iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Jens Axboe f5d2d23bf0 io-wq: fix race around pending work on teardown 
syzbot reports that it's triggering the warning condition on having
pending work on shutdown:

WARNING: CPU: 1 PID: 12346 at fs/io-wq.c:1061 io_wq_destroy fs/io-wq.c:1061 [inline]
WARNING: CPU: 1 PID: 12346 at fs/io-wq.c:1061 io_wq_put+0x153/0x260 fs/io-wq.c:1072
Modules linked in:
CPU: 1 PID: 12346 Comm: syz-executor.5 Not tainted 5.12.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:io_wq_destroy fs/io-wq.c:1061 [inline]
RIP: 0010:io_wq_put+0x153/0x260 fs/io-wq.c:1072
Code: 8d e8 71 90 ea 01 49 89 c4 41 83 fc 40 7d 4f e8 33 4d 97 ff 42 80 7c 2d 00 00 0f 85 77 ff ff ff e9 7a ff ff ff e8 1d 4d 97 ff <0f> 0b eb b9 8d 6b ff 89 ee 09 de bf ff ff ff ff e8 18 51 97 ff 09
RSP: 0018:ffffc90001ebfb08 EFLAGS: 00010293
RAX: ffffffff81e16083 RBX: ffff888019038040 RCX: ffff88801e86b780
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000040
RBP: 1ffff1100b2f8a80 R08: ffffffff81e15fce R09: ffffed100b2f8a82
R10: ffffed100b2f8a82 R11: 0000000000000000 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff8880597c5400 R15: ffff888019038000
FS:  00007f8dcd89c700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055e9a054e160 CR3: 000000001dfb8000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 io_uring_clean_tctx+0x1b7/0x210 fs/io_uring.c:8802
 __io_uring_files_cancel+0x13c/0x170 fs/io_uring.c:8820
 io_uring_files_cancel include/linux/io_uring.h:47 [inline]
 do_exit+0x258/0x2340 kernel/exit.c:780
 do_group_exit+0x168/0x2d0 kernel/exit.c:922
 get_signal+0x1734/0x1ef0 kernel/signal.c:2773
 arch_do_signal_or_restart+0x3c/0x610 arch/x86/kernel/signal.c:811
 handle_signal_work kernel/entry/common.c:147 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0xac/0x1e0 kernel/entry/common.c:208
 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
 syscall_exit_to_user_mode+0x48/0x180 kernel/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x465f69

which shouldn't happen, but seems to be possible due to a race on whether
or not the io-wq manager sees a fatal signal first, or whether the io-wq
workers do. If we race with queueing work and then send a fatal signal to
the owning task, and the io-wq worker sees that before the manager sets
IO_WQ_BIT_EXIT, then it's possible to have the worker exit and leave work
behind.

Just turn the WARN_ON_ONCE() into a cancelation condition instead.

Reported-by: syzbot+77a738a6bc947bf639ca@syzkaller.appspotmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2021-03-25 10:16:12 -06:00
..
9p
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-02-27 08:07:12 -08:00
adfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
affs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
afs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
autofs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
befs
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
bfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
btrfs
for-5.12-rc1-tag
2021-03-05 12:21:14 -08:00
cachefiles
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
ceph
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
cifs
cifs/smb3 fixes including improvements to mode bit conversion when using cifsacl mount option, new mount options for controlling attribute caching, improvements to crediting and reconnect, improved debugging
2021-02-26 14:09:41 -08:00
coda
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
configfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
cramfs
cramfs: use %pD instead of messing with file_dentry()->d_name
2021-01-05 23:02:47 -05:00
crypto
inode: make init and permission helpers idmapped mount aware
2021-01-24 14:27:16 +01:00
debugfs
Driver core / debugfs update for 5.12-rc1
2021-02-24 10:13:55 -08:00
devpts
dlm
fs: dlm: check on existing node address
2020-11-10 12:14:20 -06:00
ecryptfs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
efivarfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
efs
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
erofs
block-5.12-2021-02-27
2021-02-28 11:23:38 -08:00
exfat
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
exportfs
exportfs: Add a function to return the raw output from fh_to_dentry()
2020-12-09 09:39:38 -05:00
ext2
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
ext4
block-5.12-2021-02-27
2021-02-28 11:23:38 -08:00
f2fs
block-5.12-2021-02-27
2021-02-28 11:23:38 -08:00
fat
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
freevxfs
fscache
fuse
mm/filemap: remove unused parameter and change to void type for replace_page_cache_page()
2021-02-24 13:38:27 -08:00
gfs2
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-02-27 08:07:12 -08:00
hfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
hfsplus
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
hostfs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
hpfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
hugetlbfs
hugetlbfs: remove unneeded return value of hugetlb_vmtruncate()
2021-02-24 13:38:35 -08:00
iomap
More new code for 5.12:
2021-02-28 11:45:25 -08:00
isofs
isofs: handle large user and group ID
2021-02-03 19:05:52 +01:00
jbd2
block: use an on-stack bio in blkdev_issue_flush
2021-01-27 09:51:48 -07:00
jffs2
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
jfs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-02-27 08:07:12 -08:00
kernfs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
lockd
SUNRPC: Make trace_svc_process() display the RPC procedure symbolically
2021-01-25 09:36:23 -05:00
minix
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
nfs
block-5.12-2021-02-27
2021-02-28 11:23:38 -08:00
nfs_common
NFSv4_2: SSC helper should use its own config.
2021-01-28 10:55:37 -05:00
nfsd
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
nilfs2
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
nls
notify
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
ntfs
ntfs: check for valid standard information attribute
2021-02-24 13:38:26 -08:00
ocfs2
ocfs2: simplify the calculation of variables
2021-02-24 13:38:26 -08:00
omfs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
openpromfs
orangefs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
overlayfs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
proc
io_uring-worker.v3-2021-02-25
2021-02-27 08:29:02 -08:00
pstore
pstore fixes for v5.12-rc2
2021-03-05 17:21:25 -08:00
qnx4
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
qnx6
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
quota
quota: Fix memory leak when handling corrupted quota file
2021-01-05 14:42:18 +01:00
ramfs
ramfs: support O_TMPFILE
2021-02-24 13:38:26 -08:00
reiserfs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
romfs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2020-10-24 12:26:05 -07:00
squashfs
squashfs: add more sanity checks in xattr id lookup
2021-02-09 17:26:44 -08:00
sysfs
sysfs: Support zapping of binary attr mmaps
2021-01-12 14:26:31 +01:00
sysv
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
tracefs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
ubifs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
udf
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
ufs
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
unicode
unicode: Add utf8_casefold_hash
2020-09-10 14:03:31 -07:00
vboxsf
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
verity
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
xfs
More new code for 5.12:
2021-02-28 11:45:25 -08:00
zonefs
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
aio.c
Merge branch 'akpm' (patches from Andrew)
2020-12-15 12:53:37 -08:00
anon_inodes.c
fs: anon_inodes: rephrase to appropriate kernel-doc
2021-01-15 12:17:25 -05:00
attr.c
ima: handle idmapped mounts
2021-01-24 14:27:20 +01:00
bad_inode.c
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
binfmt_aout.c
binfmt_elf_fdpic.c
Merge branch 'parisc-5.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux
2021-02-21 13:20:41 -08:00
binfmt_elf.c
Merge branch 'parisc-5.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux
2021-02-21 13:20:41 -08:00
binfmt_em86.c
binfmt_flat.c
binfmt_flat: revert "binfmt_flat: don't offset the data start"
2020-08-24 08:49:13 +10:00
binfmt_misc.c
binfmt_misc: pass binfmt_misc flags to the interpreter
2021-02-15 18:28:30 +01:00
binfmt_script.c
block_dev.c
block-5.12-2021-02-27
2021-02-28 11:23:38 -08:00
buffer.c
fs: buffer: use raw page_memcg() on locked page
2021-02-24 13:38:30 -08:00
char_dev.c
compat_binfmt_elf.c
get rid of COMPAT_ELF_EXEC_PAGESIZE
2021-01-06 08:42:51 -05:00
coredump.c
fs/coredump: use kmap_local_page()
2021-02-26 09:41:05 -08:00
d_path.c
fs: fix NULL dereference due to data race in prepend_path()
2020-10-14 14:54:45 -07:00
dax.c
mm: provide a saner PTE walking API for modules
2021-02-09 07:05:44 -05:00
dcache.c
fs: delete repeated words in comments
2021-02-24 13:38:26 -08:00
direct-io.c
block-5.12-2021-02-27
2021-02-28 11:23:38 -08:00
drop_caches.c
eventfd.c
eventfd: Export eventfd_ctx_do_read()
2020-11-15 09:49:10 -05:00
eventpoll.c
kcmp: Support selection of SYS_kcmp without CHECKPOINT_RESTORE
2021-02-16 09:59:41 +01:00
exec.c
fs: delete repeated words in comments
2021-02-24 13:38:26 -08:00
fcntl.c
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
fhandle.c
fs: delete repeated words in comments
2021-02-24 13:38:26 -08:00
file_table.c
epoll: take epitem list out of struct file
2020-10-25 20:02:08 -04:00
file.c
fs: provide locked helper variant of close_fd_get_file()
2021-02-01 10:02:42 -07:00
filesystems.c
fs_context.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
fs_parser.c
fs_parse: mark fs_param_bad_value() as static
2020-10-13 18:38:27 -07:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
fs: improve comments for writeback_single_inode()
2021-01-13 17:26:50 +01:00
fsopen.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
init.c
init: handle idmapped mounts
2021-01-24 14:27:19 +01:00
inode.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-02-27 08:07:12 -08:00
internal.h
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
io_uring.c
io_uring: do ctx sqd ejection in a clear context
2021-03-24 06:55:11 -06:00
io-wq.c
io-wq: fix race around pending work on teardown
2021-03-25 10:16:12 -06:00
io-wq.h
io_uring: remove structures from include/linux/io_uring.h
2021-03-18 09:44:35 -06:00
ioctl.c
Kconfig
Highlights:
2021-02-21 10:22:20 -08:00
Kconfig.binfmt
Merge branch 'work.elf-compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-02-21 09:29:23 -08:00
kernel_read_file.c
fs/kernel_file_read: Add "offset" arg for partial reads
2020-10-05 13:37:04 +02:00
libfs.c
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
locks.c
Merge branch 'exec-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2020-12-15 19:29:43 -08:00
Makefile
fs: Remove dcookies support
2021-01-29 10:06:46 +05:30
mbcache.c
mount.h
mount: make {lock,unlock}_mount_hash() static
2021-01-24 14:29:34 +01:00
mpage.c
block: Add bio_max_segs
2021-02-26 15:49:51 -07:00
namei.c
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
namespace.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-02-27 08:07:12 -08:00
no-block.c
nsfs.c
open.c
idmapped-mounts-v5.12
2021-02-23 13:39:45 -08:00
pipe.c
fs: delete repeated words in comments
2021-02-24 13:38:26 -08:00
pnode.c
pnode.h
fs/namespace.c: WARN if mnt_count has become negative
2020-12-10 17:33:17 -05:00
posix_acl.c
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
proc_namespace.c
fs: introduce MOUNT_ATTR_IDMAP
2021-01-24 14:43:45 +01:00
read_write.c
teach sendfile(2) to handle send-to-pipe directly
2021-01-25 23:29:36 -05:00
readdir.c
remap_range.c
ioctl: handle idmapped mounts
2021-01-24 14:27:19 +01:00
select.c
poll: fix performance regression due to out-of-line __put_user()
2021-01-08 11:06:29 -08:00
seq_file.c
fs: fix kernel-doc markups
2021-01-21 14:06:00 -07:00
signalfd.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
splice.c
for-5.12/block-2021-02-17
2021-02-21 11:02:48 -08:00
stack.c
stat.c
fs: make helpers idmap mount aware
2021-01-24 14:27:20 +01:00
statfs.c
s390,alpha: switch to 64-bit ino_t
2021-02-13 17:17:53 +01:00
super.c
It has been a relatively quiet cycle in docsland.
2021-02-22 10:57:46 -08:00
sync.c
timerfd.c
userfaultfd.c
userfaultfd: use secure anon inodes for userfaultfd
2021-01-14 17:40:57 -05:00
utimes.c
utimes: handle idmapped mounts
2021-01-24 14:27:18 +01:00
xattr.c
namei: handle idmapped mounts in may_*() helpers
2021-01-24 14:27:17 +01:00