Re: io-uring: KASAN failure, presumably REQ_F_REISSUE issue

From: Nadav Amit
Date: Sun Sep 12 2021 - 00:44:07 EST

Next message: Willy Tarreau: "Re: how many memset(,0,) calls in kernel ?"
Previous message: cgel . zte: "[PATCH] sched: Add a new version sysctl to control child runs first"
In reply to: Nadav Amit: "io-uring: KASAN failure, presumably"
Next in thread: Jens Axboe: "Re: io-uring: KASAN failure, presumably"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Sep 11, 2021, at 7:34 PM, Nadav Amit <nadav.amit@xxxxxxxxx> wrote:
>
> Hello Jens (& Pavel),
>
> I hope you are having a nice weekend. I ran into a KASAN failure in io-uring
> which I think is not "my fault".

Small correction of myself (beside the subject):
>
> I believe the issue is related to the handling of REQ_F_REISSUE and
> specifically to commit 230d50d448acb ("io_uring: move reissue into regular IO
> path"). There seems to be a race between io_write()/io_read()
> and __io_complete_rw()/kiocb_done().
>
> __io_complete_rw() sets REQ_F_REIUSSE:
>
> if ((res == -EAGAIN || res == -EOPNOTSUPP) &&
> io_rw_should_reissue(req)) {
> req->flags |= REQ_F_REISSUE;
> return;
> }

The race only appears to be with __io_complete_rw(), not kiocb_done().

Next message: Willy Tarreau: "Re: how many memset(,0,) calls in kernel ?"
Previous message: cgel . zte: "[PATCH] sched: Add a new version sysctl to control child runs first"
In reply to: Nadav Amit: "io-uring: KASAN failure, presumably"
Next in thread: Jens Axboe: "Re: io-uring: KASAN failure, presumably"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]