Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp5870065ybv; Wed, 12 Feb 2020 01:40:20 -0800 (PST) X-Google-Smtp-Source: APXvYqwHAoUBpyGsWSVLr7KIoZeGKHJimfC4G021rB9oVaMaDIgTKCuq9MebcQi0niCKbCXgKVLT X-Received: by 2002:a9d:7e90:: with SMTP id m16mr8052964otp.227.1581500420093; Wed, 12 Feb 2020 01:40:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581500420; cv=none; d=google.com; s=arc-20160816; b=pMJcqqWU1VC/SBSy7cpjziw+XeomfFDfw+1VZR70v+32zs9anhN/Gp0r+6JJXgjpL/ VUxXQCOliLxR1pcdYd9K+P2Pk8Rw148tlKyxrI+AbFHxrIFIX87P2j9ustxkqVZ+ilHK FixcjbjPQhwmvokmB5u8B3SbUW2b858HBwVTijN6yKRTG7LPxLZemcgVoZEfmsxHy4Sk 0mKDRyvGSqbCi8pwu7Y4bvoeiZ9/4U7bn/QrMvqQRMK8VaUK+IPpdUX5js1NQXs76Wk/ 9lra2saOpffz1jUTT5idnsg2XGCjpULTAwgKuWK/MtY4tW/JD5/T+bjmdJFrrMEvL5xt J1zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=mIiapcw2qY11tt9ZC1FJxtTmrsdn4un9X7oox81xbp0=; b=ktCdFi57PVSlhXAEY/nJCqcwH7cUrHdC+S5mGz/6MEdLrZo5M8oYLf6MyvjvepXfx1 Jp1RRZKJ+H6ZY0pVWhXJk4OMkibrd+81Wy1PzSm6rrL5S8zCBjkDOzjVQrKF21AuXBt8 TX/nva5Aj/0RyyJSBAheWFYvOxwoZ8vpoFuc2YkcJyYTqDYOPzYNn7OxovrbNU9mI33+ eFqOpeyCmscA7rpDpQo+NfzI440uh7h/isJskmqQ7F+L4lxAUuhPAzpGDA6Ax5e1vt9G Vs2ggVG4EhHjXkhg3yE1+O8iZSVIBftZM0W5RwQlSTkwjXEvtEfsQ981+pjxyOt7VBG9 uzfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@stapelberg-ch.20150623.gappssmtp.com header.s=20150623 header.b=xIQqMJZi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t26si3393823otq.264.2020.02.12.01.40.08; Wed, 12 Feb 2020 01:40:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@stapelberg-ch.20150623.gappssmtp.com header.s=20150623 header.b=xIQqMJZi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728901AbgBLJir (ORCPT + 99 others); Wed, 12 Feb 2020 04:38:47 -0500 Received: from mail-oi1-f176.google.com ([209.85.167.176]:36569 "EHLO mail-oi1-f176.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728748AbgBLJiq (ORCPT ); Wed, 12 Feb 2020 04:38:46 -0500 Received: by mail-oi1-f176.google.com with SMTP id c16so1430232oic.3 for ; Wed, 12 Feb 2020 01:38:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stapelberg-ch.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=mIiapcw2qY11tt9ZC1FJxtTmrsdn4un9X7oox81xbp0=; b=xIQqMJZiBbTwqKfqhbIBV8cPsjP0fB9ODjH3UlNW47f/KQGuR5LFmez888vOfWtrgx hHzFz3tEzyCn6T6KIuQStJtkVI0qMygIbWwrjF0tagXMv4fEBuIM6bBQs2lOC7hc17XA j25098U0iL4LjQokTeZsIEps7PMv+J9ST/pw7B+IH8kdBSetzPsRjd65RtygwqC9kG6J zGzRWsaXvM+7mx1QKkmfPTrh9c76C7S1y7ItyjNDjXCiO3nYxw2tcRoyB2OqXfZR4a83 EOckv3TbvBMl2eipVhcUUBB+dIz1yLD8LKDVdpMnRNojyka69+JamCvqctzEuNboLjQ5 SvhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=mIiapcw2qY11tt9ZC1FJxtTmrsdn4un9X7oox81xbp0=; b=QTqod4WkUSIm9gKEgDmFGl+0U2MIO8+/I9fHxCALtAKTvgjOzLZl4szJEccBazk7sA fGcO1qU1RYDbt33Z7zFQAsQnaFxzUGSAw74B37fuARa6QcgqOYXA+z/CUWxEAM9+mW6E yzLkPEa4NchE8MQj+Iz1Ez+U/nV2wWz/tT3BcAHPj2X4z3jIcGEhCt3iZ111nPf3SU1v GMDCPyyerKEEhbeAoxEmkZiqDNDM7ljymEOoIgDqGdF3dqQ1fe841pyh7kQwpOLEmwiT v/qsFxnKNKyQ6CvMjaFvATiPmribTblThJr3LsA8C6l/xvt6DHfkQZ7KZIMbMjy7ai4q J2gQ== X-Gm-Message-State: APjAAAUQuxY19t3rOjeyU6FMJR71HnK6CJ2ryVMNBNoLMf9ty2QSYI4q 1x3wBF5xgbaieLd7DXosCwYO6SVz+fQwXYs0JpK/fw== X-Received: by 2002:a05:6808:8ca:: with SMTP id k10mr5623635oij.164.1581500325196; Wed, 12 Feb 2020 01:38:45 -0800 (PST) MIME-Version: 1.0 References: <20200209080918.1562823-1-michael+lkml@stapelberg.ch> In-Reply-To: From: Michael Stapelberg Date: Wed, 12 Feb 2020 10:38:33 +0100 Message-ID: Subject: Re: Still a pretty bad time on 5.4.6 with fuse_request_end. To: Miklos Szeredi Cc: fuse-devel , Greg Kroah-Hartman , Kyle Sanderson , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Unfortunately not: when I change the code like so: bool async; uint32_t opcode_early =3D req->args->opcode; if (test_and_set_bit(FR_FINISHED, &req->flags)) goto put_request; async =3D req->args->end; =E2=80=A6gdb only reports: (gdb) bt #0 0x000000a700000001 in ?? () #1 0xffffffff8137fc99 in fuse_copy_finish (cs=3D0x20000ffffffff) at fs/fuse/dev.c:681 Backtrace stopped: previous frame inner to this frame (corrupt stack?) But maybe that=E2=80=99s a hint in and of itself? On Wed, Feb 12, 2020 at 9:34 AM Miklos Szeredi wrote: > > On Wed, Feb 12, 2020 at 8:58 AM Michael Stapelberg > wrote: > > > (gdb) p *req->args > > $5 =3D { > > nodeid =3D 18446683600620026424, > > opcode =3D 2167928246, > > in_numargs =3D 65535, > > out_numargs =3D 65535, > > force =3D false, > > noreply =3D false, > > nocreds =3D false, > > in_pages =3D false, > > out_pages =3D false, > > out_argvar =3D true, > > page_zeroing =3D true, > > page_replace =3D false, > > in_args =3D {{ > > size =3D 978828800, > > value =3D 0x2fafce0 > > }, { > > size =3D 978992728, > > value =3D 0xffffffff8138efaa > > }, { > > size =3D 50002688, > > value =3D 0xffffffff8138635f > > }}, > > out_args =3D {{ > > size =3D 570, > > value =3D 0xffffc90002fafb10 > > }, { > > size =3D 6876, > > value =3D 0x3000000001adc > > }}, > > end =3D 0x1000100000001 > > } > > Okay, that looks like rubbish, the request was possibly freed and overwri= tten. > > > Independently, as a separate test, I have also modified the source like= this: > > > > bool async; > > bool async_early =3D req->args->end; > > > > if (test_and_set_bit(FR_FINISHED, &req->flags)) > > goto put_request; > > > > async =3D req->args->end; > > > > =E2=80=A6and printed the value of async and async_early. async is true, > > async_early is false. > > Can you save and print out the value of req->opcode before the > test_and_set_bit()? > > Thanks, > Miklos