linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Linus Torvalds <torvalds@linux-foundation.org>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
	Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
	 LKML <linux-kernel@vger.kernel.org>,
	 Linux Trace Devel <linux-trace-devel@vger.kernel.org>,
	Christian Brauner <brauner@kernel.org>,
	 Ajay Kaher <ajay.kaher@broadcom.com>,
	Geert Uytterhoeven <geert@linux-m68k.org>,
	 linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH] eventfs: Have inodes have unique inode numbers
Date: Sun, 28 Jan 2024 20:01:19 -0800	[thread overview]
Message-ID: <CAHk-=whjO4zAmoP8fQkHUQJANahFMZaviNu=Jfd36E=knLPVgQ@mail.gmail.com> (raw)
In-Reply-To: <20240128224054.0df489b8@rorschach.local.home>

On Sun, 28 Jan 2024 at 19:40, Steven Rostedt <rostedt@goodmis.org> wrote:
>
> [  106.258400] BUG: KASAN: slab-use-after-free in tracing_open_file_tr+0x3a/0x120
> [  106.261228] Read of size 8 at addr ffff8881136f27b8 by task cat/868

Are you refcounting the pointers that you have in the dentries (and
inodes)? Like we talked about you needing to do?

Every time you assign a pointer to d_fsdata, you need to kref_get() it.

You try to work around the tracefs weaknesses by trying to clean up
the dentry data, but it's WRONG.

You should refcount the data properly, so that you don't NEED to clean it out.

               Linus

  reply	other threads:[~2024-01-29  4:01 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-01-26 20:02 [PATCH] eventfs: Have inodes have unique inode numbers Steven Rostedt
2024-01-26 20:25 ` Linus Torvalds
2024-01-26 21:26   ` Steven Rostedt
2024-01-26 21:31     ` Linus Torvalds
2024-01-26 21:43       ` Steven Rostedt
2024-01-26 21:36     ` Linus Torvalds
2024-01-26 21:42       ` Steven Rostedt
2024-01-26 21:49       ` Linus Torvalds
2024-01-26 22:08         ` Steven Rostedt
2024-01-26 22:26           ` Linus Torvalds
2024-01-27 14:47             ` Steven Rostedt
2024-01-28 14:42               ` Steven Rostedt
2024-01-26 22:14         ` Mathieu Desnoyers
2024-01-26 22:29           ` Linus Torvalds
2024-01-26 22:41             ` Mathieu Desnoyers
2024-01-26 22:49               ` Linus Torvalds
2024-01-29 16:00                 ` Mathieu Desnoyers
2024-01-29 18:58                   ` Linus Torvalds
2024-01-26 22:34           ` Matthew Wilcox
2024-01-26 22:40             ` Mathieu Desnoyers
2024-01-26 22:48             ` Linus Torvalds
2024-01-26 23:04               ` Matthew Wilcox
2024-01-26 23:11                 ` Linus Torvalds
2024-01-26 23:17                   ` Linus Torvalds
2024-01-27  9:36                     ` Andreas Schwab
2024-01-27 21:47         ` Linus Torvalds
2024-01-28 20:15           ` Steven Rostedt
2024-01-28 20:53             ` Linus Torvalds
2024-01-28 21:08               ` Linus Torvalds
2024-01-28 22:01                 ` Steven Rostedt
2024-01-28 22:17                   ` Linus Torvalds
2024-01-28 22:26                     ` Steven Rostedt
2024-01-28 21:11               ` Steven Rostedt
2024-01-28 21:19               ` Steven Rostedt
2024-01-28 21:43                 ` Linus Torvalds
2024-01-28 22:07                   ` Linus Torvalds
2024-01-28 22:17                     ` Steven Rostedt
2024-01-28 22:25                       ` Linus Torvalds
2024-01-28 22:51           ` Steven Rostedt
2024-01-28 23:24             ` Linus Torvalds
2024-01-28 23:59               ` Steven Rostedt
2024-01-29  0:21                 ` Steven Rostedt
2024-01-29  1:00                   ` Linus Torvalds
2024-01-29  1:42                     ` Linus Torvalds
2024-01-29  2:32                       ` Steven Rostedt
2024-01-29  3:40                         ` Steven Rostedt
2024-01-29  4:01                           ` Linus Torvalds [this message]
2024-01-29  2:09                     ` Steven Rostedt
2024-01-29  6:44                       ` Amir Goldstein
2024-01-29  9:32                         ` Steven Rostedt
2024-01-27 15:26       ` David Laight
2024-01-27 20:01         ` Linus Torvalds

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHk-=whjO4zAmoP8fQkHUQJANahFMZaviNu=Jfd36E=knLPVgQ@mail.gmail.com' \
    --to=torvalds@linux-foundation.org \
    --cc=ajay.kaher@broadcom.com \
    --cc=brauner@kernel.org \
    --cc=geert@linux-m68k.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-trace-devel@vger.kernel.org \
    --cc=mathieu.desnoyers@efficios.com \
    --cc=mhiramat@kernel.org \
    --cc=rostedt@goodmis.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).