lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <870ea887-ecb0-4058-855b-6c82ab01c7fc@kernel.dk>
Date:   Tue, 29 Aug 2023 08:04:19 -0600
From:   Jens Axboe <axboe@...nel.dk>
To:     Gabriel Krisman Bertazi <krisman@...e.de>,
        syzbot <syzbot+c74fea926a78b8a91042@...kaller.appspotmail.com>
Cc:     asml.silence@...il.com, io-uring@...r.kernel.org,
        linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Re: [PATCH] io_uring: Don't set affinity on a dying sqpoll thread

On 8/28/23 5:42 PM, Gabriel Krisman Bertazi wrote:
> syzbot <syzbot+c74fea926a78b8a91042@...kaller.appspotmail.com> writes:
> 
>> Hello,
>>
>> syzbot found the following issue on:
>>
>> HEAD commit:    626932085009 Add linux-next specific files for 20230825
>> git tree:       linux-next
>> console output: https://syzkaller.appspot.com/x/log.txt?x=12a97797a80000
>> kernel config:  https://syzkaller.appspot.com/x/.config?x=8a8c992a790e5073
>> dashboard link: https://syzkaller.appspot.com/bug?extid=c74fea926a78b8a91042
>> compiler:       gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
>>
>> Unfortunately, I don't have any reproducer for this issue yet.
>>
>> Downloadable assets:
>> disk image: https://storage.googleapis.com/syzbot-assets/46ec18b3c2fb/disk-62693208.raw.xz
>> vmlinux: https://storage.googleapis.com/syzbot-assets/b4ea0cb78498/vmlinux-62693208.xz
>> kernel image: https://storage.googleapis.com/syzbot-assets/5fb3938c7272/bzImage-62693208.xz
>>
>> IMPORTANT: if you fix the issue, please add the following tag to the commit:
>> Reported-by: syzbot+c74fea926a78b8a91042@...kaller.appspotmail.com
>>
>> general protection fault, probably for non-canonical address 0xdffffc000000011d: 0000 [#1] PREEMPT SMP KASAN
>> KASAN: null-ptr-deref in range [0x00000000000008e8-0x00000000000008ef]
>> CPU: 1 PID: 27342 Comm: syz-executor.5 Not tainted 6.5.0-rc7-next-20230825-syzkaller #0
>> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
>> RIP: 0010:io_sqpoll_wq_cpu_affinity+0x8c/0xe0 io_uring/sqpoll.c:433
> 
> Jens,
> 
> I'm not sure I got the whole story on this one, but it seems fairly
> trivial to reproduce and I can't see another way it could be
> triggered. What do you think?

Yep looks like the right fix, we should check the thread after parking.
I'll get this added to the queue, thanks.

-- 
Jens Axboe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ