From: Eduard Zingerman <eddyz87@gmail.com>
To: Manu Bretelle <chantr4@gmail.com>, dhowells@redhat.com
Cc: asmadeus@codewreck.org, ceph-devel@vger.kernel.org,
christian@brauner.io, ericvh@kernel.org,
hsiangkao@linux.alibaba.com, idryomov@gmail.com,
jlayton@kernel.org, linux-afs@lists.infradead.org,
linux-cifs@vger.kernel.org, linux-erofs@lists.ozlabs.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, linux-nfs@vger.kernel.org,
marc.dionne@auristor.com, netdev@vger.kernel.org,
netfs@lists.linux.dev, pc@manguebit.com, smfrench@gmail.com,
sprasad@microsoft.com, tom@talpey.com, v9fs@lists.linux.dev,
willy@infradead.org
Subject: Re: [PATCH v2 19/25] netfs: Speed up buffered reading
Date: Mon, 23 Sep 2024 14:56:01 -0700 [thread overview]
Message-ID: <0f6afef57196cb308aa90be5b06a64793aa24682.camel@gmail.com> (raw)
In-Reply-To: <670794146059f85a30efd7cf9d6650375d987077.camel@gmail.com>
On Mon, 2024-09-23 at 11:43 -0700, Eduard Zingerman wrote:
> On Mon, 2024-09-23 at 11:34 -0700, Manu Bretelle wrote:
>
> [...]
>
> > The qemu command invoked by vmtest is:
> >
> > qemu-system-x86_64 "-nodefaults" "-display" "none" "-serial" "mon:stdio" \
> > "-enable-kvm" "-cpu" "host" "-qmp" "unix:/tmp/qmp-971717.sock,server=on,wait=off" \
> > "-chardev" "socket,path=/tmp/qga-888301.sock,server=on,wait=off,id=qga0" \
> > "-device" "virtio-serial" \
> > "-device" "virtserialport,chardev=qga0,name=org.qemu.guest_agent.0" \
> > "--device" "virtio-serial" \
> > "-chardev" "socket,path=/tmp/cmdout-508724.sock,server=on,wait=off,id=cmdout" \
> > "--device" "virtserialport,chardev=cmdout,name=org.qemu.virtio_serial.0" \
> > "-virtfs" "local,id=root,path=/,mount_tag=/dev/root,security_model=none,multidevs=remap" \
> > "-kernel" "/data/users/chantra/linux/arch/x86/boot/bzImage" \
> > "-no-reboot" "-append" "rootfstype=9p rootflags=trans=virtio,cache=mmap,msize=1048576 rw earlyprintk=serial,0,115200 printk.devkmsg=on console=0,115200 loglevel=7 raid=noautodetect init=/tmp/vmtest-init4PdCA.sh panic=-1" \
> > "-virtfs" "local,id=shared,path=/data/users/chantra/linux,mount_tag=vmtest-shared,security_model=none,multidevs=remap" \
> > "-smp" "2" "-m" "4G"
>
> fwiw: removing "cache=mmap" from "rootflags" allows VM to boot and run tests.
>
A few more details:
- error could be reproduced with KASAN enabled, log after
scripts/decode_stacktrace.sh post-processing is in [1];
(KASAN reports use-after-free followed by null-ptr-deref);
- null-ptr-deref is triggered by access to page->pcp_list.next
when list_del() is called from page_alloc.c:__rmqueue_pcplist(),
e.g. the following warning is triggered if added:
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -2990,6 +2990,7 @@ struct page *__rmqueue_pcplist(struct zone *zone, unsigned int order,
}
page = list_first_entry(list, struct page, pcp_list);
+ WARN_ONCE(!page->pcp_list.next, "!!!!! page->pcp_list.next is NULL\n");
list_del(&page->pcp_list);
pcp->count -= 1 << order;
} while (check_new_pages(page, order));
- config used for testing is [2];
- kernel used for testing is [3];
[1] https://gist.github.com/eddyz87/e638d67454558508451331754f946f41
[2] https://gist.github.com/eddyz87/f2c9c267db20ee53a6eb350aba0d2182
[3] de5cb0dcb74c ("Merge branch 'address-masking'")
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
next prev parent reply other threads:[~2024-09-23 21:56 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-14 20:38 [PATCH v2 00/25] netfs: Read/write improvements David Howells
2024-08-14 20:38 ` [PATCH v2 01/25] netfs, ceph: Partially revert "netfs: Replace PG_fscache by setting folio->private and marking dirty" David Howells
2024-08-14 20:38 ` [PATCH v2 02/25] cachefiles: Fix non-taking of sb_writers around set/removexattr David Howells
2024-08-14 20:38 ` [PATCH v2 03/25] netfs: Adjust labels in /proc/fs/netfs/stats David Howells
2024-08-14 20:38 ` [PATCH v2 04/25] netfs: Record contention stats for writeback lock David Howells
2024-08-14 20:38 ` [PATCH v2 05/25] netfs: Reduce number of conditional branches in netfs_perform_write() David Howells
2024-08-14 20:38 ` [PATCH v2 06/25] netfs, cifs: Move CIFS_INO_MODIFIED_ATTR to netfs_inode David Howells
2024-08-14 20:38 ` [PATCH v2 07/25] netfs: Move max_len/max_nr_segs from netfs_io_subrequest to netfs_io_stream David Howells
2024-08-14 20:38 ` [PATCH v2 08/25] netfs: Reserve netfs_sreq_source 0 as unset/unknown David Howells
2024-08-14 20:38 ` [PATCH v2 09/25] netfs: Remove NETFS_COPY_TO_CACHE David Howells
2024-08-14 20:38 ` [PATCH v2 10/25] netfs: Set the request work function upon allocation David Howells
2024-08-14 20:38 ` [PATCH v2 11/25] netfs: Use bh-disabling spinlocks for rreq->lock David Howells
2024-08-14 20:38 ` [PATCH v2 12/25] mm: Define struct folio_queue and ITER_FOLIOQ to handle a sequence of folios David Howells
2024-08-14 20:38 ` [PATCH v2 13/25] iov_iter: Provide copy_folio_from_iter() David Howells
2024-08-14 20:38 ` [PATCH v2 14/25] cifs: Provide the capability to extract from ITER_FOLIOQ to RDMA SGEs David Howells
2024-08-14 20:38 ` [PATCH v2 15/25] netfs: Use new folio_queue data type and iterator instead of xarray iter David Howells
2024-09-24 9:48 ` Leon Romanovsky
2024-08-14 20:38 ` [PATCH v2 16/25] netfs: Provide an iterator-reset function David Howells
2024-08-14 20:38 ` [PATCH v2 17/25] netfs: Simplify the writeback code David Howells
2024-08-14 20:38 ` [PATCH v2 18/25] afs: Make read subreqs async David Howells
2024-08-14 20:38 ` [PATCH v2 19/25] netfs: Speed up buffered reading David Howells
2024-08-16 11:12 ` Simon Horman
2024-09-23 18:34 ` Manu Bretelle
2024-09-23 18:43 ` Eduard Zingerman
2024-09-23 21:56 ` Eduard Zingerman [this message]
2024-09-23 22:33 ` David Howells
2024-09-23 23:37 ` Eduard Zingerman
2024-09-23 19:38 ` David Howells
2024-09-23 20:20 ` Manu Bretelle
2024-09-24 23:20 ` David Howells
2024-09-25 0:01 ` Eduard Zingerman
2024-09-25 10:31 ` Leon Romanovsky
2024-09-29 9:12 ` David Howells
2024-09-29 9:37 ` Eduard Zingerman
2024-09-29 18:55 ` Leon Romanovsky
2024-09-30 12:44 ` David Howells
2024-09-30 12:51 ` David Howells
2024-09-30 16:46 ` Eduard Zingerman
2024-09-30 18:35 ` David Howells
2024-09-30 19:00 ` Omar Sandoval
2024-09-27 20:50 ` David Howells
2024-09-27 20:55 ` Eduard Zingerman
2024-09-27 21:11 ` David Howells
2024-09-27 23:22 ` Eduard Zingerman
2024-08-14 20:38 ` [PATCH v2 20/25] netfs: Remove fs/netfs/io.c David Howells
2024-08-14 20:38 ` [PATCH v2 21/25] cachefiles, netfs: Fix write to partial block at EOF David Howells
2024-08-14 20:38 ` [PATCH v2 22/25] netfs: Cancel dirty folios that have no storage destination David Howells
2024-08-14 20:38 ` [PATCH v2 23/25] cifs: Use iterate_and_advance*() routines directly for hashing David Howells
2024-08-14 20:38 ` [PATCH v2 24/25] cifs: Switch crypto buffer to use a folio_queue rather than an xarray David Howells
2024-08-14 20:38 ` [PATCH v2 25/25] cifs: Don't support ITER_XARRAY David Howells
2024-08-15 13:07 ` [PATCH v2 00/25] netfs: Read/write improvements Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0f6afef57196cb308aa90be5b06a64793aa24682.camel@gmail.com \
--to=eddyz87@gmail.com \
--cc=asmadeus@codewreck.org \
--cc=ceph-devel@vger.kernel.org \
--cc=chantr4@gmail.com \
--cc=christian@brauner.io \
--cc=dhowells@redhat.com \
--cc=ericvh@kernel.org \
--cc=hsiangkao@linux.alibaba.com \
--cc=idryomov@gmail.com \
--cc=jlayton@kernel.org \
--cc=linux-afs@lists.infradead.org \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-erofs@lists.ozlabs.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-nfs@vger.kernel.org \
--cc=marc.dionne@auristor.com \
--cc=netdev@vger.kernel.org \
--cc=netfs@lists.linux.dev \
--cc=pc@manguebit.com \
--cc=smfrench@gmail.com \
--cc=sprasad@microsoft.com \
--cc=tom@talpey.com \
--cc=v9fs@lists.linux.dev \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox