From: pragalla@codeaurora.org
To: John Garry <john.garry@huawei.com>
Cc: Bart Van Assche <bvanassche@acm.org>,
axboe@kernel.dk, evgreen@google.com, linux-block@vger.kernel.org,
stummala@codeaurora.org, Ming Lei <ming.lei@redhat.com>
Subject: Re: use-after-free access in bt_iter()
Date: Fri, 19 Feb 2021 11:52:25 +0530 [thread overview]
Message-ID: <b859618aeac58bd9bb620d7ebdb24b90@codeaurora.org> (raw)
In-Reply-To: <9ace4c26c47e84c3c6a1c68ef1a193f8@codeaurora.org>
On 2021-02-05 21:51, pragalla@codeaurora.org wrote:
> On 2021-02-05 21:37, John Garry wrote:
>> - bouncing jianchao.w.wang@oracle.com
>>
>>>>
>>>>> Some time ago you replied the following to an email from me with a
>>>>> suggestion for a fix: "Please let me consider it a bit more." Are
>>>>> you
>>>>> still working on a fix?
>>>>
>>>> Unfortunately I have not had a chance, sorry. But I can look again.
>>>>
>>>> So I have only seen KASAN use-after-free's myself, but never an
>>>> actual
>>>> oops. IIRC, someone did report an oops.
>>>>
>>> Hi John,
>>>
>>>> @Pradeep, do you have a reliable re-creator? I noticed the timeout
>>>> handler stackframe in your mail, so I guess not. However, as an
>>>> experiment, could you test:
>>>> https://lore.kernel.org/linux-block/1608203273-170555-2-git-send-email-john.garry@huawei.com/
>>> Yes, i don't have a reliable re-creator. The oops was noticed as a
>>> part of stability testing and
>>> was not an intentional try. This was noticed couple of times.
>>> Please share the steps (if any) to easy hit or to exercise this path
>>> more frequently.
>>> Meanwhile, i will go with the usual stability procedure. i will
>>> update the results here later.
>>>
>>
Hi John,
we ran the stability with the above patch
(https://lore.kernel.org/linux-block/1608203273-170555-2-git-send-email-john.garry@huawei.com/)
with switching the io-schedulers in b/w for ~88hrs on 2 devices, we
didn't notice any crash/issue.
>> Do you have a full kernel log for your crash?
> Yes. Attaching the full kernel dmesg log.
>>
>> So there are different flavors of this issue, and you reported a crash
>> from blk_mq_queue_tag_busy_iter().
>>
>> If you check:
>> https://lore.kernel.org/linux-block/76190c94-c5c1-9553-5509-9969fc323544@huawei.com/
>>
>> You can see how I artificially trigger an issue in
>> blk_mq_queue_tag_busy_iter().
> Sure, i will go through the steps on the recreation part. Thanks.
>>
>>>> This should fix the common issue. But no final solution to issues
>>>> discussed from patch 2/2, which is more exotic.
>>>>
>>>> BTW, is this the same Pradeep who reported:
>>>> https://lore.kernel.org/linux-block/1606402925-24420-1-git-send-email-ppvk@codeaurora.org/
>>
>> Thanks,
>> John
>
> Thanks and Regards,
> Pradeep
next prev parent reply other threads:[~2021-02-19 6:23 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-04 11:46 use-after-free access in bt_iter() pragalla
2021-02-04 15:51 ` Bart Van Assche
2021-02-04 16:17 ` John Garry
2021-02-05 2:39 ` Ming Lei
2021-02-05 15:30 ` pragalla
2021-02-05 16:07 ` John Garry
[not found] ` <9ace4c26c47e84c3c6a1c68ef1a193f8@codeaurora.org>
2021-02-19 6:22 ` pragalla [this message]
2021-02-19 9:34 ` John Garry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b859618aeac58bd9bb620d7ebdb24b90@codeaurora.org \
--to=pragalla@codeaurora.org \
--cc=axboe@kernel.dk \
--cc=bvanassche@acm.org \
--cc=evgreen@google.com \
--cc=john.garry@huawei.com \
--cc=linux-block@vger.kernel.org \
--cc=ming.lei@redhat.com \
--cc=stummala@codeaurora.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.