Re: [BUG] kmsan: instrumentation recursion problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Mar 11, 2024 at 07:02:23PM +0800, Changbin Du wrote:
> On Mon, Mar 11, 2024 at 05:30:36PM +0800, Changbin Du wrote:
> > On Fri, Mar 08, 2024 at 10:39:15AM +0100, Marco Elver wrote:
> > > On Fri, 8 Mar 2024 at 05:36, 'Changbin Du' via kasan-dev
> > > <kasan-dev@xxxxxxxxxxxxxxxx> wrote:
> > > >
> > > > Hey, folks,
> > > > I found two instrumentation recursion issues on mainline kernel.
> > > >
> > > > 1. recur on preempt count.
> > > > __msan_metadata_ptr_for_load_4() -> kmsan_virt_addr_valid() -> preempt_disable() -> __msan_metadata_ptr_for_load_4()
> > > >
> > > > 2. recur in lockdep and rcu
> > > > __msan_metadata_ptr_for_load_4() -> kmsan_virt_addr_valid() -> pfn_valid() -> rcu_read_lock_sched() -> lock_acquire() -> rcu_is_watching() -> __msan_metadata_ptr_for_load_8()
> > > >
> > > >
> > > > Here is an unofficial fix, I don't know if it will generate false reports.
> > > >
> > > > $ git show
> > > > commit 7f0120b621c1cbb667822b0f7eb89f3c25868509 (HEAD -> master)
> > > > Author: Changbin Du <changbin.du@xxxxxxxxxx>
> > > > Date:   Fri Mar 8 20:21:48 2024 +0800
> > > >
> > > >     kmsan: fix instrumentation recursions
> > > >
> > > >     Signed-off-by: Changbin Du <changbin.du@xxxxxxxxxx>
> > > >
> > > > diff --git a/kernel/locking/Makefile b/kernel/locking/Makefile
> > > > index 0db4093d17b8..ea925731fa40 100644
> > > > --- a/kernel/locking/Makefile
> > > > +++ b/kernel/locking/Makefile
> > > > @@ -7,6 +7,7 @@ obj-y += mutex.o semaphore.o rwsem.o percpu-rwsem.o
> > > >
> > > >  # Avoid recursion lockdep -> sanitizer -> ... -> lockdep.
> > > >  KCSAN_SANITIZE_lockdep.o := n
> > > > +KMSAN_SANITIZE_lockdep.o := n
> > > 
> > > This does not result in false positives?
> > >
> This does result lots of false positives.
> 
> > I saw a lot of reports but seems not related to this.
> > 
> > [    2.742743][    T0] BUG: KMSAN: uninit-value in unwind_next_frame+0x3729/0x48a0
> > [    2.744404][    T0]  unwind_next_frame+0x3729/0x48a0
> > [    2.745623][    T0]  arch_stack_walk+0x1d9/0x2a0
> > [    2.746838][    T0]  stack_trace_save+0xb8/0x100
> > [    2.747928][    T0]  set_track_prepare+0x88/0x120
> > [    2.749095][    T0]  __alloc_object+0x602/0xbe0
> > [    2.750200][    T0]  __create_object+0x3f/0x4e0
> > [    2.751332][    T0]  pcpu_alloc+0x1e18/0x2b00
> > [    2.752401][    T0]  mm_init+0x688/0xb20
> > [    2.753436][    T0]  mm_alloc+0xf4/0x180
> > [    2.754510][    T0]  poking_init+0x50/0x500
> > [    2.755594][    T0]  start_kernel+0x3b0/0xbf0
> > [    2.756724][    T0]  __pfx_reserve_bios_regions+0x0/0x10
> > [    2.758073][    T0]  x86_64_start_kernel+0x92/0xa0
> > [    2.759320][    T0]  secondary_startup_64_no_verify+0x176/0x17b
> > 
> Above reports are triggered by KMEMLEAK and KFENCE.
> 
> Now with below fix, I was able to run kmsan kernel with:
>   CONFIG_DEBUG_KMEMLEAK=n
>   CONFIG_KFENCE=n
>   CONFIG_LOCKDEP=n
> 
> KMEMLEAK and KFENCE generate too many false positives in unwinding code.
> LOCKDEP still introduces instrumenting recursions.

FWIW I see the same issue on s390, and the best I could come up with so
far was also disabling lockdep.

For KFENCE I have the following [1] though, maybe this will be helpful
to you as well?

[1] https://patchwork.kernel.org/project/linux-mm/patch/20231213233605.661251-17-iii@xxxxxxxxxxxxx/

[...]




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux