Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp397871rdh; Thu, 23 Nov 2023 06:59:49 -0800 (PST) X-Google-Smtp-Source: AGHT+IGBtDzTmKI5P0IoU5fsVnlaRKN5mm/vc1+F6OEwwMYBaSPdpNz8WKLZ8RjrPDf1YVrYjpwW X-Received: by 2002:a17:902:e5c6:b0:1cf:662b:44f9 with SMTP id u6-20020a170902e5c600b001cf662b44f9mr6057580plf.69.1700751588993; Thu, 23 Nov 2023 06:59:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700751588; cv=none; d=google.com; s=arc-20160816; b=iCGRKrXYIMcv38qlTh/9h4SCcvEuEHK1bsTXpEnWrKx/02DnvzIdE/kIFk9k9iips4 iL190vwKaR4aaYoP1V5QjcC6MKu8VpErXqlVEFhDYXELXQIseqyr65YwRKn3sWUrL8ff /fxbrWNGqPtrHp73Zrp+vcc6SOTb+3tS7TH4wUwJwSfnrsTdx3K4MS3kFJR1ku0unWaj bPNITQPFIL5GDCNPle42WHr/yNvroVldPCS+lLdAoTAXRF3yAIou8whfj2T1ow251s+w vUL2MhKkcq6dQ4MTZ2srSitFIb+vwshzASic0QtAVAJCvOwa7FkPIqx42/n9nEWp2xx1 W0kg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=rjsWntyf3ek48ZMQ86Tl47VHUhxQBToAw1VMl26tGwI=; fh=59se6nJDtcYex47OgSMudN5QgKzTg3RchHUAyP7P6Yk=; b=B850oVn6q6cQIbJb8qrluvdiwHdyceg2+qy9MXSdG8ki2mMnq0GI1n3ZFIQxbtS2zo Hnh5LaZ10JtQTDFEWmAsSGZaAYVAkW48cIHLLe7URU1oWLPzMBnlaWfBevrMp7a6/13E 1qklXHrVAQGHoTtV7aPstqm4sG1oBsimCX94W0QrTw5n6KRdc9ziwlDnKH+vl1kQ+Nj1 ivyN+lgj9XJjAFXXxy4m07OMVcRvxsh2D4RNVHdi+88EiS9Itgm8AhWXrfq8C+AgxqKD yF8ORLLfX0BRV1Peo6T6XyFap21KJ8CzeEemaq9I+HbKMaTnBH63JDrfSwfE3lXtX3Ed rwgw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=ypfUEMC1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id u7-20020a17090341c700b001c73626a1ffsi1325267ple.412.2023.11.23.06.59.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 Nov 2023 06:59:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=ypfUEMC1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id BFE1D81EBE97; Thu, 23 Nov 2023 06:59:45 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229532AbjKWO71 (ORCPT + 99 others); Thu, 23 Nov 2023 09:59:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52510 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229462AbjKWO70 (ORCPT ); Thu, 23 Nov 2023 09:59:26 -0500 Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C254D44 for ; Thu, 23 Nov 2023 06:59:32 -0800 (PST) Received: by mail-lf1-x133.google.com with SMTP id 2adb3069b0e04-50aa698b384so3620e87.0 for ; Thu, 23 Nov 2023 06:59:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1700751570; x=1701356370; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=rjsWntyf3ek48ZMQ86Tl47VHUhxQBToAw1VMl26tGwI=; b=ypfUEMC1zhDbP8TPD+o/xxlQVco6ux0itqjb/6qbuuj+MLiwJJQHHiaSYOn8c9jnBj GLVjNVIYwWMPCby4k/rffYQAr6Gk61jcY15KNhZU3b7lvNwnA6x7GGGDflxtqNJKv/dt iKLaQGL5PumCedxR4gACm+G3Vy1Ypr+cFlKscGHYkfcdn6ZSD46GY1MELmN2QAKtKIRC o1rCfvFtOIFURduE0ulPvD+OYP5YEghn91pvOST8bC85fOII/L/2fGfjZEeBgdAUw1ay vtmKxr9JNKO1meE3Q6moNJ4NLK2D408XpEcGSIPYYeuZyvnY0SAiU9MLrdRlmoD5LQfd SrqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700751570; x=1701356370; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rjsWntyf3ek48ZMQ86Tl47VHUhxQBToAw1VMl26tGwI=; b=vZpnPFlGNcyHCU5Kuso84+9NyQlvS3TV8Yox24Qnw5iSmIZS5XqbC0E/pmjZa+n10n j8uqxx41xR90rKnUg81HzZxx2V9quUpxh0OE9pf7dHikKbtGINgOUKOVRPpRYcLwm/xs YjRK5FdNcr2HDN8DNTeIm9SyPduQzF8fsR01NDiFvAdhK5qHZ/ZXBqDVMGFGcmoJLMIq FuFq0FEIjFdeoRm1j38ucl63rzpp1NJ+lCEZpZMCUVI6ltlHufJstdIJ3fKVrBXT9TcZ r+0iyB0y51NHHM4T5GU+O6eGRI3VTVyH4UTXsuS45XSy8GNldA1U3tmV+vqTuqTaEo+e YqbA== X-Gm-Message-State: AOJu0YwCz9RKAbgqstFVz/rxDKmniadYpUYlXnLeWwu6CoyNL7CFyB+A bN469Rdk5tE5+PzdtbZwo7y61nVYVT+K81jSg5Yo7A== X-Received: by 2002:a19:ad43:0:b0:504:7b50:ec9a with SMTP id s3-20020a19ad43000000b005047b50ec9amr144412lfd.1.1700751569826; Thu, 23 Nov 2023 06:59:29 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Dmitry Vyukov Date: Thu, 23 Nov 2023 15:59:17 +0100 Message-ID: Subject: Re: [RFC PATCH] kasan: Record and report more information To: Juntong Deng , Marco Elver Cc: ryabinin.a.a@gmail.com, glider@google.com, andreyknvl@gmail.com, vincenzo.frascino@arm.com, akpm@linux-foundation.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kernel-mentees@lists.linuxfoundation.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 23 Nov 2023 06:59:45 -0800 (PST) On Thu, 23 Nov 2023 at 11:06, Juntong Deng wrote: > > On 2023/11/20 19:06, Dmitry Vyukov wrote: > > On Wed, 15 Nov 2023 at 22:53, Juntong Deng wrote: > >> > >> On 2023/11/14 15:27, Dmitry Vyukov wrote: > >>> On Mon, 13 Nov 2023 at 22:17, Juntong Deng wrote: > >>>> > >>>> Record and report more information to help us find the cause of > >>>> the bug (for example, bugs caused by subtle race condition). > >>>> > >>>> This patch adds recording and showing CPU number and timestamp at > >>>> allocation and free (controlled by CONFIG_KASAN_EXTRA_INFO), and > >>>> adds recording and showing timestamp at error occurrence (CPU number > >>>> is already shown by dump_stack_lvl). The timestamps in the report use > >>>> the same format and source as printk. > >>>> > >>>> In order to record CPU number and timestamp at allocation and free, > >>>> corresponding members need to be added to the relevant data structures, > >>>> which may lead to increased memory consumption. > >>>> > >>>> In Generic KASAN, members are added to struct kasan_track. Since in > >>>> most cases, alloc meta is stored in the redzone and free meta is > >>>> stored in the object or the redzone, memory consumption will not > >>>> increase much. > >>>> > >>>> In SW_TAGS KASAN and HW_TAGS KASAN, members are added to > >>>> struct kasan_stack_ring_entry. Memory consumption increases as the > >>>> size of struct kasan_stack_ring_entry increases (this part of the > >>>> memory is allocated by memblock), but since this is configurable, > >>>> it is up to the user to choose. > >>>> > >>>> Signed-off-by: Juntong Deng > >>>> --- > >>>> lib/Kconfig.kasan | 11 +++++++++++ > >>>> mm/kasan/common.c | 5 +++++ > >>>> mm/kasan/kasan.h | 9 +++++++++ > >>>> mm/kasan/report.c | 28 ++++++++++++++++++++++------ > >>>> mm/kasan/report_tags.c | 18 ++++++++++++++++++ > >>>> mm/kasan/tags.c | 15 +++++++++++++++ > >>>> 6 files changed, 80 insertions(+), 6 deletions(-) > >>>> > >>>> diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan > >>>> index fdca89c05745..d9611564b339 100644 > >>>> --- a/lib/Kconfig.kasan > >>>> +++ b/lib/Kconfig.kasan > >>>> @@ -207,4 +207,15 @@ config KASAN_MODULE_TEST > >>>> A part of the KASAN test suite that is not integrated with KUnit. > >>>> Incompatible with Hardware Tag-Based KASAN. > >>>> > >>>> +config KASAN_EXTRA_INFO > >>>> + bool "Record and report more information" > >>>> + depends on KASAN > >>>> + help > >>>> + Record and report more information to help us find the cause of > >>>> + the bug. The trade-off is potentially increased memory consumption > >>>> + (to record more information). > >>>> + > >>>> + Currently the CPU number and timestamp are additionally recorded > >>>> + at allocation and free. > >>> > >>> Hi Juntong, > >>> > >>> Thanks for working on this. > >>> > >> > >> > >> Thanks for your reply! > >> > >> > >>> As a KASAN developer I understand what this is doing, but I am trying > >>> to think from a position of a user that does not know details of KASAN > >>> implementation. From this position it may be useful to say somewhere > >>> that information is recorded "per heap allocation". Perhaps something > >>> like: > >>> > >>> "Currently the CPU number and timestamp are additionally recorded for > >>> each heap block at allocation and free time". > >> > >> > >> Yes, I agree, that is a better expression. > >> > >> > >>> > >>> Also it's unclear what the memory consumption increase is. You say > >>> "potentially|, so may it not increase at all? If it increases, by how > >>> much? I obviously want more information, if I can afford it, but I > >>> can't understand if I can or not based on this description. I would > >>> assume that this may be a problem only for small/embedded devices. > >>> Can we provide some ballpark estimation of the memory consumption > >>> increase? And somehow say that's probably not an issue for larger > >>> machines? > >>> > >> > >> > >> How about this expression? > >> > >> Currently, in order to record CPU number and timestamp, the data > >> structure to record allocation and free information will increase > >> by 12 bytes. > >> > >> In Generic KASAN, this affects all allocations less than 32 bytes. > >> In SW_TAGS KASAN and HW_TAGS KASAN, depending on the stack_ring_size > >> boot parameter increases the memory consumption by > >> 12 * stack_ring_size bytes. > > > > Let's go with this version. > > > > > >>>> endif # KASAN > >>>> diff --git a/mm/kasan/common.c b/mm/kasan/common.c > >>>> index 256930da578a..7a81566d9d66 100644 > >>>> --- a/mm/kasan/common.c > >>>> +++ b/mm/kasan/common.c > >>>> @@ -20,6 +20,7 @@ > >>>> #include > >>>> #include > >>>> #include > >>>> +#include > >>>> #include > >>>> #include > >>>> #include > >>>> @@ -50,6 +51,10 @@ void kasan_set_track(struct kasan_track *track, gfp_t flags) > >>>> { > >>>> track->pid = current->pid; > >>>> track->stack = kasan_save_stack(flags, true); > >>>> +#ifdef CONFIG_KASAN_EXTRA_INFO > >>>> + track->cpu = raw_smp_processor_id(); > >>>> + track->ts_nsec = local_clock(); > >>> > >>> What does "local_" mean? Is this clock value comparable across CPUs? > >>> > >> > >> > >> No, local_clock is the local CPU clock and cannot be used for comparison > >> across CPUs, I made a mistake here. > >> > >> I delved into the clock subsystem of the Linux kernel today and I found > >> that we have two choices. > >> > >> - sched_clock(): based on jiffies, high performance, but on some > >> hardware, it will drift between CPUs. > >> > >> - ktime_get_boot_fast_ns(): based on clocksource, highly accurate, > >> can be compared between CPUs, but performance is worse (seqlock). > >> > >> I tested 100000 calls respectively on my laptop, the average of > >> sched_clock() is 17ns and the average of ktime_get_boot_fast_ns() > >> is 25ns. > >> > >> ktime_get_boot_fast_ns() takes about 1.5 times as long as sched_clock(). > >> > >> With Generic KASAN enabled, the average of one memory allocation is > >> 3512ns on my laptop. > >> > >> Personally, I prefer ktime_get_boot_fast_ns() because it is more > >> accurate and the extra time is insignificant for the time required for > >> one memory allocation with Generic KASAN enabled. > >> > >> But maybe using ktime_get_boot_fast_ns() would have a more serious > >> impact on small/embedded devices. > >> > >> Which do you think is the better choice? > > > > I don't have a strong preference. > > > > Re drift of sched_clock(), do you mean unsynchronized RDTSC on > > different cores? I had the impression that RDTSC is synchronized > > across cores on all recent CPUs/systems. > > > > > After discussions with Marco Elver, I now think that perhaps continuing > to use local_clock() is a better option. > > The full discussion with Marco Elver can be found at > https://groups.google.com/g/kasan-dev/c/zmxwYv8wZTg > > Because local_clock() is the clock source used by printk and is the > default clock source for ftrace. > > Using local_clock() as the clock source for KASAN reports makes it > easier to correlate the timestamps of allocations, frees, and errors > with the timestamps of other events in the system. > > This is perhaps more important than being able to accurately compare > across CPUs. > > What do you think? If other similar tools (kfence, ftrace, printk) use local_clock(), then it's reasonable to use it in kasan as well.