From: Eduard Zingerman <eddyz87@gmail.com>
To: Donglin Peng <dolinux.peng@gmail.com>,
bot+bpf-ci@kernel.org, ast@kernel.org,
andrii.nakryiko@gmail.com
Cc: zhangxiaoqin@xiaomi.com, linux-kernel@vger.kernel.org,
bpf@vger.kernel.org, alan.maguire@oracle.com, song@kernel.org,
pengdonglin@xiaomi.com, andrii@kernel.org, daniel@iogearbox.net,
martin.lau@kernel.org, yonghong.song@linux.dev, clm@meta.com,
ihor.solodrai@linux.dev
Subject: Re: [PATCH v5 6/7] btf: Add lazy sorting validation for binary search
Date: Fri, 07 Nov 2025 10:19:33 -0800 [thread overview]
Message-ID: <74d4c8e40e61dad369607ecd8b98f58a515479f0.camel@gmail.com> (raw)
In-Reply-To: <CAErzpmtRYnSpLuO=oM7GgW0Sss2+kQ2cJsZiDmZmz04fD0Noyg@mail.gmail.com>
On Fri, 2025-11-07 at 15:08 +0800, Donglin Peng wrote:
> On Thu, Nov 6, 2025 at 9:47 PM <bot+bpf-ci@kernel.org> wrote:
> >
> > > diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
> > > index 66cb739a0..33c327d3c 100644
> > > --- a/kernel/bpf/btf.c
> > > +++ b/kernel/bpf/btf.c
> > > @@ -552,6 +552,70 @@ u32 btf_nr_types(const struct btf *btf)
> > > return total;
> > > }
> > >
> > > +/* Verifies that BTF types are sorted in ascending order
> > > according to their
> > > + * names, with named types appearing before anonymous types. If
> > > the ordering
> > > + * is correct, counts the number of named types and updates the
> > > BTF object's
> > > + * nr_sorted_types field.
> > > + *
> > > + * Return: true if types are properly sorted, false otherwise
> > > + */
> > > +static bool btf_check_sorted(struct btf *btf)
> > > +{
> > > + const struct btf_type *t;
> > > + int i, n, k = 0, nr_sorted_types;
> > > +
> > > + if (likely(btf->nr_sorted_types != BTF_NEED_SORT_CHECK))
> > > + goto out;
> > > + btf->nr_sorted_types = 0;
> > ^
> >
> > Can multiple threads race when writing to btf->nr_sorted_types
> > here?
> > Looking at btf_find_by_name_kind()->btf_check_sorted(), I see that
> > btf_find_by_name_kind() receives a const pointer but casts away the
> > const
> > to call btf_check_sorted(). The function bpf_find_btf_id() calls
> > btf_find_by_name_kind() without holding any locks (line 737), and
> > later
> > explicitly unlocks before calling it again (lines 756-757).
> >
> > This means multiple threads can concurrently enter
> > btf_check_sorted() and
> > write to btf->nr_sorted_types. While the validation logic is
> > idempotent
> > and all threads would compute the same value, the concurrent writes
> > to the
> > same memory location without synchronization could trigger KCSAN
> > warnings.
> >
> > Should this use atomic operations, or should the validation be
> > performed
> > under a lock during BTF initialization before the BTF becomes
> > visible to
> > multiple threads?
>
> Hi, is it necessary to address this issue?
> For example, by using atomic_try_cmpxchg or WRITE/READ_ONCE? Using
> atomic_try_cmpxchg can prevent race conditions on writes but requires
> an atomic
> variable, while WRITE_ONCE/READ_ONCE can avoid KCSAN warnings. Since
> the race condition is unlikely to cause critical issues, I suggest
> using
> WRITE_ONCE/READ_ONCE.
Probably use WRITE_ONCE/READ_ONCE?
> > > +
> > > + if (btf->nr_types < 2)
> > > + goto out;
> > > +
> > > + nr_sorted_types = 0;
> > > + n = btf_nr_types(btf) - 1;
> > > + for (i = btf_start_id(btf); i < n; i++) {
> > > + k = i + 1;
> > > + if (btf_compare_type_names(&i, &k, btf) > 0)
> > > + goto out;
> > > +
> > > + t = btf_type_by_id(btf, i);
> > > + if (t->name_off)
> > > + nr_sorted_types++;
> > > + }
> > > +
> > > + t = btf_type_by_id(btf, k);
> > > + if (t->name_off)
> > > + nr_sorted_types++;
> > > + if (nr_sorted_types)
> > > + btf->nr_sorted_types = nr_sorted_types;
> > ^
> >
> > The same race condition applies to this write of nr_sorted_types as
> > well.
> >
> > > +
> > > +out:
> > > + return btf->nr_sorted_types > 0;
> > > +}
> >
> > [ ... ]
> >
> > > @@ -610,7 +674,7 @@ s32 btf_find_by_name_kind(const struct btf
> > > *btf, const char *name, u8 kind)
> > > goto out;
> > > }
> > >
> > > - if (btf->nr_sorted_types != BTF_NEED_SORT_CHECK) {
> > > + if (btf_check_sorted((struct btf *)btf)) {
> > ^
> >
> > The const cast here enables the concurrent writes discussed above.
> > Is
> > there a reason to mark the btf parameter as const if we're
> > modifying it?
>
> Hi team, is casting away const an acceptable approach for our
> codebase?
Casting away const is undefined behaviour, e.g. see paragraph 6.7.3.6
N1570 ISO/IEC 9899:201x Programming languages — C.
Both of the problems above can be avoided if kernel will do sorted
check non-lazily. But Andrii and Alexei seem to like that property.
>
> >
> >
> > ---
> > AI reviewed your patch. Please fix the bug or email reply why it's
> > not a bug.
> > See:
> > https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
> >
> > CI run summary:
> > https://github.com/kernel-patches/bpf/actions/runs/19137195500
next prev parent reply other threads:[~2025-11-07 18:19 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-06 13:19 [PATCH v5 0/7] BTF performance optimizations with permutation and binary search Donglin Peng
2025-11-06 13:19 ` [PATCH v5 1/7] libbpf: Extract BTF type remapping logic into helper function Donglin Peng
2025-11-06 13:19 ` [PATCH v5 2/7] libbpf: Add BTF permutation support for type reordering Donglin Peng
2025-11-06 13:47 ` bot+bpf-ci
2025-11-07 7:12 ` Donglin Peng
2025-11-06 13:19 ` [PATCH v5 3/7] libbpf: Optimize type lookup with binary search for sorted BTF Donglin Peng
2025-11-06 13:40 ` bot+bpf-ci
2025-11-07 7:29 ` Donglin Peng
2025-11-06 13:19 ` [PATCH v5 4/7] libbpf: Implement lazy sorting validation for binary search optimization Donglin Peng
2025-11-06 13:19 ` [PATCH v5 5/7] btf: Optimize type lookup with binary search Donglin Peng
2025-11-06 13:19 ` [PATCH v5 6/7] btf: Add lazy sorting validation for " Donglin Peng
2025-11-06 13:47 ` bot+bpf-ci
2025-11-07 7:08 ` Donglin Peng
2025-11-07 18:19 ` Eduard Zingerman [this message]
2025-11-07 18:54 ` Alexei Starovoitov
2025-11-07 18:58 ` Eduard Zingerman
2025-11-07 19:01 ` Alexei Starovoitov
2025-11-07 19:51 ` Eduard Zingerman
2025-11-10 1:42 ` Donglin Peng
2025-11-10 20:44 ` Eduard Zingerman
2025-11-11 2:07 ` Donglin Peng
2025-11-06 13:19 ` [PATCH v5 7/7] selftests/bpf: Add test cases for btf__permute functionality Donglin Peng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74d4c8e40e61dad369607ecd8b98f58a515479f0.camel@gmail.com \
--to=eddyz87@gmail.com \
--cc=alan.maguire@oracle.com \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bot+bpf-ci@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=clm@meta.com \
--cc=daniel@iogearbox.net \
--cc=dolinux.peng@gmail.com \
--cc=ihor.solodrai@linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.lau@kernel.org \
--cc=pengdonglin@xiaomi.com \
--cc=song@kernel.org \
--cc=yonghong.song@linux.dev \
--cc=zhangxiaoqin@xiaomi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox