Received: by 2002:a05:6602:2086:0:0:0:0 with SMTP id a6csp4461526ioa; Wed, 27 Apr 2022 04:31:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyoNq0Pn4axp+xYuJXIArRkDZYB42fd/Yrp/GC3PxfzVpVqtEVhP5mc1ofzALG2M+jRjJIp X-Received: by 2002:a17:902:7404:b0:15c:321d:6f47 with SMTP id g4-20020a170902740400b0015c321d6f47mr26192113pll.120.1651059078697; Wed, 27 Apr 2022 04:31:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651059078; cv=none; d=google.com; s=arc-20160816; b=w2kGmq7BQEH+NU2VAWKJDz3zYfBYf2id1Akb231QVm3ZSlxHAFPOXPmGkO2ml8ioEh Z6r3K3971fW0l0Z1YIRV1w+TBN1xtOgcl6jcvV3dQ8NfwpIy540FMN2dvsHo71jEYCoF mJgxYV6bTQDE+svWi4McdDc6irGworzo3t8FNLhr6TTGxYgvUjSrR0hGp1Kr0bzhFWtH lbFmbcsg++qCrhm9ydjOGk2ZiBpqaS1R2ql2wnz5Gr+18ISn3d4IcfyIVv6nUwbmsv+l qy+IMfHyUJsWb0xffRRfFa0DQ0DEeIGObEZP/1kIeyS4sQyVfV/OZVd8ZadnLzEslGu9 vYCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=uCWRsh2XDsci/qyEwcXXHMb3VG+RXIYuPdWO54FN1Ew=; b=QxipSwonML6bv0qoN2ejt0W4up1RNh0VHMN4MXdHexAficF1pgZnjk/PH8qd4GW8lC UbvUJO057tnZkEHi9nBDMa4EJeHFn8FDilsC7y3DzvjEBcAuuvC3bDURPx3xPZv7ivRm BiOm0kqSjCLx5ZvYhDtXbcu/925PafqqXWolu3Fu4RIxzRGdTWl/Mw0Y4X2dyK9RDbzs lK6b9VQmMci2+QPdGKTMyhs3ehgukTP+KkNaAO6npzTHY3cdwKyen6tSRsli7NgZbsXb AH2ZdqlVnVPZcYDAbD1+EsaGCaXDuwowO3zARaoND830KNtGVP4+4NF2IEZ6YeL731IC 6ixw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@bytedance-com.20210112.gappssmtp.com header.s=20210112 header.b=MfDHh1de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=bytedance.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id u16-20020a17090341d000b00155e8c68779si1336664ple.601.2022.04.27.04.31.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Apr 2022 04:31:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@bytedance-com.20210112.gappssmtp.com header.s=20210112 header.b=MfDHh1de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=bytedance.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 8BB0B3528AE; Wed, 27 Apr 2022 03:19:01 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244164AbiDZEwd (ORCPT + 99 others); Tue, 26 Apr 2022 00:52:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46610 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230037AbiDZEw3 (ORCPT ); Tue, 26 Apr 2022 00:52:29 -0400 Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CEA168233F for ; Mon, 25 Apr 2022 21:49:21 -0700 (PDT) Received: by mail-ed1-x534.google.com with SMTP id z19so7581192edx.9 for ; Mon, 25 Apr 2022 21:49:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=uCWRsh2XDsci/qyEwcXXHMb3VG+RXIYuPdWO54FN1Ew=; b=MfDHh1de0uDvPcakb8maWup+ELUpQnmvwuY8MFwm6JcH4LfWr0HvPRzilhUYxTawSK MFEVDXKLPMqISz2NBOZDOhPHvQSwkJKCz/C6j04OEdkreVqH/iyL2WbPfxej4BbS6KLB /5QLPUdSEw59W/rPKcYC5F6eiP2WwXS6IEXrcWU5PRVsIbZqgG3nx89aRkJg6dsD4P17 Dgtq7iZhR60vsZ8xXLrOmZiXNDA8JBX3AVIQHeaILgEkoUZLbTyQynm2pzsIDTIysu// HXKcysyj8KCy11EYmcEUOxZ+L0bOuj8urQM+4MD+pyZQnQmLxm63MABLciXDRupAkSKT ngxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=uCWRsh2XDsci/qyEwcXXHMb3VG+RXIYuPdWO54FN1Ew=; b=COW/IZ0Nh9HAiuSX6qqD9evKuJLVH2T5AuUmAOl7aK+sALBOjq8+jDdb7wvDy0ULWW 3KMpXi+eS9LzZ58pYaSEF19knptZ0uuii7C3OiBAcPLgvpzEOqUDYaKiJq+2XxFqqqTb EWXA6hTqwXakXqjWMqnmRtWQKnH/c3MkTe4IrVpjCFaa4S7H1LPi4yxa2RLGATp5TIeB tS/Zhp13/wKz30/8gKe3+6s3aKSIh7EZ+N0dKNNEVx6ZnqsAp0gieCr4tJVpFpQ9QJkG PTD7x8eVVGo4/PcBHTphsM0NQMl7gcLf/hh3KxYlIUtTqCAeeVoLSXZHMd7xaTSL5Q2C 0/8Q== X-Gm-Message-State: AOAM532wPO85+7NJVDzqStIxNWMIqGvDQTtnAI3Fq9tQtcZLiVc/u0JQ 8i/K8gmM8IskF27zxx9WUqLxy1Q7Y4HE1lqAWfem X-Received: by 2002:a05:6402:4388:b0:423:f7c9:7e04 with SMTP id o8-20020a056402438800b00423f7c97e04mr22763883edc.298.1650948560003; Mon, 25 Apr 2022 21:49:20 -0700 (PDT) MIME-Version: 1.0 References: <20220425083302.GD21864@xsang-OptiPlex-9020> <20220425144607.2c2588e6b1f00ab8a6f3f6ea@linux-foundation.org> <20220425163434.5f8f47e8c301ea30c2f94a5a@linux-foundation.org> In-Reply-To: From: Yongji Xie Date: Tue, 26 Apr 2022 12:49:49 +0800 Message-ID: Subject: Re: [proc/sysctl] 1dd38979b2: BUG:kernel_NULL_pointer_dereference,address To: Luis Chamberlain Cc: Andrew Morton , "Michael S. Tsirkin" , Jason Wang , Dan Carpenter , Eli Cohen , Parav Pandit , guanjun@linux.alibaba.com, kernel test robot , Julius Hemanth Pitti , Johannes Weiner , Kees Cook , Iurii Zaikin , Ingo Molnar , Al Viro , LKML , lkp@lists.01.org, lkp@intel.com, virtualization Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 26, 2022 at 12:25 PM Luis Chamberlain wrote: > > On Mon, Apr 25, 2022 at 04:57:26PM -0700, Luis Chamberlain wrote: > > On Mon, Apr 25, 2022 at 04:34:34PM -0700, Andrew Morton wrote: > > > On Mon, 25 Apr 2022 16:08:57 -0700 Luis Chamberlain wrote: > > > > > > > On Mon, Apr 25, 2022 at 02:46:07PM -0700, Andrew Morton wrote: > > > > > On Mon, 25 Apr 2022 12:00:21 -0700 Luis Chamberlain wrote: > > > > > > > > > > > Andrew, can we drop this patch for now? > > > > > > > > > > I've been sitting on (ie, forgotten about) this patch > > > > > (https://lore.kernel.org/all/20200709235115.56954-1-jpitti@cisco.com/T/#u) > > > > > > > > Jesh, yeah I see. > > > > > > > > > for two years. Evidently waiting for you/Kees/Ingo to provide > > > > > guidance. So sure, the need seems very unurgent so I can drop it. > > > > > > > > Well Keew as OK with it, but I yeah I can't decipher the issue at this > > > > point in time. > > > > > > > > > However I fail to see how that patch could have caused this crash. I'm > > > > > suspecting a bisection error? > > > > > > > > > > Maybe something is unwell in drivers/vdpa/vdpa_user/vduse_dev.c. > > > > > > > > At a quick glance, yes it could very well by vduse_init() is messy and > > > > races somehow with init, but if a race does lurk here my instincts tell > > > > me this can't be the only place. > > > > > > > > Not sure if leaving a patch in place more time to see how else things > > > > can explode is worth it. > > > > > > Confused. Are you thinking that the above-linked patch was somehow > > > involved in this crash? If so, but how? All it does it to permit > > > unprivileged reads to four ints via proc_dointvec_minmax()? > > > > If the priv allows for it access to dereferencing a pointer is allowed. > > How that race happens though, indeed is beyond the patch's fault. > > Even so, I am 99.99% sure this is a driver bug then. And so if enabling > this patch just enables more driver bugs so be it. > > So driver maintainers: please take a look, I tried to check but > the driver bug is not obvious to me yet. > Yes, I think it's a driver bug. I'll send a patch soon. Thanks, Yongji