Re: [PATCH 2/2] arch: add pidfd and io_uring syscalls everywhere
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: Jens Axboe <axboe@xxxxxxxxx>
- Subject: Re: [PATCH 2/2] arch: add pidfd and io_uring syscalls everywhere
- From: Will Deacon <will.deacon@xxxxxxx>
- Date: Wed, 3 Apr 2019 16:49:02 +0100
- Cc: Michael Ellerman <mpe@xxxxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Richard Henderson <rth@xxxxxxxxxxx>, Ivan Kokshaysky <ink@xxxxxxxxxxxxxxxxxxxx>, Matt Turner <mattst88@xxxxxxxxx>, Russell King <linux@xxxxxxxxxxxxxxx>, Catalin Marinas <catalin.marinas@xxxxxxx>, Tony Luck <tony.luck@xxxxxxxxx>, Fenghua Yu <fenghua.yu@xxxxxxxxx>, Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>, Michal Simek <monstr@xxxxxxxxx>, Ralf Baechle <ralf@xxxxxxxxxxxxxx>, Paul Burton <paul.burton@xxxxxxxx>, James Hogan <jhogan@xxxxxxxxxx>, "James E . J . Bottomley" <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, Helge Deller <deller@xxxxxx>, Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx>, Paul Mackerras <paulus@xxxxxxxxx>, Martin Schwidefsky <schwidefsky@xxxxxxxxxx>, Heiko Carstens <heiko.carstens@xxxxxxxxxx>, Rich Felker <dalias@xxxxxxxx>, "David S . Miller" <davem@xxxxxxxxxxxxx>, Max Filippov <jcmvbkbc@xxxxxxxxx>, Firoz Khan <firoz.khan@xxxxxxxxxx>, linux-alpha@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, linux-ia64@xxxxxxxxxxxxxxx, linux-m68k@xxxxxxxxxxxxxxx, linux-mips@xxxxxxxxxxxxxxx, linux-parisc@xxxxxxxxxxxxxxx, linuxppc-dev@xxxxxxxxxxxxxxxx, linux-s390@xxxxxxxxxxxxxxx, linux-sh@xxxxxxxxxxxxxxx, sparclinux@xxxxxxxxxxxxxxx
- In-reply-to: <032faa2f-6317-75b6-8514-076ef1a244e8@kernel.dk>
- References: <20190325143521.34928-1-arnd@arndb.de> <20190325144737.703921-1-arnd@arndb.de> <87tvff24a1.fsf@concordia.ellerman.id.au> <20190403111134.GA7159@fuggles.cambridge.arm.com> <9d673dfd-0051-3676-653e-6376430d73dd@kernel.dk> <20190403151932.GA16866@fuggles.cambridge.arm.com> <032faa2f-6317-75b6-8514-076ef1a244e8@kernel.dk>
- User-agent: Mutt/1.11.1+86 (6f28e57d73f2) ()
On Wed, Apr 03, 2019 at 09:39:52AM -0600, Jens Axboe wrote:
> On 4/3/19 9:19 AM, Will Deacon wrote:
> > On Wed, Apr 03, 2019 at 07:49:26AM -0600, Jens Axboe wrote:
> >> On 4/3/19 5:11 AM, Will Deacon wrote:
> >>> will@autoplooker:~/liburing/test$ ./io_uring_register
> >>> RELIMIT_MEMLOCK: 67108864 (67108864)
> >>> [ 35.477875] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000070
> >>> [ 35.478969] Mem abort info:
> >>> [ 35.479296] ESR = 0x96000004
> >>> [ 35.479785] Exception class = DABT (current EL), IL = 32 bits
> >>> [ 35.480528] SET = 0, FnV = 0
> >>> [ 35.480980] EA = 0, S1PTW = 0
> >>> [ 35.481345] Data abort info:
> >>> [ 35.481680] ISV = 0, ISS = 0x00000004
> >>> [ 35.482267] CM = 0, WnR = 0
> >>> [ 35.482618] user pgtable: 4k pages, 48-bit VAs, pgdp = (____ptrval____)
> >>> [ 35.483486] [0000000000000070] pgd=0000000000000000
> >>> [ 35.484041] Internal error: Oops: 96000004 [#1] PREEMPT SMP
> >>> [ 35.484788] Modules linked in:
> >>> [ 35.485311] CPU: 113 PID: 3973 Comm: io_uring_regist Not tainted 5.1.0-rc3-00012-g40b114779944 #1
> >>> [ 35.486712] Hardware name: linux,dummy-virt (DT)
> >>> [ 35.487450] pstate: 20400005 (nzCv daif +PAN -UAO)
> >>> [ 35.488228] pc : link_pwq+0x10/0x60
> >>> [ 35.488794] lr : apply_wqattrs_commit+0xe0/0x118
> >>> [ 35.489550] sp : ffff000017e2bbc0
> >>
> >> Huh, this looks odd, it's crashing inside the wq setup.
> >
> > Enabling KASAN seems to indicate a double-free, which may well be related.
>
> Does this help?
Yes, thanks for the quick patch. Feel free to add:
Reported-by: Will Deacon <will.deacon@xxxxxxx>
Tested-by: Will Deacon <will.deacon@xxxxxxx>
if you spin a proper patch.
Will
> diff --git a/fs/io_uring.c b/fs/io_uring.c
> index bbdbd56cf2ac..07d6ef195d05 100644
> --- a/fs/io_uring.c
> +++ b/fs/io_uring.c
> @@ -2215,6 +2215,7 @@ static int io_sqe_files_register(struct io_ring_ctx *ctx, void __user *arg,
> fput(ctx->user_files[i]);
>
> kfree(ctx->user_files);
> + ctx->user_files = NULL;
> ctx->nr_user_files = 0;
> return ret;
> }
>
> --
> Jens Axboe
>
[Index of Archives]
[Linux Kernel]
[Sparc Linux]
[DCCP]
[Linux ARM]
[Yosemite News]
[Linux SCSI]
[Linux x86_64]
[Linux for Ham Radio]
