On Fri, Oct 16, 2015 at 01:54:44PM +0300, Andrey Ryabinin wrote: > On 10/16/2015 01:00 PM, Peter Zijlstra wrote: > > On Fri, Oct 16, 2015 at 12:44:53PM +0300, Andrey Ryabinin wrote: > >> Some code may perform racy by design memory reads. This could be > >> harmless, yet such code may produce KASAN warnings. > >> > >> To hide such accesses from KASAN this patch introduces > >> READ_ONCE_NOKSAN() macro. KASAN will not check the memory > >> accessed by READ_ONCE_NOKSAN(). The KernelThreadSanitizer (KTSAN) > >> is going to ignore it as well. > >> > >> This patch creates __read_once_size_noksan() a clone of > >> __read_once_size(). The only difference between them is > >> 'no_sanitized_address' attribute appended to '*_nokasan' function. > >> This attribute tells the compiler that instrumentation of memory > >> accesses should not be applied to that function. We declare it as > >> static '__maybe_unsed' because GCC is not capable to inline such > >> function: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67368 > >> > >> With KASAN=n READ_ONCE_NOKSAN() is just a clone of READ_ONCE(). > > > > Would we need a similar annotation for things like > > mutex_spin_on_owner()'s dereference of owner, or is that considered safe > > by KASAN? > > > > (its not actually safe; as I remember we have a problem with using > > rcu_read_lock for tasks like that) > > > > How exactly it's not safe?
I was worried perhaps KASAN would trip over the speculative nature of the owner pointer, but we do verify it, so I suppose its allright. > If we could dereference freed owner, I'd say we need to fix this, > but not hide. We should, just not 'trivial' and we seem to get distracted while thinking of possible fixes :/ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
