From: Jens Axboe <axboe@kernel.dk>
To: Tamir Duberstein <tamird@gmail.com>,
Matthew Wilcox <willy@infradead.org>
Cc: syzbot <syzbot+092bbab7da235a02a03a@syzkaller.appspotmail.com>,
asml.silence@gmail.com, io-uring@vger.kernel.org,
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [syzbot] [io-uring?] KASAN: null-ptr-deref Write in sys_io_uring_register
Date: Wed, 4 Dec 2024 11:43:30 -0700 [thread overview]
Message-ID: <9ddf41e2-bee6-4b31-a602-53b5485e0f6e@kernel.dk> (raw)
In-Reply-To: <CAJ-ks9mfswrDNPjbakUsEtCTY-GbEoOGkOCrfAymDbDvUFgz5g@mail.gmail.com>
On 12/4/24 11:39 AM, Tamir Duberstein wrote:
> On Wed, Dec 4, 2024 at 11:30 AM Tamir Duberstein <tamird@gmail.com> wrote:
>>
>> On Wed, Dec 4, 2024 at 11:25 AM Matthew Wilcox <willy@infradead.org> wrote:
>>>
>>> On Wed, Dec 04, 2024 at 09:17:27AM -0700, Jens Axboe wrote:
>>>>> XA_STATE(xas, xa, index);
>>>>> - return xas_result(&xas, xas_store(&xas, NULL));
>>>>> + return xas_result(&xas, xa_zero_to_null(xas_store(&xas, NULL)));
>>>>> }
>>>>> EXPORT_SYMBOL(__xa_erase);
>>>>>
>>>>> This would explain deletion of a reserved entry returning
>>>>> `XA_ZERO_ENTRY` rather than `NULL`.
>>>>
>>>> Yep this works.
>>>>
>>>>> My apologies for this breakage. Should I send a new version? A new
>>>>> "fixes" patch?
>>>>
>>>> Since it seems quite drastically broken, and since it looks like Andrew
>>>> is holding it, seems like the best course of action would be to have it
>>>> folded with the existing patch.
>
> Is there anything I can do to help with this?
I think Andrew will just fold it in once he sees this thread - but if you
want to be sure, I'd send it out separately with a note below the '---'
line asking him to fold it with the problematic patch.
--
Jens Axboe
next prev parent reply other threads:[~2024-12-04 18:43 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-04 13:56 [syzbot] [io-uring?] KASAN: null-ptr-deref Write in sys_io_uring_register syzbot
2024-12-04 15:01 ` Jens Axboe
2024-12-04 15:10 ` Jens Axboe
2024-12-04 15:21 ` Tamir Duberstein
2024-12-04 16:17 ` Jens Axboe
2024-12-04 16:25 ` Matthew Wilcox
2024-12-04 16:30 ` Tamir Duberstein
2024-12-04 18:39 ` Tamir Duberstein
2024-12-04 18:43 ` Jens Axboe [this message]
2024-12-04 18:51 ` Matthew Wilcox
2024-12-04 18:55 ` Tamir Duberstein
2024-12-04 16:30 ` Jens Axboe
2024-12-04 20:18 ` [syzbot] [mm] " syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9ddf41e2-bee6-4b31-a602-53b5485e0f6e@kernel.dk \
--to=axboe@kernel.dk \
--cc=akpm@linux-foundation.org \
--cc=asml.silence@gmail.com \
--cc=io-uring@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=syzbot+092bbab7da235a02a03a@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=tamird@gmail.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox