All of lore.kernel.org
 help / color / mirror / Atom feed
From: <Alex_Gagniuc@Dellteam.com>
To: <scott.bauer@intel.com>
Cc: <keith.busch@intel.com>, <linux-pci@vger.kernel.org>,
	<bhelgaas@google.com>, <mr.nuke.me@gmail.com>
Subject: RE: [PATCH 0/4] PCI/AER: Use-after-free fix
Date: Fri, 13 Apr 2018 14:49:07 +0000	[thread overview]
Message-ID: <ececc0bc7d41475e9065130cf563d46b@ausx13mps321.AMER.DELL.COM> (raw)
In-Reply-To: <20180412164709.spesry7skaa3x5hf@sbauer-Z170X-UD5>

I got the cold chills when I realized you called for a delay of 350ms. It's=
 because 350ms is around the delay I've observed to be caused by FFS.
First run KASANed with the extra delay, so hopefully, I'll have more cement=
 test results by EOB today.

Alex

-----Original Message-----
From: Scott Bauer [mailto:scott.bauer@intel.com]=20
Sent: Thursday, April 12, 2018 11:47 AM
To: Gagniuc, Alexandru - Dell Team
Cc: keith.busch@intel.com; linux-pci@vger.kernel.org; bhelgaas@google.com
Subject: Re: [PATCH 0/4] PCI/AER: Use-after-free fix

On Thu, Apr 12, 2018 at 05:06:05PM +0000, Alex_Gagniuc@Dellteam.com wrote:
> From: Keith Busch [mailto:keith.busch@intel.com]
>=20
> > AER error handling walks the PCI topology below a root port, saving poi=
nters of the pci_dev structs affected by the error along the way.
>=20
> Hi Keith,
>=20
> I've been trying to do an ABA test to confirm that your change eliminates=
 the use-after-free issue we've seen. The race seems to be quite elusive, s=
o I can't reliably reproduce it. Your changes have not been forgotten; I ha=
ve them staged for further testing.
>=20
> Alex


If you need help triggering the race you can add a sleep/microsleep here:

aer_isr_one_error() between the find_source_device and process err device:

sbauer@sbauer-Z170X-UD5:~/nvme_code/upstream_jens/linux-block$ git diff dri=
vers/pci/pcie/aer/aerdrv_core.c
diff --git a/drivers/pci/pcie/aer/aerdrv_core.c b/drivers/pci/pcie/aer/aerd=
rv_core.c
index a4bfea52e7d4..5ca0c07b1d05 100644
--- a/drivers/pci/pcie/aer/aerdrv_core.c
+++ b/drivers/pci/pcie/aer/aerdrv_core.c
@@ -22,6 +22,7 @@
 #include <linux/delay.h>
 #include <linux/slab.h>
 #include <linux/kfifo.h>
+#include <linux/delay.h>
 #include "aerdrv.h"
=20
 #define        PCI_EXP_AER_FLAGS       (PCI_EXP_DEVCTL_CERE | PCI_EXP_DEVC=
TL_NFERE | \
@@ -740,8 +741,10 @@ static void aer_isr_one_error(struct pcie_device *p_de=
vice,
=20
                aer_print_port_info(p_device->port, e_info);
=20
-               if (find_source_device(p_device->port, e_info))
+               if (find_source_device(p_device->port, e_info)) {
+                       msleep(350);
                        aer_process_err_devices(p_device, e_info);
+               }
        }
=20
        if (e_src->status & PCI_ERR_ROOT_UNCOR_RCV) { @@ -759,8 +762,10 @@ =
static void aer_isr_one_error(struct pcie_device *p_device,
=20
                aer_print_port_info(p_device->port, e_info);
=20
-               if (find_source_device(p_device->port, e_info))
+               if (find_source_device(p_device->port, e_info)) {
+                       msleep(350);
                        aer_process_err_devices(p_device, e_info);
+               }
        }
 }

  reply	other threads:[~2018-04-13 14:49 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-09 22:04 [PATCH 0/4] PCI/AER: Use-after-free fix Keith Busch
2018-04-09 22:04 ` [PATCH 1/4] PCI/AER: Remove unused parameters Keith Busch
2018-04-09 22:04 ` [PATCH 2/4] PCI/AER: Replace struct pcie_device with pci_dev Keith Busch
2018-04-09 22:04 ` [PATCH 3/4] PCI/AER: Reference count aer structures Keith Busch
2018-04-09 22:04 ` [PATCH 4/4] PCI/AER: Lock pci topology when scanning errors Keith Busch
2018-06-05 22:09   ` Bjorn Helgaas
2018-06-05 22:18     ` Keith Busch
2018-06-06 13:52       ` Bjorn Helgaas
2018-04-10 13:15 ` [PATCH 0/4] PCI/AER: Use-after-free fix Dongdong Liu
2018-04-12 17:06 ` Alex_Gagniuc
2018-04-12 16:47   ` Scott Bauer
2018-04-13 14:49     ` Alex_Gagniuc [this message]
2018-04-16 19:49     ` Alex_Gagniuc
2018-04-12 17:10   ` Keith Busch
2018-06-05 22:11 ` Bjorn Helgaas

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ececc0bc7d41475e9065130cf563d46b@ausx13mps321.AMER.DELL.COM \
    --to=alex_gagniuc@dellteam.com \
    --cc=bhelgaas@google.com \
    --cc=keith.busch@intel.com \
    --cc=linux-pci@vger.kernel.org \
    --cc=mr.nuke.me@gmail.com \
    --cc=scott.bauer@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.