From: Dmitry Vyukov <dvyukov@google.com>
To: Cong Wang <xiyou.wangcong@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
David Miller <davem@davemloft.net>,
Rainer Weikusat <rweikusat@mobileactivedefense.com>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
netdev <netdev@vger.kernel.org>,
Eric Dumazet <edumazet@google.com>,
syzkaller <syzkaller@googlegroups.com>
Subject: Re: fs, net: deadlock between bind/splice on af_unix
Date: Fri, 20 Jan 2017 23:52:17 +0100 [thread overview]
Message-ID: <CACT4Y+Yf5S1OiNdd8WH=bmge=25m3zOh48QB8iq2nsKESG6Z_Q@mail.gmail.com> (raw)
In-Reply-To: <CAM_iQpUtirzcm901Gh6918g2yROo3FFKb6Vx87Wtj7M31wE6DA@mail.gmail.com>
On Fri, Jan 20, 2017 at 5:57 AM, Cong Wang <xiyou.wangcong@gmail.com> wrote:
>>>>>> > Why do we do autobind there, anyway, and why is it conditional on
>>>>>> > SOCK_PASSCRED? Note that e.g. for SOCK_STREAM we can bloody well get
>>>>>> > to sending stuff without autobind ever done - just use socketpair()
>>>>>> > to create that sucker and we won't be going through the connect()
>>>>>> > at all.
>>>>>>
>>>>>> In the case Dmitry reported, unix_dgram_sendmsg() calls unix_autobind(),
>>>>>> not SOCK_STREAM.
>>>>>
>>>>> Yes, I've noticed. What I'm asking is what in there needs autobind triggered
>>>>> on sendmsg and why doesn't the same need affect the SOCK_STREAM case?
>>>>>
>>>>>> I guess some lock, perhaps the u->bindlock could be dropped before
>>>>>> acquiring the next one (sb_writer), but I need to double check.
>>>>>
>>>>> Bad idea, IMO - do you *want* autobind being able to come through while
>>>>> bind(2) is busy with mknod?
>>>>
>>>>
>>>> Ping. This is still happening on HEAD.
>>>>
>>>
>>> Thanks for your reminder. Mind to give the attached patch (compile only)
>>> a try? I take another approach to fix this deadlock, which moves the
>>> unix_mknod() out of unix->bindlock. Not sure if there is any unexpected
>>> impact with this way.
>>
>>
>> I instantly hit:
>>
>
> Oh, sorry about it, I forgot to initialize struct path...
>
> Attached is the updated version, I just did a boot test, no crash at least. ;)
>
> Thanks!
This works! I did not see the deadlock warning, nor any other related crashes.
Tested-by: Dmitry Vyukov <dvyukov@google.com>
next prev parent reply other threads:[~2017-01-20 22:53 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-08 14:47 fs, net: deadlock between bind/splice on af_unix Dmitry Vyukov
2016-12-08 16:30 ` Dmitry Vyukov
2016-12-09 0:08 ` Cong Wang
2016-12-09 1:32 ` Al Viro
2016-12-09 6:32 ` Cong Wang
2016-12-09 6:41 ` Al Viro
2017-01-16 9:32 ` Dmitry Vyukov
2017-01-17 21:21 ` Cong Wang
2017-01-18 9:17 ` Dmitry Vyukov
2017-01-20 4:57 ` Cong Wang
2017-01-20 22:52 ` Dmitry Vyukov [this message]
2017-01-23 19:00 ` Cong Wang
2017-01-26 23:29 ` Mateusz Guzik
2017-01-27 5:11 ` Cong Wang
2017-01-27 6:41 ` Mateusz Guzik
2017-01-31 6:44 ` Cong Wang
2017-01-31 18:14 ` Mateusz Guzik
2017-02-06 7:22 ` Cong Wang
2017-02-07 14:20 ` Mateusz Guzik
2017-02-10 1:37 ` Cong Wang
2017-01-17 8:07 ` Eric W. Biederman
[not found] ` <065031f0-27c5-443d-82f9-2f475fcef8c3@googlegroups.com>
2017-06-23 16:30 ` Cong Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACT4Y+Yf5S1OiNdd8WH=bmge=25m3zOh48QB8iq2nsKESG6Z_Q@mail.gmail.com' \
--to=dvyukov@google.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=hannes@stressinduktion.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=rweikusat@mobileactivedefense.com \
--cc=syzkaller@googlegroups.com \
--cc=viro@zeniv.linux.org.uk \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).