Re: [PATCH] io_uring: Don't set affinity on a dying sqpoll thread
From: Jens Axboe
Date: Tue Aug 29 2023 - 10:05:09 EST
On 8/28/23 5:42 PM, Gabriel Krisman Bertazi wrote:
> syzbot <syzbot+c74fea926a78b8a91042@xxxxxxxxxxxxxxxxxxxxxxxxx> writes:
>
>> Hello,
>>
>> syzbot found the following issue on:
>>
>> HEAD commit: 626932085009 Add linux-next specific files for 20230825
>> git tree: linux-next
>> console output: https://syzkaller.appspot.com/x/log.txt?x=12a97797a80000
>> kernel config: https://syzkaller.appspot.com/x/.config?x=8a8c992a790e5073
>> dashboard link: https://syzkaller.appspot.com/bug?extid=c74fea926a78b8a91042
>> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
>>
>> Unfortunately, I don't have any reproducer for this issue yet.
>>
>> Downloadable assets:
>> disk image: https://storage.googleapis.com/syzbot-assets/46ec18b3c2fb/disk-62693208.raw.xz
>> vmlinux: https://storage.googleapis.com/syzbot-assets/b4ea0cb78498/vmlinux-62693208.xz
>> kernel image: https://storage.googleapis.com/syzbot-assets/5fb3938c7272/bzImage-62693208.xz
>>
>> IMPORTANT: if you fix the issue, please add the following tag to the commit:
>> Reported-by: syzbot+c74fea926a78b8a91042@xxxxxxxxxxxxxxxxxxxxxxxxx
>>
>> general protection fault, probably for non-canonical address 0xdffffc000000011d: 0000 [#1] PREEMPT SMP KASAN
>> KASAN: null-ptr-deref in range [0x00000000000008e8-0x00000000000008ef]
>> CPU: 1 PID: 27342 Comm: syz-executor.5 Not tainted 6.5.0-rc7-next-20230825-syzkaller #0
>> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
>> RIP: 0010:io_sqpoll_wq_cpu_affinity+0x8c/0xe0 io_uring/sqpoll.c:433
>
> Jens,
>
> I'm not sure I got the whole story on this one, but it seems fairly
> trivial to reproduce and I can't see another way it could be
> triggered. What do you think?
Yep looks like the right fix, we should check the thread after parking.
I'll get this added to the queue, thanks.
--
Jens Axboe