Kernel Concurrency Sanitizer Set For Linux 5.5 To Uncover Data Race Conditions
Adding to the list of changes on deck for the Linux 5.5 kernel is a new "sanitizer" for spotting data race conditions.
The Linux kernel already has an address sanitizer, undefined behavior sanitizer, and other helpers while the newest is the kernel concurrency sanitizer. Like many of the sanitizers for the kernel and within compilers, the work comes courtesy of Google engineers.
The Kernel Concurrency Sanitizer should be able to spot data races within the kernel in real-time when built with the "KCSAN" support enabled. Due to the run-time overhead, this functionality shouldn't be bundled for production kernels but more for just testing builds.
Here's how it works: "KCSAN uses the -fsanitize=thread build time instrumentation features of both GCC and Clang, which transforms all memory reads/writes into __tsan_*callbacks with addresses and access type flags passed in that KCSAN can process and turn into a global array of 'watchpoints' that denote ongoing accesses. If two CPUs happen upon each other via an unsafe (non-atomic) access then a warning is generated."
The Kernel Concurrency Sanitizer is still being improved upon and for working around false-positives, but the initial implementation is ready for Linux 5.5.
The Linux kernel already has an address sanitizer, undefined behavior sanitizer, and other helpers while the newest is the kernel concurrency sanitizer. Like many of the sanitizers for the kernel and within compilers, the work comes courtesy of Google engineers.
The Kernel Concurrency Sanitizer should be able to spot data races within the kernel in real-time when built with the "KCSAN" support enabled. Due to the run-time overhead, this functionality shouldn't be bundled for production kernels but more for just testing builds.
Here's how it works: "KCSAN uses the -fsanitize=thread build time instrumentation features of both GCC and Clang, which transforms all memory reads/writes into __tsan_*callbacks with addresses and access type flags passed in that KCSAN can process and turn into a global array of 'watchpoints' that denote ongoing accesses. If two CPUs happen upon each other via an unsafe (non-atomic) access then a warning is generated."
The Kernel Concurrency Sanitizer is still being improved upon and for working around false-positives, but the initial implementation is ready for Linux 5.5.
4 Comments