From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932650AbdJZPYc (ORCPT ); Thu, 26 Oct 2017 11:24:32 -0400 Received: from smtp-out4.electric.net ([192.162.216.194]:53488 "EHLO smtp-out4.electric.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932617AbdJZPYV (ORCPT ); Thu, 26 Oct 2017 11:24:21 -0400 From: David Laight To: "'Willem de Bruijn'" , Wei Wei CC: Dmitry Vyukov , Mark Rutland , "linux-arm-kernel@lists.infradead.org" , LKML , netdev , Eric Dumazet , "David Miller" , Willem de Bruijn , syzkaller Subject: RE: v4.14-rc3/arm64 DABT exception in atomic_inc() / __skb_clone() Thread-Topic: v4.14-rc3/arm64 DABT exception in atomic_inc() / __skb_clone() Thread-Index: AQHTTcI1fH2FHt5B90OB3va1g/3N+6L2QQxQ Date: Thu, 26 Oct 2017 15:24:29 +0000 Message-ID: <063D6719AE5E284EB5DD2968C1650D6DD00A59B0@AcuExch.aculab.com> References: <20171020111408.edj24tztxdptte5r@lakrids.cambridge.arm.com> <960D71EC-C1E9-4898-ACBE-543FC09483FF@gmail.com> In-Reply-To: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.202.99.200] Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 X-Outbound-IP: 156.67.243.126 X-Env-From: David.Laight@ACULAB.COM X-Proto: esmtps X-Revdns: X-HELO: AcuExch.aculab.com X-TLS: TLSv1:AES128-SHA:128 X-Authenticated_ID: X-PolicySMART: 3396946, 3397078 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by nfs id v9QFOZ0T017729 From: Willem de Bruijn > Sent: 25 October 2017 19:50 ... > From skb->dev and netdev_priv, the tun device has flags 0x1002 == > IFF_TAP | IFF_NO_PI. This kernel precedes the recent support for > IFF_NAPI and IFF_NAPI_FRAGS. The allocation most likely happened > in tun_build_skb from current->task_frag. It would be a previous > allocation that left alloc_frag->offset unaligned. But perhaps this code > needs to perform alignment before setting skb->head. > > At least on platforms where atomic on dataref must be aligned. Isn't that true of almost everything? I'm not even sure x86 always (ever?) manages locked cycles on misaligned addresses. David From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Laight Subject: RE: v4.14-rc3/arm64 DABT exception in atomic_inc() / __skb_clone() Date: Thu, 26 Oct 2017 15:24:29 +0000 Message-ID: <063D6719AE5E284EB5DD2968C1650D6DD00A59B0@AcuExch.aculab.com> References: <20171020111408.edj24tztxdptte5r@lakrids.cambridge.arm.com> <960D71EC-C1E9-4898-ACBE-543FC09483FF@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Cc: Dmitry Vyukov , Mark Rutland , "linux-arm-kernel@lists.infradead.org" , LKML , netdev , Eric Dumazet , "David Miller" , Willem de Bruijn , syzkaller To: 'Willem de Bruijn' , Wei Wei Return-path: Received: from smtp-out4.electric.net ([192.162.216.194]:53488 "EHLO smtp-out4.electric.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932617AbdJZPYV (ORCPT ); Thu, 26 Oct 2017 11:24:21 -0400 In-Reply-To: Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: RnJvbTogV2lsbGVtIGRlIEJydWlqbg0KPiBTZW50OiAyNSBPY3RvYmVyIDIwMTcgMTk6NTANCi4u Lg0KPiBGcm9tIHNrYi0+ZGV2IGFuZCBuZXRkZXZfcHJpdiwgdGhlIHR1biBkZXZpY2UgaGFzIGZs YWdzIDB4MTAwMiA9PQ0KPiBJRkZfVEFQIHwgSUZGX05PX1BJLiBUaGlzIGtlcm5lbCBwcmVjZWRl cyB0aGUgcmVjZW50IHN1cHBvcnQgZm9yDQo+IElGRl9OQVBJIGFuZCBJRkZfTkFQSV9GUkFHUy4g VGhlIGFsbG9jYXRpb24gbW9zdCBsaWtlbHkgaGFwcGVuZWQNCj4gaW4gdHVuX2J1aWxkX3NrYiBm cm9tIGN1cnJlbnQtPnRhc2tfZnJhZy4gSXQgd291bGQgYmUgYSBwcmV2aW91cw0KPiBhbGxvY2F0 aW9uIHRoYXQgbGVmdCBhbGxvY19mcmFnLT5vZmZzZXQgdW5hbGlnbmVkLiBCdXQgcGVyaGFwcyB0 aGlzIGNvZGUNCj4gbmVlZHMgdG8gcGVyZm9ybSBhbGlnbm1lbnQgYmVmb3JlIHNldHRpbmcgc2ti LT5oZWFkLg0KPg0KPiBBdCBsZWFzdCBvbiBwbGF0Zm9ybXMgd2hlcmUgYXRvbWljIG9uIGRhdGFy ZWYgbXVzdCBiZSBhbGlnbmVkLg0KDQpJc24ndCB0aGF0IHRydWUgb2YgYWxtb3N0IGV2ZXJ5dGhp bmc/DQpJJ20gbm90IGV2ZW4gc3VyZSB4ODYgYWx3YXlzIChldmVyPykgbWFuYWdlcyBsb2NrZWQg Y3ljbGVzIG9uDQptaXNhbGlnbmVkIGFkZHJlc3Nlcy4NCg0KCURhdmlkDQoNCg== From mboxrd@z Thu Jan 1 00:00:00 1970 From: David.Laight@ACULAB.COM (David Laight) Date: Thu, 26 Oct 2017 15:24:29 +0000 Subject: v4.14-rc3/arm64 DABT exception in atomic_inc() / __skb_clone() In-Reply-To: References: <20171020111408.edj24tztxdptte5r@lakrids.cambridge.arm.com> <960D71EC-C1E9-4898-ACBE-543FC09483FF@gmail.com> Message-ID: <063D6719AE5E284EB5DD2968C1650D6DD00A59B0@AcuExch.aculab.com> To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org From: Willem de Bruijn > Sent: 25 October 2017 19:50 ... > From skb->dev and netdev_priv, the tun device has flags 0x1002 == > IFF_TAP | IFF_NO_PI. This kernel precedes the recent support for > IFF_NAPI and IFF_NAPI_FRAGS. The allocation most likely happened > in tun_build_skb from current->task_frag. It would be a previous > allocation that left alloc_frag->offset unaligned. But perhaps this code > needs to perform alignment before setting skb->head. > > At least on platforms where atomic on dataref must be aligned. Isn't that true of almost everything? I'm not even sure x86 always (ever?) manages locked cycles on misaligned addresses. David