Re: [PATCHv2 0/3] libata: sysfs naming

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/21/22 23:56, Hannes Reinecke wrote:
> Hi all,
> 
> here's my second attempt the align the libata object naming with sysfs.
> Key point is to introduce an 'ata' bus, which serves to collect all
> libata object (ata_port, ata_link, and ata_device).
> 
> To facilitate that the name of the 'ata_port' object changes from 'ata'
> to 'port'. To provide backwards compability I've added an additional
> class object for the ata_port with the name of 'ata'.
> This additional object can be disabled with the config option
> ATA_SYSFS_COMPAT.
> 
> As usual, comments and reviews are welcome.
> 
> Hannes Reinecke (3):
>   libata: sysfs naming option
>   libata: CONFIG_ATA_SYSFS_COMPAT
>   libata: sanitize PMP link naming
> 
>  drivers/ata/Kconfig            | 10 +++++++
>  drivers/ata/libata-transport.c | 55 ++++++++++++++++++++++++++++++----
>  include/linux/libata.h         | 54 ++++++++++-----------------------
>  3 files changed, 76 insertions(+), 43 deletions(-)
> 

Kasan is not happy at all when I do "rmmod ahci"...

[ 1657.438508] BUG: KASAN: double-free or invalid-free in
attribute_container_release+0x37/0x50
[ 1657.447070]
[ 1657.448597] CPU: 8 PID: 1597 Comm: rmmod Not tainted 5.17.0-libata+ #25
[ 1657.455314] Hardware name: Supermicro Super Server/X11DPL-i, BIOS 3.3
02/21/2020
[ 1657.462809] Call Trace:
[ 1657.465304]  <TASK>
[ 1657.467447]  dump_stack_lvl+0x45/0x59
[ 1657.471180]  print_address_description.constprop.0+0x1f/0x120
[ 1657.477021]  ? attribute_container_release+0x37/0x50
[ 1657.482060]  ? attribute_container_release+0x37/0x50
[ 1657.487108]  kasan_report_invalid_free+0x51/0x80
[ 1657.491802]  __kasan_slab_free+0xf4/0x110
[ 1657.495885]  ? attribute_container_release+0x37/0x50
[ 1657.500930]  kfree+0xca/0x210
[ 1657.503956]  attribute_container_release+0x37/0x50
[ 1657.508826]  device_release+0x98/0x200
[ 1657.512642]  kobject_put+0x139/0x410
[ 1657.516283]  ata_tport_delete+0x4a/0x60 [libata]
[ 1657.521015]  ata_host_detach+0x336/0x660 [libata]
[ 1657.525820]  ? kernfs_remove_by_name_ns+0x9a/0xe0
[ 1657.530615]  pci_device_remove+0x65/0x110
[ 1657.534696]  __device_release_driver+0x316/0x680
[ 1657.539398]  driver_detach+0x1ec/0x2d0
[ 1657.543217]  bus_remove_driver+0xe7/0x2d0
[ 1657.547293]  ? lock_is_held_type+0x98/0x110
[ 1657.551546]  pci_unregister_driver+0x26/0x250
[ 1657.555982]  __x64_sys_delete_module+0x2fd/0x510
[ 1657.560673]  ? free_module+0xaa0/0xaa0
[ 1657.564487]  ? __cond_resched+0x1c/0x90
[ 1657.568392]  ? lockdep_hardirqs_on_prepare+0x273/0x3e0
[ 1657.573611]  ? syscall_enter_from_user_mode+0x21/0x70
[ 1657.578740]  ? trace_hardirqs_on+0x1c/0x110
[ 1657.583000]  do_syscall_64+0x35/0x80
[ 1657.586635]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1657.591765] RIP: 0033:0x7f4eb289d84b
[ 1657.595403] Code: 73 01 c3 48 8b 0d dd 75 0e 00 f7 d8 64 89 01 48 83 c8
ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 b0 00 00 00 0f 05
<48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ad 75 0e 00 f7 d8 64 89 01 48
[ 1657.618085] RSP: 002b:00007fffa28f9158 EFLAGS: 00000206 ORIG_RAX:
00000000000000b0
[ 1657.627664] RAX: ffffffffffffffda RBX: 000055e1a7f54760 RCX:
00007f4eb289d84b
[ 1657.636822] RDX: 000000000000000a RSI: 0000000000000800 RDI:
000055e1a7f547c8
[ 1657.645965] RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000000
[ 1657.655065] R10: 00007f4eb292eac0 R11: 0000000000000206 R12:
00007fffa28f93d0
[ 1657.664115] R13: 00007fffa28fa780 R14: 000055e1a7f542a0 R15:
000055e1a7f54760
[ 1657.673133]  </TASK>
[ 1657.677130]
[ 1657.680403] Allocated by task 183:
[ 1657.685577]  kasan_save_stack+0x1e/0x40
[ 1657.691152]  __kasan_kmalloc+0x7f/0xa0
[ 1657.696603]  kmem_cache_alloc_trace+0x1f9/0x470
[ 1657.702809]  ata_port_alloc+0x40/0x5a0 [libata]
[ 1657.709031]  ata_host_alloc+0x1ca/0x260 [libata]
[ 1657.715301]  ata_host_alloc_pinfo+0x1d/0x540 [libata]
[ 1657.721978]  ahci_init_one+0xc5b/0x1d40 [ahci]
[ 1657.728037]  local_pci_probe+0xc6/0x150
[ 1657.733487]  work_for_cpu_fn+0x4e/0xa0
[ 1657.738833]  process_one_work+0x7f0/0x1310
[ 1657.744509]  worker_thread+0x6e0/0xf70
[ 1657.749855]  kthread+0x28f/0x330
[ 1657.754665]  ret_from_fork+0x1f/0x30
[ 1657.759818]
[ 1657.762850] The buggy address belongs to the object at ffff8885e2ce0000
[ 1657.762850]  which belongs to the cache kmalloc-32k of size 32768
[ 1657.778757] The buggy address is located 15088 bytes inside of
[ 1657.778757]  32768-byte region [ffff8885e2ce0000, ffff8885e2ce8000)
[ 1657.794105] The buggy address belongs to the page:
[ 1657.800540] page:00000000ddc44957 refcount:1 mapcount:0
mapping:0000000000000000 index:0x0 pfn:0x5e2ce0
[ 1657.811675] head:00000000ddc44957 order:4 compound_mapcount:0
compound_pincount:0
[ 1657.820907] flags: 0x20000000010200(slab|head|node=0|zone=2)
[ 1657.828316] raw: 0020000000010200 ffffea0018392808 ffffea00178b3c08
ffff888100040200
[ 1657.837857] raw: 0000000000000000 ffff8885e2ce0000 0000000100000001
0000000000000000
[ 1657.847408] page dumped because: kasan: bad access detected
[ 1657.854796]
[ 1657.858067] Memory state around the buggy address:
[ 1657.864684]  ffff8885e2ce3980: 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00
[ 1657.873803]  ffff8885e2ce3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00
[ 1657.882884] >ffff8885e2ce3a80: 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00
[ 1657.891942]                                                              ^
[ 1657.900670]  ffff8885e2ce3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00
[ 1657.909774]  ffff8885e2ce3b80: 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00

And after that, doing "rmmod libata; modprobe libata", Things get really
bad...

[ 1820.226215] sysfs: cannot create duplicate filename '/bus/ata'

And then NULL pointer dereference oops.

My PMP setup also does not show the devices named devX.Y. I suspect this
is because my eSATA box supports FIS based switching. Even with that, the
eSATA box has 4 drives all connected behind one port/one link, but I still
see each device with its own port and link. Weird. Since I am not 100% up
to speed on how the PMP code works, I need to dig into it.



-- 
Damien Le Moal
Western Digital Research



[Index of Archives]     [Linux Filesystems]     [Linux SCSI]     [Linux RAID]     [Git]     [Kernel Newbies]     [Linux Newbie]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Samba]     [Device Mapper]

  Powered by Linux