Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp697033iog; Fri, 24 Jun 2022 11:59:40 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uhRtjyruRKvos3rQqEnqHpEp86O8oPCt716E03QhOftgCELxPBPR0yyMl6inB0RzCoVHxD X-Received: by 2002:a17:902:e0c3:b0:16a:1c8a:5ae8 with SMTP id e3-20020a170902e0c300b0016a1c8a5ae8mr485132pla.97.1656097179825; Fri, 24 Jun 2022 11:59:39 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1656097179; cv=pass; d=google.com; s=arc-20160816; b=BzQIWHbfu7xP2MtDD4K8+ZVDTzxPuxEtnGid1xQI4vHCWbaF24nPcHYem41hDkaTp5 GyjpgmJp2TR5y9EuOY/GJlBurebJlhE8fr5XmuMfEmG4UdqY+3PcdOTgeo6vfWxLprMN rKlu2U2fCUi6XfbOY1E7i0EZ92DBGpRqCGcyzo7Jf0ZlESeqO8xv0EpHMSrxUqFdCGig wH02GJ+ILuibaMRE0pjgXvT1j79p/fqpt+65czPcErtPXVBGxAtMta6I2eylN1f4O4YX kdZ6NBalnnPyeSh2DZM0NO/j+pHoFQmLsILrsqUlQdlKbbE47ly3NI1jJV9lDeZSkOGB E84A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:in-reply-to :content-disposition:references:reply-to:message-id:subject:cc:to :from:date:dkim-signature; bh=6VjMLv22WnmDuLhhndRSRQ6CfUxrvwQPwgDQjqz3smM=; b=TH484gluIMKRgPBrVq+NyVZr184L4QSgZ3UOzTGrFWXROwkwuAZAfiQAdcM+0rs4Uf p98wplYkFYNJCgUa07FOV4+Zk70l544+e4EtIVgAGDxHsYEvSNUPBpWdSUWorsUcMMxs rsRewC2kltQMNo4kKTN+Ej8mxeRKVF6SEhsnCfcTffVPn89E9mn8SOa07ZZf81RQGmhQ jOk8xSg2bJlUHu1W+jmGHU6mgtNsIOYRnK6PEsHfGyzUzL+Rt1ZEFiO/oLqH/7QMEbt5 UGPMZGE8F1GlS+v8zjq6g9ItiuzE748jEGVeKzguPe+d1/zvDuYoUpsRnWzsYUEuSW59 Iqqg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@bksv.onmicrosoft.com header.s=selector1-bksv-onmicrosoft-com header.b="dPb/uwHi"; arc=pass (i=1 spf=pass spfdomain=concurrent-rt.com dkim=pass dkdomain=concurrent-rt.com dmarc=pass fromdomain=concurrent-rt.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mi4-20020a17090b4b4400b001ec9d524715si4373540pjb.84.2022.06.24.11.59.25; Fri, 24 Jun 2022 11:59:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@bksv.onmicrosoft.com header.s=selector1-bksv-onmicrosoft-com header.b="dPb/uwHi"; arc=pass (i=1 spf=pass spfdomain=concurrent-rt.com dkim=pass dkdomain=concurrent-rt.com dmarc=pass fromdomain=concurrent-rt.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231890AbiFXSoq (ORCPT + 99 others); Fri, 24 Jun 2022 14:44:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43772 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229873AbiFXSop (ORCPT ); Fri, 24 Jun 2022 14:44:45 -0400 Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150118.outbound.protection.outlook.com [40.107.15.118]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BD071EE15; Fri, 24 Jun 2022 11:44:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=D8hcH6r1hlAj29tTRoQAtayN7wGcect0U/U7kZ/IMp0NzVE57N3byG3xIvG/w3KgqFk99f/FIp88/bXTom8o56i578jvl9gN59sxHS4j22bjyO63fH2x1SGT2gLBwiiaWcS3aklT1+vrW/Gj359NlbOSpHPxB02+9BwbLneifaPN18muR7T8BEjzHjcSoSTQDJ49K6PfR/f9m943czep9G8iGkgI/EycmP7C3O0lzGc1VqQWykZO7QKFe4XqoWXczbAIfyqHiyrMEMEfCRC/l+qnarxMpsrWNP9jlqBjy6pD9egoIG0XuDgOPPF0ek+Y+InFLhVCgnWkdbjMYG+pvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6VjMLv22WnmDuLhhndRSRQ6CfUxrvwQPwgDQjqz3smM=; b=OeSL4VOcTzp8UMdryGCUKnaTKHht66l6YJdxCenPT+fvHO7atClLTWXhDviPU1BqEiTc//00ekQqBdgzzzRr6jeT+RfVOa2WH9d0ljGsq8YwdX9wHhYcrd8Iozmp94pFC7f1AVz0ta6FG6FCp/mPgjfv2mG65xPD6FqyRPYFlp/1bTQk6E7BJTEB2slqPTLtE2GKqeGT0ZJchhPGBp0bcRmgFBjkeQdAuOFpp9JZA4DfkKo5m2s91fe5Zilr798wP+KXqHP97h99ncAyfsTJLtPTXE/QN725pFCPUmJ03iZX/Oktq4IsTWClg58U4xb9+6Kc1LbkjAhYFq7/lYBQQg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=concurrent-rt.com; dmarc=pass action=none header.from=concurrent-rt.com; dkim=pass header.d=concurrent-rt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bksv.onmicrosoft.com; s=selector1-bksv-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6VjMLv22WnmDuLhhndRSRQ6CfUxrvwQPwgDQjqz3smM=; b=dPb/uwHiQ71U8tr+ZIKh/W7iOKIW6mjVICpYUZD1E70V3pkwdMOeobru8UOxDVw9MJV/XnaMQbFLGdfrWhlKp9UjoNx5rO2dMqvAmPQIEHoFnlYnMWyOlis+8ziUCDQlQMOdKnH+jCOnUrM5X2vh7bLplOoqDfnZYsySSityUzI= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=concurrent-rt.com; Received: from VI1PR09MB3582.eurprd09.prod.outlook.com (2603:10a6:803:13b::17) by AM7PR09MB3669.eurprd09.prod.outlook.com (2603:10a6:20b:109::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5373.15; Fri, 24 Jun 2022 18:44:41 +0000 Received: from VI1PR09MB3582.eurprd09.prod.outlook.com ([fe80::10ca:5087:bbde:5678]) by VI1PR09MB3582.eurprd09.prod.outlook.com ([fe80::10ca:5087:bbde:5678%8]) with mapi id 15.20.5373.017; Fri, 24 Jun 2022 18:44:40 +0000 Date: Fri, 24 Jun 2022 14:44:31 -0400 From: Joe Korty To: Mark Gross Cc: "Luis Claudio R. Goncalves" , LKML , Linux RT users , Sebastian Andrzej Siewior , Thomas Gleixner , Steven Rostedt Subject: Re: [RT BUG] Mismatched get_uid/free_uid usage in signals in some rts (2nd try) Message-ID: <20220624184431.GA4386@zipoli.concurrent-rt.com> Reply-To: Joe Korty References: Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-ClientProxiedBy: SN6PR16CA0065.namprd16.prod.outlook.com (2603:10b6:805:ca::42) To VI1PR09MB3582.eurprd09.prod.outlook.com (2603:10a6:803:13b::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 56ad630a-633b-4415-31e6-08da561198a5 X-MS-TrafficTypeDiagnostic: AM7PR09MB3669:EE_ X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: F241NTWSyTu+o3WhIaydBdcnjmKlaTXNerUVt75vthJoRG3ZB7DjuA3UuOuCF1F2futJ3flulk5gI6/tJItAdcBnOUVGrukZNOyq0i1qoH7XR9G4JjNJ7bS0LRKiVkJo0JEeiMqy92TdR1ApBEi9L07LpjrhkFo6Bh7c6KEOI2WN+dPNVZHsPKWTReR5YuyH0tnEDsq5B4pu5b/W5Hg0lML2SzU1LRK7kFLBuEQI9gSZdvOivl8B3uo4n2XTM+XtvKmvD94t72wuJPjcHVLBN3Uj0/GD1Ik4YyzUffBas7gq4H/f8UfxY1dSlwQYydLztXzPpC0zSsDALzrWUK31Afj0ohH2V/MHUG+89+jwvbvjVkcP475ozr1KDdyNwLpB7R3+GaIfYogjDBhyi6qaECAa6H5dMzYJD446eWFaRj4dv4Ze1DyFQvYgltQnxjKAmK+ycALrCcFzxFmGY9q3kmNiU0Wy4UvGuRTpx7/137kRreOSI5rnKdOohIBPIoqRh33+z+Hkm0wKU6AzoBJzonovRsN3oN0z6EybEXOHKq3RoAo8q6IXNL7emuYobIm23W3V0gJtY8YOecF89vVxmAkrQ+YHy0CgrPEDMi4K7X1q0cVS33Cklkfnzvmhc4N+vFlo+ObktHUfxlT1ZjS8lTQxBbHpz7QK/SQ9NbyFGkTlPsEE9Opma77lHgOXg/TV74XcIzR6aSpllxpGogNKeFO4IKff88cInpCKVl5zX3DkNenu//ME6eC+OAMfgPmn X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR09MB3582.eurprd09.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(4636009)(39850400004)(376002)(346002)(396003)(136003)(366004)(66556008)(3450700001)(6916009)(66946007)(26005)(2906002)(45080400002)(6512007)(54906003)(44832011)(38100700002)(38350700002)(8676002)(33656002)(41300700001)(84970400001)(316002)(66476007)(478600001)(6486002)(8936002)(4326008)(86362001)(6506007)(83380400001)(1076003)(6666004)(186003)(52116002)(5660300002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?yDwEZ1QZSXK8gPtAO4hWzRMjgQDZYUFwg9woF2Ptme0QJEcLNpN441FD0BgX?= =?us-ascii?Q?z8lyouCCjcJaVEnjidkc3OcPFCEsmti08Dy9QF56TcpDAqNEevG0dJSHo/Cx?= =?us-ascii?Q?IrinzJS5Pp/jCsiyvc9KHOkvYdeunF25Ee/S6u8r+m6wtsMxgLGD9TSJJJvh?= =?us-ascii?Q?+gJLCb4v3I9zKm7IbMLQMKqf2lr15RHW0n8BarZeM0XgfGhfm9XBrRoYyC09?= =?us-ascii?Q?NzOmVRiEyvkyujBXdlU8VVdwGRzpNHfjAUyk0+oTi3E0mCTBOUqfe/5GgNaf?= =?us-ascii?Q?PmzL4GwLB+pMt9cvAfjtv6LTc+OIdM37yRuRKg6L6QE9mhaIA1FdHRXww1+w?= =?us-ascii?Q?bohyNzJrNX3GMOGrXIKo5Q5SrixpxCv3gGjpFAs/khpmEGiZfjbmhdrpzO3Q?= =?us-ascii?Q?6XfC9V8pVYS/KUqLlb+WIbZtRLyy2mtaw6giX3i4bqgaoGc23FkwMBGXyaOy?= =?us-ascii?Q?4ySObjpls8Sba7raZwCdWWjszXY3BwK/w8XdcXsRU4LDvBhhttNVd63/iw0l?= =?us-ascii?Q?K4D31dxJlbexWDI2g398eh2vZChxMY83Q77hQCHHhC4+e14JSF/GmJ2qQrAP?= =?us-ascii?Q?OIDBJqPgM7aBAufA3iJ2cDIkYCjHEsdJVaE/uwMhZUAKxT2yBNAMFuxGtPvb?= =?us-ascii?Q?ScmDsTPnTYgSeQufWIlktsyqqiCGDuIL5BBeXkzyKcOfMAg+h5Lgr5h6rWmy?= =?us-ascii?Q?eRb0OUEl649okgOosOy05vzG5qfSuNgSl7zVOO1LFt+s6E+Fnwj0HowkJPa8?= =?us-ascii?Q?hsXlf00Lw6MX9ObjsgIWcpqAj/FHIzWC0ydhkUn2M0Kg93jN2sP09S2UMeld?= =?us-ascii?Q?k8AwYN7NBcT4FoysBnZXSJD1d1GQhWjZXL1b9HYiqKIeKlfdOOZTaY5mjLNB?= =?us-ascii?Q?di4nY5fsZw1T5Md9Gfx5NXjvaX055ZZGgBiE4lMCOeOpLID/SKXioUbZEnax?= =?us-ascii?Q?DineB/c622CnC8cEaM/6J5KTRHIb+6O3rVlpFHshtxVsJx9/chXQJGWa1zLy?= =?us-ascii?Q?hB7ZcK4imlmNx2FrGb4cgiaHrlgNvCPZoYDzoKLTknApaodyTg/Z/v0wTt+7?= =?us-ascii?Q?gRg7ZHda4kVQG4E7u6n/iOfJSwcS7T3fe91IiEUWszf+ICv245aXW8n1JCDX?= =?us-ascii?Q?Z+e6b4JGWQdMbGpvEag6yV6/YdY3qBcvhGF6Sdgz4Yg/GNqSrwJd33CGP7OU?= =?us-ascii?Q?vZllAwfM6+8qgItZvjLfQN+lRENlfdVw+jEOaOwi93gbpFzf2xApNM3iYaEq?= =?us-ascii?Q?O2BtpmJnxSQWRfahs5k53sxg195PT5yU5YdNz7/X38aeor3HRV7M/p8qZGND?= =?us-ascii?Q?TkyAXTDH/9Qkd4e6Yv1gWosVDfznHEUvYZSrDkxb6AoV8KNlS8bhdL4T9GkN?= =?us-ascii?Q?82aANw/pAHiY6Mm9bqmMCvvrJotu0X5DQpDm110go0IWhG0Cnhh17Q68QSop?= =?us-ascii?Q?a7xCi5avSzseyZxnphQ1c4Ks84MwXAMmHklNj2N+Q06nWxVGR28snWaDs7JC?= =?us-ascii?Q?GPQMYLkyiXoX6Qhxe8ijreV+6FP1dOD6k3I2ImBb8e685L6+tQvrqwgIMTgZ?= =?us-ascii?Q?9yEiUHM53aMLofGaOu8fFkqL7zSCfmR/n2nLmMc2qNTaP1FUR0Ad+B69YvGA?= =?us-ascii?Q?ZQ=3D=3D?= X-OriginatorOrg: concurrent-rt.com X-MS-Exchange-CrossTenant-Network-Message-Id: 56ad630a-633b-4415-31e6-08da561198a5 X-MS-Exchange-CrossTenant-AuthSource: VI1PR09MB3582.eurprd09.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Jun 2022 18:44:40.6576 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 6cce74a3-3975-45e0-9893-b072988b30b6 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oSVgSFpwTfK177vscFKdIW9EvI5T3L5dUPO/hYfFuO0jgYFyI53AbA+5IE6bhCbIxbA4m3rZ0vEBgb3OZwho+XWwBFfDQ2f+gVcnfbHLk/M= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR09MB3669 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [ Fixed incorrect linux-rt-users email address in CC ] On Fri, Jun 24, 2022 at 09:58:07AM -0700, Mark Gross wrote: > On Tue, Jun 21, 2022 at 03:16:39PM +0000, Joe Korty wrote: > > Mismatched get_uid/free_uid usage in signals in 4.9.312-rt193 > > > > [ First attempt using mutt did not show up on the mailing lists. > > Trying again with office365 Outlook. Also added the 4.9-rt > > maintainers. ] > > > > The 4.19-rt patch, > > > > 0329-signal-Prevent-double-free-of-user-struct.patch > > > > needs to be ported to LAG 4.9-rt, as that release now has the Linus commit, > What does LAG stand for? Hi Mark, LAG = Latest and Greatest > FWIW the cherry-pick within the RT-stable tree worked without conflict. > (cherry picked from commit a99e09659e6cd4b633c3689f2c3aa5f8a816fe5b) > It compiles. > See 58a584ee59b2 signal: Prevent double-free of user struct in > linux-stable-rt.git/v4.9-rt-next > > > > > fda31c50292a ("signal: avoid double atomic counter increments for user accounting") > > > This was added to 4.9.y on March 20, 2020. > commit 4306259ff6b8b682322d9aeb0c12b27c61c4a548 in linux-stable. > > How did you find this issue? What is missing from my testing? > > Do you have a test case that I can conferm my cherry-pick works? > Could you test the v4.9-rt-next branch to see if it fixes you issue? We do not have a standard test. We were seeing crashes in NFS. It happened only on arm64 systems. We have a custom kernel with changes and the test consisted of exercising one of those changes, which involved lots of signals, then running NFS tests in loopback mode. On occasion NFS would crash in a way it never has crashed before, which suggested use-after-free corruption. It never would crash unless we hit signals heavily first, which implied that something in signals was wrong. After that it wasn't too hard to find the patch that fixed the problem in 4.4, 4.14, 4.19, 5.4, and 5.10. We have not seen the NFS crash since applying the fix. Joe PS: Correction to the table below. I tested a too-early version of 4.14-rt. Retested. Current application status: 4.4.302-rt232 OK has both Linus's patch and the fix needed for rt. 4.9.312-rt193 BROKE has Linus's patch but not the fix. - 4.14.87-rt50 OK does NOT have either Linus's patch nor its rt fix. + 4.14.282-rt135 OK has both Linus's patch and the fix needed for rt. 4.19.246-rt110 OK has both Linus's patch and the fix needed for rt. 5.4.193-rt74 OK has both Linus's patch and the fix needed for rt. 5.10.120-rt70 OK has both Linus's patch and the fix needed for rt. 5.15.44-rt46 UNKNOWN no get_uid/free_uid usage in kernel/signal.c anymore.