/YRo58c+JGOvec7tc@elver.google.com The first half of the series are core KCSAN changes, documentation updates, and test changes. The second half adds instrumentation to barriers, atomics, bitops, along with enabling barrier instrumentation for some currently uninstrumented subsystems. The last two patches are objtool changes to add the usual entries to the uaccess whitelist, but also instruct objtool to remove memory barrier instrumentation from noinstr code (on x86). The series is rebased on -rcu/kcsan. The objtool patches currently conflict with pending changes in -tip/objtool/core, which could be separated from this series if needed. Marco Elver (23): kcsan: Refactor reading of instrumented memory kcsan: Remove redundant zero-initialization of globals kcsan: Avoid checking scoped accesses from nested contexts kcsan: Add core support for a subset of weak memory modeling kcsan: Add core memory barrier instrumentation functions kcsan, kbuild: Add option for barrier instrumentation only kcsan: Call scoped accesses reordered in reports kcsan: Show location access was reordered to kcsan: Document modeling of weak memory kcsan: test: Match reordered or normal accesses kcsan: test: Add test cases for memory barrier instrumentation kcsan: Ignore GCC 11+ warnings about TSan runtime support kcsan: selftest: Add test case to check memory barrier instrumentation locking/barriers, kcsan: Add instrumentation for barriers locking/barriers, kcsan: Support generic instrumentation locking/atomics, kcsan: Add instrumentation for barriers asm-generic/bitops, kcsan: Add instrumentation for barriers x86/barriers, kcsan: Use generic instrumentation for non-smp barriers x86/qspinlock, kcsan: Instrument barrier of pv_queued_spin_unlock() mm, kcsan: Enable barrier instrumentation sched, kcsan: Enable memory barrier instrumentation objtool, kcsan: Add memory barrier instrumentation to whitelist objtool, kcsan: Remove memory barrier instrumentation from noinstr Documentation/dev-tools/kcsan.rst | 72 ++- arch/x86/include/asm/barrier.h | 10 +- arch/x86/include/asm/qspinlock.h | 1 + include/asm-generic/barrier.h | 54 ++- .../asm-generic/bitops/instrumented-atomic.h | 3 + .../asm-generic/bitops/instrumented-lock.h | 3 + include/linux/atomic/atomic-instrumented.h | 135 +++++- include/linux/kcsan-checks.h | 51 ++- include/linux/kcsan.h | 11 +- include/linux/sched.h | 3 + include/linux/spinlock.h | 2 +- init/init_task.c | 9 +- kernel/kcsan/Makefile | 2 + kernel/kcsan/core.c | 326 +++++++++++--- kernel/kcsan/kcsan_test.c | 416 ++++++++++++++++-- kernel/kcsan/report.c | 51 ++- kernel/kcsan/selftest.c | 141 ++++++ kernel/sched/Makefile | 7 +- lib/Kconfig.kcsan | 16 + mm/Makefile | 2 + scripts/Makefile.kcsan | 15 +- scripts/Makefile.lib | 5 + scripts/atomic/gen-atomic-instrumented.sh | 41 +- tools/objtool/check.c | 36 +- 24 files changed, 1240 insertions(+), 172 deletions(-) -- 2.33.0.800.g4c38ced690-goog