diff for duplicates of <1492811357.2499.9.camel@sandisk.com> diff --git a/a/1.txt b/N1/1.txt index c186ded..dfe88e2 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -1,10 +1,8 @@ On Thu, 2017-04-20 at 15:18 -0600, Scott Bauer wrote: -> [ 642.638860] BUG: KASAN: use-after-free in scsi_exit_rq+0xf3/0x120 at a= -ddr ffff8802b7fedf00 +> [ 642.638860] BUG: KASAN: use-after-free in scsi_exit_rq+0xf3/0x120 at addr ffff8802b7fedf00 > [ 642.639362] Read of size 1 by task rcuos/5/53 > [ 642.639713] CPU: 7 PID: 53 Comm: rcuos/6 Not tainted 4.11.0-rc5+ #13 -> [ 642.640170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIO= -S rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014 +> [ 642.640170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014 > [ 642.640923] Call Trace: > [ 642.641080] dump_stack+0x63/0x8f > [ 642.641289] kasan_object_err+0x21/0x70 @@ -30,14 +28,11 @@ S rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014 > [ 642.646535] ? kthread_park+0x160/0x160 > [ 642.646787] ret_from_fork+0x2c/0x40 -I'm not familiar with cgroups but seeing this makes me wonder whether it wo= -uld +I'm not familiar with cgroups but seeing this makes me wonder whether it would be possible to move the blk_exit_rl() calls from blk_release_queue() into -blk_cleanup_queue()? The SCSI core frees a SCSI host after blk_cleanup_queu= -e() -has finished for all associated SCSI devices. This is why I think that call= -ing +blk_cleanup_queue()? The SCSI core frees a SCSI host after blk_cleanup_queue() +has finished for all associated SCSI devices. This is why I think that calling blk_exit_rl() earlier would be sufficient to avoid that scsi_exit_rq() dereferences a SCSI host pointer after it has been freed. -Bart.= +Bart. diff --git a/a/content_digest b/N1/content_digest index 04ec9c4..9515761 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -13,12 +13,10 @@ "\00:1\0" "b\0" "On Thu, 2017-04-20 at 15:18 -0600, Scott Bauer wrote:\n" - "> [ 642.638860] BUG: KASAN: use-after-free in scsi_exit_rq+0xf3/0x120 at a=\n" - "ddr ffff8802b7fedf00\n" + "> [ 642.638860] BUG: KASAN: use-after-free in scsi_exit_rq+0xf3/0x120 at addr ffff8802b7fedf00\n" "> [ 642.639362] Read of size 1 by task rcuos/5/53\n" "> [ 642.639713] CPU: 7 PID: 53 Comm: rcuos/6 Not tainted 4.11.0-rc5+ #13\n" - "> [ 642.640170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIO=\n" - "S rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014\n" + "> [ 642.640170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014\n" "> [ 642.640923] Call Trace:\n" "> [ 642.641080] dump_stack+0x63/0x8f\n" "> [ 642.641289] kasan_object_err+0x21/0x70\n" @@ -44,16 +42,13 @@ "> [ 642.646535] ? kthread_park+0x160/0x160\n" "> [ 642.646787] ret_from_fork+0x2c/0x40\n" "\n" - "I'm not familiar with cgroups but seeing this makes me wonder whether it wo=\n" - "uld\n" + "I'm not familiar with cgroups but seeing this makes me wonder whether it would\n" "be possible to move the blk_exit_rl() calls from blk_release_queue() into\n" - "blk_cleanup_queue()? The SCSI core frees a SCSI host after blk_cleanup_queu=\n" - "e()\n" - "has finished for all associated SCSI devices. This is why I think that call=\n" - "ing\n" + "blk_cleanup_queue()? The SCSI core frees a SCSI host after blk_cleanup_queue()\n" + "has finished for all associated SCSI devices. This is why I think that calling\n" "blk_exit_rl() earlier would be sufficient to avoid that scsi_exit_rq()\n" "dereferences a SCSI host pointer after it has been freed.\n" "\n" - Bart.= + Bart. -a320733c52967d85696289acd995fa92f91c21b84f35482efe2e8bcd8ec514dd +64428fe09441bfa841bb4963d9505e1dd7cfc5ba3f8d3eb8c1687fc8b7baf2c3
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.