From: Ming Lei <ming.lei@redhat.com>
To: yu kuai <yukuai3@huawei.com>
Cc: axboe@kernel.dk, bvanassche@acm.org, yi.zhang@huawei.com,
yuyufen@huawei.com, linux-block@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [RFC] block: fix access of uninitialized pointer address in bt_for_each()
Date: Sat, 18 Apr 2020 10:11:36 +0800 [thread overview]
Message-ID: <20200418021136.GA17090@T590> (raw)
In-Reply-To: <20200417125134.45117-1-yukuai3@huawei.com>
On Fri, Apr 17, 2020 at 08:51:34PM +0800, yu kuai wrote:
> I recently got a KASAN warning like this in our 4.19 kernel:
>
> ==================================================================
> BUG: KASAN: slab-out-of-bounds in bt_for_each+0x1dc/0x2c0
> Read of size 8 at addr ffff8000c0865000 by task sh/2023305
>
> Call trace:
> dump_backtrace+0x0/0x310
> show_stack+0x28/0x38
> dump_stack+0xd8/0x108
> print_address_description+0x68/0x2d0
> kasan_report+0x124/0x2e0
> __asan_load8+0x88/0xb0
> bt_for_each+0x1dc/0x2c0
> blk_mq_queue_tag_busy_iter+0x1f0/0x3e8
> blk_mq_in_flight+0xb4/0xe0
> part_in_flight+0x124/0x178
> part_round_stats+0x128/0x3b0
This code path is killed since 5b18b5a73760 ("block: delete part_round_stats and
switch to less precise counting").
However, it still can be triggered via readding proc & sysfs iostat.
Jian Chao worked patches for this issue before, please refer to:
https://lore.kernel.org/linux-block/1553492318-1810-1-git-send-email-jianchao.w.wang@oracle.com/
but didn't get chance to merge.
Thanks,
Ming
prev parent reply other threads:[~2020-04-18 2:12 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-17 12:51 [RFC] block: fix access of uninitialized pointer address in bt_for_each() yu kuai
2020-04-17 14:26 ` Bart Van Assche
2020-04-18 3:24 ` yukuai (C)
2020-04-18 9:42 ` yukuai (C)
2020-04-18 15:26 ` Bart Van Assche
2020-04-18 2:11 ` Ming Lei [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200418021136.GA17090@T590 \
--to=ming.lei@redhat.com \
--cc=axboe@kernel.dk \
--cc=bvanassche@acm.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=yi.zhang@huawei.com \
--cc=yukuai3@huawei.com \
--cc=yuyufen@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox