Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp451424pxv; Wed, 30 Jun 2021 09:15:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzuHcnLqMeBW9Vcvs44ShKnCHDpDjx2DUdGyKg6xAJrfRMH3xvN4tDtpxL/60Shddpf9ICr X-Received: by 2002:a05:6402:748:: with SMTP id p8mr48186692edy.91.1625069701032; Wed, 30 Jun 2021 09:15:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625069701; cv=none; d=google.com; s=arc-20160816; b=XKQY3j8RPWkOLdFA5716pacG9hx3UhAlce+ln+yGWkkoCDk8H5PjvJUX+VkAj+l0aX VgmaT5rAzGvCbWg68ky/IuDNxT9CkHvhFuJSVgX3sEL2AyEMdRqCEVK15O1CRAlhQAVG 6Oa/ojT0YQGDW3oQ1iHe01YazcXQeHZF7xeJojewmnzsoqdpdgqXRj+MtY3uuSWoDgAP G7IQdBQ21n/oUUb/wL+RdMo8U2jCoSFU3IXcKYxG9ooca0HWETcQOFyq4Zx+ZRMkoPkp /TTWH8XZGy4M+XYH/6TnkW2mhBMNA3Rxh2INzsCqV8QWkYR+Zqxv3s1qQ0z4UsB6AMGk TPug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=Ap5HjGyol7EIxtw30stqwqrNo/D8PSLjQYjJnRBuDhU=; b=MC9tvV1DLyvxqGG6Mur3SO4GmwTe+m5EA6ylPrOrnlV+qIRd6zcN/czlubY1GvnXqw 130qirkbzppE1pbyHfSHCsfMDpmCa3QEqqJChnDVBluiV5bYp/qaWb5LiQFS6eTRTHrO J2um/51kabq3Hm72Q4BP6tDwLJ3kX1jPoaTFRH1dusYQAGXX7mv2xpDnJOfkqL10qnKD ifKNBZNwneA6XgWDMLOtHG05aKnwa6cU4WXdrRJE9CF3RRUz+agLttvacKuI7mKvNLJy iK9WBCIsTT5nw2HLCcIwcGL0EKOc7LsYvqWognzelqSJo3HLBvwHyiGeT2WSfIeoiLvf F3WA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=kIjuafd9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s7si10159867edd.314.2021.06.30.09.14.35; Wed, 30 Jun 2021 09:15:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=kIjuafd9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231726AbhF3QNl (ORCPT + 99 others); Wed, 30 Jun 2021 12:13:41 -0400 Received: from mail.kernel.org ([198.145.29.99]:35172 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231698AbhF3QNd (ORCPT ); Wed, 30 Jun 2021 12:13:33 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 6AD926147E; Wed, 30 Jun 2021 16:11:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1625069464; bh=M8ldAZIlZPdkE4DDxEruz+BeSbuNAZmJGY4VXeQhPbU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=kIjuafd9ucIniC22otKPC7dmUd41/MK9JTkA5XhaP2hGAPC8vMIPbB/Iu1OSSc2dk DxfvR+O3ck+BZSti2bbWuzQrwEvWclOyEQKty9sFsjxFBs62NQgBRmu6gcwAMcIpEm mvajycTioH9jrZ/J9T1KeSnToXafODz5fWYHIW8ZalubsHD0Izbws22VHEhEFfBrWF Iz9RHbV4c/1RNTeK7ppH+8PpS1DtpefTIshaALX4o1ThUlajT7qcVQy/nRccFwVEBq tijIGsoeqDQa29G9WhnITxk2L8aEzcoly2Cj1/zbnFkQaMtVDPkRBAn0Td4vfEMQa0 l+wAGTzJlqLjg== Date: Wed, 30 Jun 2021 17:10:36 +0100 From: Mark Brown To: Tejun Heo Cc: Paul Gortmaker , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, Al Viro , Zefan Li , Johannes Weiner , stable@vger.kernel.org, Richard Purdie Subject: Re: [PATCH] cgroup1: fix leaked context root causing sporadic NULL deref in LTP Message-ID: <20210630161036.GA43693@sirena.org.uk> References: <20210616125157.438837-1-paul.gortmaker@windriver.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="9jxsPFA5p3P2qPhR" Content-Disposition: inline In-Reply-To: X-Cookie: I demand IMPUNITY! User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jun 16, 2021 at 11:23:34AM -0400, Tejun Heo wrote: > On Wed, Jun 16, 2021 at 08:51:57AM -0400, Paul Gortmaker wrote: > > A fix would be to not leave the stale reference in fc->root as follows: > > -------------- > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0dput(fc->root); > > + fc->root =3D NULL; > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0deactivate_locked_sup= er(sb); > > -------------- > > ...but then we are just open-coding a duplicate of fc_drop_locked() so = we > > simply use that instead. > As this is unlikely to be a real-world problem both in probability and > circumstances, I'm applying this to cgroup/for-5.14 instead of > cgroup/for-5.13-fixes. FWIW at Arm we've started seeing what appears to be this issue blow up very frequently in some of our internal LTP CI runs against -next, seems to be mostly on lower end platforms. We seem to have started finding it at roughly the same time that the Yocto people did, I guess some other change made it more likely to trigger. Not exactly real world usage obviously but it's creating quite a bit of noise in testing which is disruptive so it'd be good to get it into -next as a fix. --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmDcl3sACgkQJNaLcl1U h9DHcgf/cG+zirVPNAyg/RyU6eO8RRZ/Fsde5H0M1tr3tybVB/GuciKOhNSBdU8p MEnEvuPHRVsq8o5KTMvo+lxmNdBy/OHVK/LnU6CyqkDaU9l5a9+JOc+N+Ljn9JyJ wBzeFmiAeMdcnCzaPYCGHXzgILY8j0vs2agj/hI3sdP/GNMMQ3URQmKeTsB1YtCO GICcKyAPHeVy5GZwfaWDJGEJhFXOIW7d20+cuKpx335WsTg+aORft+rwPDHvfH6+ mJF34H7wfckprBzWdA8v+fPrYINjeiLFSWJsXLdWHfy6F3BAAiDKxT0Pm9fVwZ5Q e0VJUxXvl2KHT//hLYrTSETDFuiMwg== =vGg1 -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR--