Re: KCSAN: data-race in __alloc_file / __alloc_file
From: Alan Stern
Date: Tue Nov 12 2019 - 16:48:45 EST
On Tue, 12 Nov 2019, Linus Torvalds wrote:
> Honestly, my preferred model would have been to just add a comment,
> and have the reporting tool know to then just ignore it. So something
> like
>
> + // Benign data-race on min_flt
> tsk->min_flt++;
> perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MIN, 1, regs, address);
>
> for the case that Eric mentioned - the tool would trigger on
> "data-race", and the rest of the comment could/should be for humans.
> Without making the code uglier, but giving the potential for a nice
> leghibl.e explanation instead of a completely illegible "let's
> randomly use WRITE_ONCE() here" or something like that.
Just to be perfectly clear, then:
Your feeling is that we don't need to tell the compiler anything at all
about these races, because if a compiler generates code that is
non-robust against such things then you don't want to use it for the
kernel.
And as a corollary, the only changes you want to make to the source
code are things that tell KCSAN not to worry about these races when
they occur.
Right?
> + // Benign data-race on min_flt
> tsk->min_flt++;
> perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MIN, 1, regs, address);
I suggest grouping the accesses into classes somehow, and telling KCSAN
that races between accesses in the same class are okay but racing
accesses in different classes should trigger a warning. That would
give the tool a better chance of finding genuine races.
Alan Stern