[ANNOUNCE] RaceHound 1.0 - data race detector for the kernel

From: Eugene Shatokhin
Date: Thu May 21 2015 - 04:56:47 EST

Next message: Stephen Rothwell: "linux-next: Tree for May 21"
Previous message: Geert Uytterhoeven: "Re: [PATCH 2/9] y2038: asm-generic: extend sysvipc data structures"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

RaceHound 1.0 has been released.

This tool can be used to detect data races in the kernel code in runtime on x86. It may miss races but should produce no false alarms.

Suppose it is needed to check if an instruction that accesses data in memory may race for these data with some other code. RaceHound operates as follows.

1. Place a software breakpoint (Kprobe, actually) on the instruction.
2. When the software breakpoint hits, determine the address and size of the data the instruction is about to access.
3. Arm a hardware breakpoint to detect the conflicting accesses to these data (writes if the instruction only reads the data, both reads and writes otherwise). The hardware breakpoint may cover only a limited amount of memory but that is OK for now.
4. Make a delay (the length is configurable).
5. If the hardware breakpoint hits during the delay, report a race.
6. Disarm the hardware breakpoint and let the code execution continue normally.

In addition, RaceHound checks if the accessed data have been modified during the delay. This also helps detect races if the hardware breakpoints have missed them.

The ideas behind all this are similar to those implemented in DataCollider tool for MS Windows [1].

In this version, RaceHound was rewritten to use Kprobes for software breakpoints as well as to be able to monitor almost any place in the kernel where a Kprobe can be placed. So it can now monitor not only the instructions in the loadable modules like before, but also in the kernel proper or the built-in modules.

Although the tool can now only monitor the instructions supplied by the user, I think, I could later implement some kind of automated "sweeping" through the given area of code, checking the memory accesses there. May be, something similar to what they do on MS Windows [1].

The code of RaceHound is available at https://github.com/winnukem/racehound.
The instructions on how to setup and use it are also there: https://github.com/winnukem/racehound/blob/master/README

References:
[1] John Erickson et. al., "Effective Data-Race Detection for the Kernel" - Proc. 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI'10).

Regards,

Eugene
--
Eugene Shatokhin, ROSA
www.rosalab.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephen Rothwell: "linux-next: Tree for May 21"
Previous message: Geert Uytterhoeven: "Re: [PATCH 2/9] y2038: asm-generic: extend sysvipc data structures"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]