diff mbox series

io_uring/poll: clear single/double poll flags on poll arming

Message ID 61e3fefd-0a99-5916-c049-9143d3342379@kernel.dk (mailing list archive)
State New
Headers show
Series io_uring/poll: clear single/double poll flags on poll arming | expand

Commit Message

Jens Axboe March 28, 2023, 2:08 a.m. UTC
Unless we have at least one entry queued, then don't call into
io_poll_remove_entries(). Normally this isn't possible, but if we
retry poll then we can have ->nr_entries cleared again as we're
setting it up. If this happens for a poll retry, then we'll still have
at least REQ_F_SINGLE_POLL set. io_poll_remove_entries() then thinks
it has entries to remove.

Clear REQ_F_SINGLE_POLL and REQ_F_DOUBLE_POLL unconditionally when
arming a poll request.

Fixes: c16bda37594f ("io_uring/poll: allow some retries for poll triggering spuriously")
Cc: stable@vger.kernel.org
Reported-by: Pengfei Xu <pengfei.xu@intel.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

---

Comments

Pengfei Xu March 28, 2023, 2:55 a.m. UTC | #1
Hi Jens Axboe,

On 2023-03-27 at 20:08:25 -0600, Jens Axboe wrote:
> Unless we have at least one entry queued, then don't call into
> io_poll_remove_entries(). Normally this isn't possible, but if we
> retry poll then we can have ->nr_entries cleared again as we're
> setting it up. If this happens for a poll retry, then we'll still have
> at least REQ_F_SINGLE_POLL set. io_poll_remove_entries() then thinks
> it has entries to remove.
> 
> Clear REQ_F_SINGLE_POLL and REQ_F_DOUBLE_POLL unconditionally when
> arming a poll request.
> 
> Fixes: c16bda37594f ("io_uring/poll: allow some retries for poll triggering spuriously")
> Cc: stable@vger.kernel.org
> Reported-by: Pengfei Xu <pengfei.xu@intel.com>
> Signed-off-by: Jens Axboe <axboe@kernel.dk>
> 
> ---
> 
> diff --git a/io_uring/poll.c b/io_uring/poll.c
> index 795facbd0e9f..55306e801081 100644
> --- a/io_uring/poll.c
> +++ b/io_uring/poll.c
> @@ -726,6 +726,7 @@ int io_arm_poll_handler(struct io_kiocb *req, unsigned issue_flags)
>  	apoll = io_req_alloc_apoll(req, issue_flags);
>  	if (!apoll)
>  		return IO_APOLL_ABORTED;
> +	req->flags &= ~(REQ_F_SINGLE_POLL | REQ_F_DOUBLE_POLL);
>  	req->flags |= REQ_F_POLLED;
>  	ipt.pt._qproc = io_async_queue_proc;
>  
  Thanks for your patch!
  I have tested the above patch on top of v6.3-rc4 kernel.
  This issue was fixed.
  Reproduced code from syzkaller: https://github.com/xupengfe/syzkaller_logs/blob/main/230327_041425_io_poll_remove_entries/repro.c
  One more info, bisect methodology comes from myself, not from syzkaller.

  Thanks!
  BR.
  -Pengfei(Intel)

> -- 
> Jens Axboe
>
[    0.000000] Linux version 6.3.0-rc4-fix-dirty (root@xpf.sh.intel.com) (gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-18), GNU ld version 2.36.1-2.el8) #4 SMP PREEMPT_DYNAMIC Tue Mar 28 10:36:27 CST 2023
[    0.000000] Command line: console=ttyS0 root=/dev/sda earlyprintk=serial net.ifnames=0 thunderbolt.dyndbg
[    0.000000] KERNEL supported cpus:
[    0.000000]   Intel GenuineIntel
[    0.000000]   AMD AuthenticAMD
[    0.000000]   Hygon HygonGenuine
[    0.000000]   Centaur CentaurHauls
[    0.000000]   zhaoxin   Shanghai  
[    0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[    0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[    0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
[    0.000000] x86/fpu: Supporting XSAVE feature 0x200: 'Protection Keys User registers'
[    0.000000] x86/fpu: xstate_offset[2]:  576, xstate_sizes[2]:  256
[    0.000000] x86/fpu: xstate_offset[9]:  832, xstate_sizes[9]:    8
[    0.000000] x86/fpu: Enabled xstate features 0x207, context size is 840 bytes, using 'compacted' format.
[    0.000000] signal: max sigframe size: 3632
[    0.000000] BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000007fffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000000800000-0x0000000000807fff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000000808000-0x000000000080ffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000000810000-0x00000000008fffff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000000900000-0x000000007e80bfff] usable
[    0.000000] BIOS-e820: [mem 0x000000007e80c000-0x000000007e80dfff] ACPI data
[    0.000000] BIOS-e820: [mem 0x000000007e80e000-0x000000007e8b5fff] usable
[    0.000000] BIOS-e820: [mem 0x000000007e8b6000-0x000000007e8c3fff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x000000007e8c4000-0x000000007e8ddfff] reserved
[    0.000000] BIOS-e820: [mem 0x000000007e8de000-0x000000007e9edfff] usable
[    0.000000] BIOS-e820: [mem 0x000000007e9ee000-0x000000007eb1afff] reserved
[    0.000000] BIOS-e820: [mem 0x000000007eb1b000-0x000000007fb9afff] usable
[    0.000000] BIOS-e820: [mem 0x000000007fb9b000-0x000000007fbf2fff] reserved
[    0.000000] BIOS-e820: [mem 0x000000007fbf3000-0x000000007fbfafff] ACPI data
[    0.000000] BIOS-e820: [mem 0x000000007fbfb000-0x000000007fbfefff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x000000007fbff000-0x000000007ff4ffff] usable
[    0.000000] BIOS-e820: [mem 0x000000007ff50000-0x000000007ff6ffff] reserved
[    0.000000] BIOS-e820: [mem 0x000000007ff70000-0x000000007fffffff] ACPI NVS
[    0.000000] printk: bootconsole [earlyser0] enabled
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] e820: update [mem 0x7e802018-0x7e80ba57] usable ==> usable
[    0.000000] e820: update [mem 0x7e802018-0x7e80ba57] usable ==> usable
[    0.000000] e820: update [mem 0x7e7db018-0x7e801e57] usable ==> usable
[    0.000000] e820: update [mem 0x7e7db018-0x7e801e57] usable ==> usable
[    0.000000] extended physical RAM map:
[    0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009ffff] usable
[    0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000007fffff] usable
[    0.000000] reserve setup_data: [mem 0x0000000000800000-0x0000000000807fff] ACPI NVS
[    0.000000] reserve setup_data: [mem 0x0000000000808000-0x000000000080ffff] usable
[    0.000000] reserve setup_data: [mem 0x0000000000810000-0x00000000008fffff] ACPI NVS
[    0.000000] reserve setup_data: [mem 0x0000000000900000-0x000000007e7db017] usable
[    0.000000] reserve setup_data: [mem 0x000000007e7db018-0x000000007e801e57] usable
[    0.000000] reserve setup_data: [mem 0x000000007e801e58-0x000000007e802017] usable
[    0.000000] reserve setup_data: [mem 0x000000007e802018-0x000000007e80ba57] usable
[    0.000000] reserve setup_data: [mem 0x000000007e80ba58-0x000000007e80bfff] usable
[    0.000000] reserve setup_data: [mem 0x000000007e80c000-0x000000007e80dfff] ACPI data
[    0.000000] reserve setup_data: [mem 0x000000007e80e000-0x000000007e8b5fff] usable
[    0.000000] reserve setup_data: [mem 0x000000007e8b6000-0x000000007e8c3fff] ACPI NVS
[    0.000000] reserve setup_data: [mem 0x000000007e8c4000-0x000000007e8ddfff] reserved
[    0.000000] reserve setup_data: [mem 0x000000007e8de000-0x000000007e9edfff] usable
[    0.000000] reserve setup_data: [mem 0x000000007e9ee000-0x000000007eb1afff] reserved
[    0.000000] reserve setup_data: [mem 0x000000007eb1b000-0x000000007fb9afff] usable
[    0.000000] reserve setup_data: [mem 0x000000007fb9b000-0x000000007fbf2fff] reserved
[    0.000000] reserve setup_data: [mem 0x000000007fbf3000-0x000000007fbfafff] ACPI data
[    0.000000] reserve setup_data: [mem 0x000000007fbfb000-0x000000007fbfefff] ACPI NVS
[    0.000000] reserve setup_data: [mem 0x000000007fbff000-0x000000007ff4ffff] usable
[    0.000000] reserve setup_data: [mem 0x000000007ff50000-0x000000007ff6ffff] reserved
[    0.000000] reserve setup_data: [mem 0x000000007ff70000-0x000000007fffffff] ACPI NVS
[    0.000000] efi: EFI v2.7 by EDK II
[    0.000000] efi: SMBIOS=0x7fbcc000 ACPI=0x7fbfa000 ACPI 2.0=0x7fbfa014 MEMATTR=0x7efb2698 
[    0.000000] SMBIOS 2.8 present.
[    0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
[    0.000000] Hypervisor detected: KVM
[    0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
[    0.000002] kvm-clock: using sched offset of 3111447768 cycles
[    0.000663] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
[    0.002733] tsc: Detected 806.400 MHz processor
[    0.003491] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[    0.003507] e820: remove [mem 0x000a0000-0x000fffff] usable
[    0.003536] last_pfn = 0x7ff50 max_arch_pfn = 0x400000000
[    0.004000] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT  
[    0.004000] Using GB pages for direct mapping
[    0.004000] Secure boot disabled
[    0.004000] ACPI: Early table checksum verification disabled
[    0.004000] ACPI: RSDP 0x000000007FBFA014 000024 (v02 BOCHS )
[    0.004000] ACPI: XSDT 0x000000007FBF90E8 00004C (v01 BOCHS  BXPC     00000001      01000013)
[    0.004000] ACPI: FACP 0x000000007FBF6000 000074 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
[    0.004000] ACPI: DSDT 0x000000007FBF7000 0017BD (v01 BOCHS  BXPC     00000001 BXPC 00000001)
[    0.004000] ACPI: FACS 0x000000007FBFD000 000040
[    0.004000] ACPI: APIC 0x000000007FBF5000 000080 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
[    0.004000] ACPI: HPET 0x000000007FBF4000 000038 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
[    0.004000] ACPI: WAET 0x000000007FBF3000 000028 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
[    0.004000] ACPI: BGRT 0x000000007E80D000 000038 (v01 INTEL  EDK2     00000002      01000013)
[    0.004000] ACPI: Reserving FACP table memory at [mem 0x7fbf6000-0x7fbf6073]
[    0.004000] ACPI: Reserving DSDT table memory at [mem 0x7fbf7000-0x7fbf87bc]
[    0.004000] ACPI: Reserving FACS table memory at [mem 0x7fbfd000-0x7fbfd03f]
[    0.004000] ACPI: Reserving APIC table memory at [mem 0x7fbf5000-0x7fbf507f]
[    0.004000] ACPI: Reserving HPET table memory at [mem 0x7fbf4000-0x7fbf4037]
[    0.004000] ACPI: Reserving WAET table memory at [mem 0x7fbf3000-0x7fbf3027]
[    0.004000] ACPI: Reserving BGRT table memory at [mem 0x7e80d000-0x7e80d037]
[    0.004000] No NUMA configuration found
[    0.004000] Faking a node at [mem 0x0000000000000000-0x000000007ff4ffff]
[    0.004000] NODE_DATA(0) allocated [mem 0x7febf000-0x7fee9fff]
[    0.004000] Zone ranges:
[    0.004000]   DMA      [mem 0x0000000000001000-0x0000000000ffffff]
[    0.004000]   DMA32    [mem 0x0000000001000000-0x000000007ff4ffff]
[    0.004000]   Normal   empty
[    0.004000]   Device   empty
[    0.004000] Movable zone start for each node
[    0.004000] Early memory node ranges
[    0.004000]   node   0: [mem 0x0000000000001000-0x000000000009ffff]
[    0.004000]   node   0: [mem 0x0000000000100000-0x00000000007fffff]
[    0.004000]   node   0: [mem 0x0000000000808000-0x000000000080ffff]
[    0.004000]   node   0: [mem 0x0000000000900000-0x000000007e80bfff]
[    0.004000]   node   0: [mem 0x000000007e80e000-0x000000007e8b5fff]
[    0.004000]   node   0: [mem 0x000000007e8de000-0x000000007e9edfff]
[    0.004000]   node   0: [mem 0x000000007eb1b000-0x000000007fb9afff]
[    0.004000]   node   0: [mem 0x000000007fbff000-0x000000007ff4ffff]
[    0.004000] Initmem setup node 0 [mem 0x0000000000001000-0x000000007ff4ffff]
[    0.004000] On node 0, zone DMA: 1 pages in unavailable ranges
[    0.004000] On node 0, zone DMA: 96 pages in unavailable ranges
[    0.004000] On node 0, zone DMA: 8 pages in unavailable ranges
[    0.004000] On node 0, zone DMA: 240 pages in unavailable ranges
[    0.004000] On node 0, zone DMA32: 2 pages in unavailable ranges
[    0.004000] On node 0, zone DMA32: 40 pages in unavailable ranges
[    0.004000] On node 0, zone DMA32: 301 pages in unavailable ranges
[    0.004000] On node 0, zone DMA32: 100 pages in unavailable ranges
[    0.004000] On node 0, zone DMA32: 176 pages in unavailable ranges
[    0.004000] ACPI: PM-Timer IO Port: 0xb008
[    0.004000] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[    0.004000] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
[    0.004000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[    0.004000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[    0.004000] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[    0.004000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[    0.004000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[    0.004000] ACPI: Using ACPI (MADT) for SMP configuration information
[    0.004000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
[    0.004000] e820: update [mem 0x7ee61000-0x7ee69fff] usable ==> reserved
[    0.004000] TSC deadline timer available
[    0.004000] smpboot: Allowing 2 CPUs, 0 hotplug CPUs
[    0.004000] kvm-guest: KVM setup pv remote TLB flush
[    0.004000] kvm-guest: setup PV sched yield
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000fffff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x00800000-0x00807fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x00810000-0x008fffff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e7db000-0x7e7dbfff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e801000-0x7e801fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e802000-0x7e802fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e80b000-0x7e80bfff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e80c000-0x7e80dfff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e8b6000-0x7e8c3fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e8c4000-0x7e8ddfff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7e9ee000-0x7eb1afff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7ee61000-0x7ee69fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7fb9b000-0x7fbf2fff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7fbf3000-0x7fbfafff]
[    0.004000] PM: hibernation: Registered nosave memory: [mem 0x7fbfb000-0x7fbfefff]
[    0.004000] [mem 0x80000000-0xffffffff] available for PCI devices
[    0.004000] Booting paravirtualized kernel on KVM
[    0.004000] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
[    0.004000] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:2 nr_cpu_ids:2 nr_node_ids:1
[    0.004000] percpu: Embedded 65 pages/cpu s229376 r8192 d28672 u1048576
[    0.004000] pcpu-alloc: s229376 r8192 d28672 u1048576 alloc=1*2097152
[    0.004000] pcpu-alloc: [0] 0 1 
[    0.004000] kvm-guest: PV spinlocks enabled
[    0.004000] PV qspinlock hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.004000] Fallback order for Node 0: 0 
[    0.004000] Built 1 zonelists, mobility grouping on.  Total pages: 513188
[    0.004000] Policy zone: DMA32
[    0.004000] Kernel command line: net.ifnames=0 console=ttyS0 root=/dev/sda earlyprintk=serial net.ifnames=0 thunderbolt.dyndbg
[    0.004000] random: crng init done
[    0.004000] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes, linear)
[    0.004000] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
[    0.004000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.004000] Memory: 1935300K/2093296K available (34816K kernel code, 4578K rwdata, 9804K rodata, 10400K init, 31852K bss, 157740K reserved, 0K cma-reserved)
[    0.004000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1
[    0.004000] kmemleak: Kernel memory leak detector disabled
[    0.004000] ftrace: allocating 68797 entries in 269 pages
[    0.004000] ftrace: allocated 269 pages with 4 groups
[    0.004000] Dynamic Preempt: voluntary
[    0.004000] Running RCU self tests
[    0.004000] Running RCU synchronous self tests
[    0.004000] rcu: Preemptible hierarchical RCU implementation.
[    0.004000] rcu:     RCU lockdep checking is enabled.
[    0.004000] rcu:     RCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=2.
[    0.004000]  Trampoline variant of Tasks RCU enabled.
[    0.004000]  Rude variant of Tasks RCU enabled.
[    0.004000]  Tracing variant of Tasks RCU enabled.
[    0.004000] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
[    0.004000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2
[    0.004000] Running RCU synchronous self tests
[    0.004000] NR_IRQS: 524544, nr_irqs: 440, preallocated irqs: 16
[    0.004000] rcu: srcu_init: Setting srcu_struct sizes based on contention.
[    0.004000] Console: colour dummy device 80x25
[    0.004000] printk: console [ttyS0] enabled
[    0.004000] printk: bootconsole [earlyser0] disabled
[    0.004000] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar
[    0.004000] ... MAX_LOCKDEP_SUBCLASSES:  8
[    0.004000] ... MAX_LOCK_DEPTH:          48
[    0.004000] ... MAX_LOCKDEP_KEYS:        8192
[    0.004000] ... CLASSHASH_SIZE:          4096
[    0.004000] ... MAX_LOCKDEP_ENTRIES:     32768
[    0.004000] ... MAX_LOCKDEP_CHAINS:      65536
[    0.004000] ... CHAINHASH_SIZE:          32768
[    0.004000]  memory used by lock dependency info: 6365 kB
[    0.004000]  memory used for stack traces: 4224 kB
[    0.004000]  per task-struct memory footprint: 1920 bytes
[    0.004000] ACPI: Core revision 20221020
[    0.004000] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
[    0.004000] APIC: Switch to symmetric I/O mode setup
[    0.004000] x2apic enabled
[    0.004000] Switched APIC routing to physical x2apic.
[    0.004000] kvm-guest: setup PV IPIs
[    0.004000] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[    0.004000] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0xb9fb05486c, max_idle_ns: 440795231721 ns
[    0.171114] Calibrating delay loop (skipped) preset value.. 1612.80 BogoMIPS (lpj=3225600)
[    0.172157] pid_max: default: 32768 minimum: 301
[    0.178426] LSM: initializing lsm=capability,yama,integrity
[    0.179107] Yama: becoming mindful.
[    0.179666] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    0.180604] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    0.182521] CPU0: Thermal monitoring enabled (TM1)
[    0.183121] x86/cpu: User Mode Instruction Prevention (UMIP) activated
[    0.184125] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[    0.184806] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[    0.185573] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[    0.186645] Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks!
[    0.187110] Spectre V2 : Mitigation: Enhanced / Automatic IBRS
[    0.187836] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[    0.188854] Spectre V2 : Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT
[    0.189779] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
[    0.191106] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl
[    0.192157] MMIO Stale Data: Unknown: No mitigations
[    0.273896] Freeing SMP alternatives memory: 56K
[    0.274492] Running RCU synchronous self tests
[    0.275041] Running RCU synchronous self tests
[    0.275275] smpboot: CPU0: Genuine Intel(R) 0000 (family: 0x6, model: 0xb7, stepping: 0x0)
[    0.276525] cblist_init_generic: Setting adjustable number of callback queues.
[    0.277410] cblist_init_generic: Setting shift to 1 and lim to 1.
[    0.278180] cblist_init_generic: Setting shift to 1 and lim to 1.
[    0.278973] cblist_init_generic: Setting shift to 1 and lim to 1.
[    0.279137] Running RCU-tasks wait API self tests
[    0.383215] Performance Events: Alderlake Hybrid events, full-width counters, Intel PMU driver.
[    0.384734] core: cpu_core PMU driver: 
[    0.385221] ... version:                2
[    0.385721] ... bit width:              48
[    0.386229] ... generic registers:      6
[    0.386727] ... value mask:             0000ffffffffffff
[    0.387110] ... max period:             00007fffffffffff
[    0.387769] ... fixed-purpose events:   3
[    0.388266] ... event mask:             0001000f0000003f
[    0.389079] rcu: Hierarchical SRCU implementation.
[    0.389681] rcu:     Max phase no-delay instances is 1000.
[    0.392137] Callback from call_rcu_tasks_trace() invoked.
[    0.392871] unchecked MSR access error: WRMSR to 0x38f (tried to write 0x0001000f0000003f) at rIP: 0xffffffff810dcc2c (native_write_msr+0xc/0x30)
[    0.394478] Call Trace:
[    0.394794]  <TASK>
[    0.395068]  __intel_pmu_enable_all.constprop.49+0xb5/0x140
[    0.395103]  intel_pmu_enable_all+0x1e/0x30
[    0.395103]  x86_pmu_enable+0x46d/0x5a0
[    0.395103]  ? write_comp_data+0x2f/0x90
[    0.395103]  perf_pmu_enable+0x53/0x70
[    0.395103]  ctx_resched+0x14d/0x1e0
[    0.395103]  __perf_install_in_context+0x2f7/0x470
[    0.395103]  ? __pfx_remote_function+0x10/0x10
[    0.395103]  ? __pfx_remote_function+0x10/0x10
[    0.395103]  remote_function+0x80/0xa0
[    0.395103]  ? __pfx_remote_function+0x10/0x10
[    0.395103]  generic_exec_single+0x124/0x190
[    0.395103]  smp_call_function_single+0x11c/0x240
[    0.395103]  ? __pfx_remote_function+0x10/0x10
[    0.395103]  ? __sanitizer_cov_trace_pc+0x25/0x60
[    0.395103]  ? write_comp_data+0x2f/0x90
[    0.395103]  perf_install_in_context+0x2d8/0x300
[    0.395103]  ? __pfx___perf_install_in_context+0x10/0x10
[    0.395103]  perf_event_create_kernel_counter+0x284/0x2b0
[    0.395103]  ? __pfx_watchdog_overflow_callback+0x10/0x10
[    0.395103]  hardlockup_detector_event_create+0x46/0xd0
[    0.395103]  hardlockup_detector_perf_init+0x18/0x80
[    0.395103]  watchdog_nmi_probe+0x17/0x20
[    0.395103]  lockup_detector_init+0x40/0xb0
[    0.395103]  kernel_init_freeable+0x37e/0x760
[    0.395103]  ? __pfx_kernel_init+0x10/0x10
[    0.395103]  kernel_init+0x24/0x1e0
[    0.395103]  ? __pfx_kernel_init+0x10/0x10
[    0.395103]  ret_from_fork+0x29/0x50
[    0.395103]  </TASK>
[    0.395221] smp: Bringing up secondary CPUs ...
[    0.396081] x86: Booting SMP configuration:
[    0.396618] .... node  #0, CPUs:      #1
[    0.397307] smp: Brought up 1 node, 2 CPUs
[    0.397307] smpboot: Max logical packages: 1
[    0.399117] smpboot: Total of 2 processors activated (3225.60 BogoMIPS)
[    0.400184] devtmpfs: initialized
[    0.400184] x86/mm: Memory block size: 128MB
[    0.403317] ACPI: PM: Registering ACPI NVS region [mem 0x00800000-0x00807fff] (32768 bytes)
[    0.404289] ACPI: PM: Registering ACPI NVS region [mem 0x00810000-0x008fffff] (983040 bytes)
[    0.405374] ACPI: PM: Registering ACPI NVS region [mem 0x7e8b6000-0x7e8c3fff] (57344 bytes)
[    0.406418] ACPI: PM: Registering ACPI NVS region [mem 0x7fbfb000-0x7fbfefff] (16384 bytes)
[    0.407120] ACPI: PM: Registering ACPI NVS region [mem 0x7ff70000-0x7fffffff] (589824 bytes)
[    0.408322] Running RCU synchronous self tests
[    0.408878] Running RCU synchronous self tests
[    0.409459] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[    0.410656] futex hash table entries: 512 (order: 4, 65536 bytes, linear)
[    0.411251] pinctrl core: initialized pinctrl subsystem

[    0.412464] *************************************************************
[    0.413294] **     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE    **
[    0.414128] **                                                         **
[    0.414952] **  IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL  **
[    0.415109] **                                                         **
[    0.415934] ** This means that this kernel is built to expose internal **
[    0.416771] ** IOMMU data structures, which may compromise security on **
[    0.417612] ** your system.                                            **
[    0.418452] **                                                         **
[    0.419108] ** If you see this message and you are not debugging the   **
[    0.419946] ** kernel, report this immediately to your vendor!         **
[    0.420786] **                                                         **
[    0.421624] **     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE    **
[    0.422461] *************************************************************
[    0.423192] PM: RTC time: 02:28:26, date: 2023-03-28
[    0.425213] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.426407] DMA: preallocated 256 KiB GFP_KERNEL pool for atomic allocations
[    0.427117] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.428077] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
[    0.429086] audit: initializing netlink subsys (disabled)
[    0.429802] audit: type=2000 audit(1679970507.091:1): state=initialized audit_enabled=0 res=1
[    0.429802] thermal_sys: Registered thermal governor 'fair_share'
[    0.429802] thermal_sys: Registered thermal governor 'bang_bang'
[    0.431110] thermal_sys: Registered thermal governor 'step_wise'
[    0.431859] thermal_sys: Registered thermal governor 'user_space'
[    0.432632] cpuidle: using governor ladder
[    0.433911] cpuidle: using governor menu
[    0.434635] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
[    0.435338] PCI: Using configuration type 1 for base access
[    0.436763] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible.
[    0.622877] HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages
[    0.623111] HugeTLB: 16380 KiB vmemmap can be freed for a 1.00 GiB page
[    0.623922] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages
[    0.624743] HugeTLB: 28 KiB vmemmap can be freed for a 2.00 MiB page
[    0.626742] ACPI: Added _OSI(Module Device)
[    0.627111] ACPI: Added _OSI(Processor Device)
[    0.627659] ACPI: Added _OSI(3.0 _SCP Extensions)
[    0.628237] ACPI: Added _OSI(Processor Aggregator Device)
[    0.632506] ACPI: 1 ACPI AML tables successfully acquired and loaded
[    2.616574] Callback from call_rcu_tasks_rude() invoked.
[    2.657518] ACPI: Interpreter enabled
[    2.657518] ACPI: PM: (supports S0 S3 S4 S5)
[    2.657518] ACPI: Using IOAPIC for interrupt routing
[    2.657709] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[    2.659112] PCI: Using E820 reservations for host bridge windows
[    2.660318] ACPI: Enabled 2 GPEs in block 00 to 0F
[    2.672076] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[    2.672849] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI EDR HPX-Type3]
[    2.673831] acpi PNP0A03:00: _OSC: not requesting OS control; OS requires [ExtendedConfig ASPM ClockPM MSI]
[    2.675041] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended configuration space under this bridge
[    2.676724] acpiphp: Slot [3] registered
[    2.677264] acpiphp: Slot [4] registered
[    2.677796] acpiphp: Slot [5] registered
[    2.678327] acpiphp: Slot [6] registered
[    2.678855] acpiphp: Slot [7] registered
[    2.679156] acpiphp: Slot [8] registered
[    2.679686] acpiphp: Slot [9] registered
[    2.680220] acpiphp: Slot [10] registered
[    2.680761] acpiphp: Slot [11] registered
[    2.681302] acpiphp: Slot [12] registered
[    2.681842] acpiphp: Slot [13] registered
[    2.682382] acpiphp: Slot [14] registered
[    2.682920] acpiphp: Slot [15] registered
[    2.683160] acpiphp: Slot [16] registered
[    2.683699] acpiphp: Slot [17] registered
[    2.684242] acpiphp: Slot [18] registered
[    2.684782] acpiphp: Slot [19] registered
[    2.685322] acpiphp: Slot [20] registered
[    2.685861] acpiphp: Slot [21] registered
[    2.686399] acpiphp: Slot [22] registered
[    2.686937] acpiphp: Slot [23] registered
[    2.687160] acpiphp: Slot [24] registered
[    2.687704] acpiphp: Slot [25] registered
[    2.688242] acpiphp: Slot [26] registered
[    2.688780] acpiphp: Slot [27] registered
[    2.689320] acpiphp: Slot [28] registered
[    2.689857] acpiphp: Slot [29] registered
[    2.690399] acpiphp: Slot [30] registered
[    2.690939] acpiphp: Slot [31] registered
[    2.695126] PCI host bridge to bus 0000:00
[    2.695630] pci_bus 0000:00: root bus resource [io  0x0000-0x0cf7 window]
[    2.696453] pci_bus 0000:00: root bus resource [io  0x0d00-0xffff window]
[    2.697277] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[    2.698184] pci_bus 0000:00: root bus resource [mem 0x80000000-0xfebfffff window]
[    2.699093] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window]
[    2.700028] pci_bus 0000:00: root bus resource [bus 00-ff]
[    2.700785] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
[    2.700785] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
[    2.701303] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
[    2.703103] pci 0000:00:01.1: reg 0x20: [io  0xc040-0xc04f]
[    2.703103] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io  0x01f0-0x01f7]
[    2.703103] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io  0x03f6]
[    2.703103] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io  0x0170-0x0177]
[    2.703103] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io  0x0376]
[    2.711362] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
[    2.712592] pci 0000:00:01.3: quirk: [io  0xb000-0xb03f] claimed by PIIX4 ACPI
[    2.713478] pci 0000:00:01.3: quirk: [io  0xb100-0xb10f] claimed by PIIX4 SMB
[    2.714649] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000
[    2.715852] pci 0000:00:02.0: reg 0x10: [mem 0x80000000-0x80ffffff pref]
[    2.717778] pci 0000:00:02.0: reg 0x18: [mem 0x81020000-0x81020fff]
[    2.720898] pci 0000:00:02.0: reg 0x30: [mem 0xffff0000-0xffffffff pref]
[    2.721812] pci 0000:00:02.0: BAR 0: assigned to efifb
[    2.722483] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[    2.725360] pci 0000:00:03.0: [8086:100e] type 00 class 0x020000
[    2.726524] pci 0000:00:03.0: reg 0x10: [mem 0x81000000-0x8101ffff]
[    2.727400] pci 0000:00:03.0: reg 0x14: [io  0xc000-0xc03f]
[    2.729727] pci 0000:00:03.0: reg 0x30: [mem 0xfffc0000-0xffffffff pref]
[    2.753459] ACPI: PCI: Interrupt link LNKA configured for IRQ 11
[    2.754493] ACPI: PCI: Interrupt link LNKB configured for IRQ 11
[    2.755382] ACPI: PCI: Interrupt link LNKC configured for IRQ 10
[    2.756395] ACPI: PCI: Interrupt link LNKD configured for IRQ 10
[    2.757282] ACPI: PCI: Interrupt link LNKS configured for IRQ 9
[    2.759176] iommu: Default domain type: Translated 
[    2.759696] iommu: DMA domain TLB invalidation policy: lazy mode 
[    2.761294] SCSI subsystem initialized
[    2.763186] Callback from call_rcu_tasks() invoked.
[    2.763248] libata version 3.00 loaded.
[    2.763930] ACPI: bus type USB registered
[    2.764450] usbcore: registered new interface driver usbfs
[    2.765110] usbcore: registered new interface driver hub
[    2.765747] usbcore: registered new device driver usb
[    2.766422] pps_core: LinuxPPS API ver. 1 registered
[    2.766996] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    2.767123] PTP clock support registered
[    2.767673] EDAC MC: Ver: 3.0.0
[    2.767722] EDAC DEBUG: edac_mc_sysfs_init: device mc created
[    2.767791] efivars: Registered efivars operations
[    2.768067] NetLabel: Initializing
[    2.768511] NetLabel:  domain hash size = 128
[    2.771112] NetLabel:  protocols = UNLABELED CIPSOv4 CALIPSO
[    2.771844] NetLabel:  unlabeled traffic allowed by default
[    2.772615] PCI: Using ACPI for IRQ routing
[    2.772615] PCI: pci_cache_line_size set to 64 bytes
[    2.772615] e820: reserve RAM buffer [mem 0x00810000-0x008fffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7e7db018-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7e802018-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7e80c000-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7e8b6000-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7e9ee000-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7ee61000-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7fb9b000-0x7fffffff]
[    2.772615] e820: reserve RAM buffer [mem 0x7ff50000-0x7fffffff]
[    2.772615] pci 0000:00:02.0: vgaarb: setting as boot VGA device
[    2.772615] pci 0000:00:02.0: vgaarb: bridge control possible
[    2.772627] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
[    2.775112] vgaarb: loaded
[    2.775512] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
[    2.775995] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
[    2.781360] clocksource: Switched to clocksource kvm-clock
[    2.844415] VFS: Disk quotas dquot_6.6.0
[    2.844923] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[    2.845925] pnp: PnP ACPI init
[    2.846575] pnp 00:02: [dma 2]
[    2.847602] pnp: PnP ACPI: found 6 devices
[    2.858885] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[    2.860232] NET: Registered PF_INET protocol family
[    2.861081] IP idents hash table entries: 32768 (order: 6, 262144 bytes, linear)
[    2.862729] tcp_listen_portaddr_hash hash table entries: 1024 (order: 4, 73728 bytes, linear)
[    2.863813] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
[    2.864764] TCP established hash table entries: 16384 (order: 5, 131072 bytes, linear)
[    2.865867] TCP bind hash table entries: 16384 (order: 9, 2359296 bytes, linear)
[    2.867423] TCP: Hash tables configured (established 16384 bind 16384)
[    2.868291] UDP hash table entries: 1024 (order: 5, 163840 bytes, linear)
[    2.869158] UDP-Lite hash table entries: 1024 (order: 5, 163840 bytes, linear)
[    2.870126] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    2.871154] RPC: Registered named UNIX socket transport module.
[    2.871899] RPC: Registered udp transport module.
[    2.872485] RPC: Registered tcp transport module.
[    2.873071] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    2.873873] pci 0000:00:03.0: can't claim BAR 6 [mem 0xfffc0000-0xffffffff pref]: no compatible bridge window
[    2.875097] pci 0000:00:03.0: BAR 6: assigned [mem 0x81040000-0x8107ffff pref]
[    2.876004] pci_bus 0000:00: resource 4 [io  0x0000-0x0cf7 window]
[    2.876769] pci_bus 0000:00: resource 5 [io  0x0d00-0xffff window]
[    2.877543] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
[    2.878390] pci_bus 0000:00: resource 7 [mem 0x80000000-0xfebfffff window]
[    2.879247] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window]
[    2.880279] pci 0000:00:01.0: PIIX3: Enabling Passive Release
[    2.881001] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
[    2.881840] PCI: CLS 0 bytes, default 64
[    2.882361] ACPI: bus type thunderbolt registered
[    2.883189] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0xb9fb05486c, max_idle_ns: 440795231721 ns
[    2.886245] Initialise system trusted keyrings
[    2.886852] Key type blacklist registered
[    2.887466] workingset: timestamp_bits=36 max_order=19 bucket_order=0
[    2.888292] zbud: loaded
[    2.889109] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    2.890399] NFS: Registering the id_resolver key type
[    2.891040] Key type id_resolver registered
[    2.891582] Key type id_legacy registered
[    2.892099] nfs4filelayout_init: NFSv4 File Layout Driver Registering...
[    2.892942] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering...
[    2.893973] fuse: init (API version 7.38)
[    2.894632] SGI XFS with ACLs, security attributes, realtime, quota, no debug enabled
[    2.895926] 9p: Installing v9fs 9p2000 file system support
[    2.901611] Key type asymmetric registered
[    2.902148] Asymmetric key parser 'x509' registered
[    2.902782] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 243)
[    2.903793] io scheduler mq-deadline registered
[    2.904374] io scheduler bfq registered
[    2.905147] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[    2.906257] IPMI message handler: version 39.2
[    2.906850] ipmi device interface
[    2.908394] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[    2.909452] ACPI: button: Power Button [PWRF]
[    2.910633] ERST DBG: ERST support is disabled.
[    2.911591] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled
[    2.912450] serial 00:04: using ACPI '\_SB.PCI0.ISA.COM1' for 'rs485-term' GPIO lookup
[    2.912471] acpi PNP0501:00: GPIO: looking up rs485-term-gpios
[    2.912480] acpi PNP0501:00: GPIO: looking up rs485-term-gpio
[    2.912487] serial 00:04: using lookup tables for GPIO lookup
[    2.912501] serial 00:04: No GPIO consumer rs485-term found
[    2.912509] serial 00:04: using ACPI '\_SB.PCI0.ISA.COM1' for 'rs485-rx-during-tx' GPIO lookup
[    2.912524] acpi PNP0501:00: GPIO: looking up rs485-rx-during-tx-gpios
[    2.912533] acpi PNP0501:00: GPIO: looking up rs485-rx-during-tx-gpio
[    2.912541] serial 00:04: using lookup tables for GPIO lookup
[    2.912547] serial 00:04: No GPIO consumer rs485-rx-during-tx found
[    2.913001] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[    2.919924] Linux agpgart interface v0.103
[    2.920971] ACPI: bus type drm_connector registered
[    2.930075] brd: module loaded
[    2.935430] loop: module loaded
[    2.937141] ata_piix 0000:00:01.1: version 2.13
[    2.938202] scsi host0: ata_piix
[    2.938916] scsi host1: ata_piix
[    2.939448] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc040 irq 14
[    2.940286] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc048 irq 15
[    2.941828] mdio_bus fixed-0: using lookup tables for GPIO lookup
[    2.941836] mdio_bus fixed-0: No GPIO consumer reset found
[    2.942091] tun: Universal TUN/TAP device driver, 1.6
[    2.942854] e100: Intel(R) PRO/100 Network Driver
[    2.943463] e100: Copyright(c) 1999-2006 Intel Corporation
[    2.944166] e1000: Intel(R) PRO/1000 Network Driver
[    2.944771] e1000: Copyright (c) 1999-2006 Intel Corporation.
[    3.051856] ACPI: \_SB_.LNKC: Enabled at IRQ 10
[    3.099316] ata2: found unknown device (class 0)
[    3.100586] ata1: found unknown device (class 0)
[    3.101898] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[    3.103098] ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100
[    3.103820] ata1.00: 16777216 sectors, multi 16: LBA48 
[    3.105644] scsi 0:0:0:0: Direct-Access     ATA      QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[    3.107263] scsi 0:0:0:0: Attached scsi generic sg0 type 0
[    3.108362] sd 0:0:0:0: [sda] 16777216 512-byte logical blocks: (8.59 GB/8.00 GiB)
[    3.109321] sd 0:0:0:0: [sda] Write Protect is off
[    3.109921] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[    3.109948] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    3.111223] sd 0:0:0:0: [sda] Preferred minimum I/O size 512 bytes
[    3.112907] scsi 1:0:0:0: CD-ROM            QEMU     QEMU DVD-ROM     2.5+ PQ: 0 ANSI: 5
[    3.132012] scsi 1:0:0:0: Attached scsi generic sg1 type 5
[    3.133760] sd 0:0:0:0: [sda] Attached SCSI disk
[    3.395789] e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 52:54:00:12:34:56
[    3.396640] e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection
[    3.397532] e1000e: Intel(R) PRO/1000 Network Driver
[    3.398140] e1000e: Copyright(c) 1999 - 2015 Intel Corporation.
[    3.398902] igb: Intel(R) Gigabit Ethernet Network Driver
[    3.399595] igb: Copyright (c) 2007-2014 Intel Corporation.
[    3.400335] PPP generic driver version 2.4.2
[    3.401308] VFIO - User Level meta-driver version: 0.3
[    3.402473] usbcore: registered new interface driver uas
[    3.403176] usbcore: registered new interface driver usb-storage
[    3.404004] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[    3.405796] serio: i8042 KBD port at 0x60,0x64 irq 1
[    3.406430] serio: i8042 AUX port at 0x60,0x64 irq 12
[    3.407566] mousedev: PS/2 mouse device common for all mice
[    3.409072] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[    3.410712] rtc_cmos 00:05: RTC can wake from S4
[    3.411984] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input4
[    3.413658] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input3
[    3.415043] rtc_cmos 00:05: registered as rtc0
[    3.415730] rtc_cmos 00:05: setting system clock to 2023-03-28T02:28:29 UTC (1679970509)
[    3.416720] rtc_cmos 00:05: using ACPI '\_SB.PCI0.ISA.RTC' for 'wp' GPIO lookup
[    3.416739] acpi PNP0B00:00: GPIO: looking up wp-gpios
[    3.416748] acpi PNP0B00:00: GPIO: looking up wp-gpio
[    3.416755] rtc_cmos 00:05: using lookup tables for GPIO lookup
[    3.416763] rtc_cmos 00:05: No GPIO consumer wp found
[    3.416877] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram
[    3.417698] i2c_dev: i2c /dev entries driver
[    3.418361] device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log.
[    3.419864] device-mapper: uevent: version 1.0.3
[    3.420597] device-mapper: ioctl: 4.47.0-ioctl (2022-07-28) initialised: dm-devel@redhat.com
[    3.421632] intel_pstate: CPU model not supported
[    3.422265] sdhci: Secure Digital Host Controller Interface driver
[    3.423016] sdhci: Copyright(c) Pierre Ossman
[    3.423602] sdhci-pltfm: SDHCI platform and OF driver helper
[    3.424356] ledtrig-cpu: registered to indicate activity on CPUs
[    3.425212] efifb: probing for efifb
[    3.425715] efifb: framebuffer at 0x80000000, using 1876k, total 1875k
[    3.426514] efifb: mode is 800x600x32, linelength=3200, pages=1
[    3.427262] efifb: scrolling: redraw
[    3.427707] efifb: Truecolor: size=8:8:8:8, shift=24:16:8:0
[    3.430943] Console: switching to colour frame buffer device 100x37
[    3.432726] fb0: EFI VGA frame buffer device
[    3.433316] pstore: Registered efi_pstore as persistent store backend
[    3.434380] drop_monitor: Initializing network drop monitor service
[    3.435299] NET: Registered PF_INET6 protocol family
[    3.437832] Segment Routing with IPv6
[    3.438326] In-situ OAM (IOAM) with IPv6
[    3.438852] NET: Registered PF_PACKET protocol family
[    3.439657] 9pnet: Installing 9P2000 support
[    3.440245] Key type dns_resolver registered
[    3.441398] IPI shorthand broadcast: enabled
[    3.452283] sched_clock: Marking stable (3288003182, 163103815)->(3510610267, -59503270)
[    3.453680] registered taskstats version 1
[    3.454338] Loading compiled-in X.509 certificates
[    3.455030] zswap: loaded using pool lzo/zbud
[    3.465556] Key type .fscrypt registered
[    3.466047] Key type fscrypt-provisioning registered
[    3.466692] pstore: Using crash dump compression: deflate
[    3.468142] Key type encrypted registered
[    3.468660] ima: No TPM chip found, activating TPM-bypass!
[    3.469332] ima: Allocated hash algorithm: sha1
[    3.469912] ima: No architecture policies found
[    3.470516] evm: Initialising EVM extended attributes:
[    3.471157] evm: security.selinux
[    3.471569] evm: security.SMACK64
[    3.471980] evm: security.SMACK64EXEC
[    3.472432] evm: security.SMACK64TRANSMUTE
[    3.472936] evm: security.SMACK64MMAP
[    3.473390] evm: security.apparmor
[    3.473813] evm: security.ima
[    3.474183] evm: security.capability
[    3.474624] evm: HMAC attrs: 0x1
[    3.475924] PM:   Magic number: 15:221:461
[    3.476786] RAS: Correctable Errors collector initialized.
[    3.478394] md: Waiting for all devices to be available before autodetect
[    3.478928] md: If you don't use raid, use raid=noautodetect
[    3.479403] md: Autodetecting RAID arrays.
[    3.479740] md: autorun ...
[    3.479971] md: ... autorun DONE.
[    3.521402] EXT4-fs (sda): INFO: recovery required on readonly filesystem
[    3.521958] EXT4-fs (sda): write access will be enabled during recovery
[    3.566764] EXT4-fs (sda): recovery complete
[    3.568620] EXT4-fs (sda): mounted filesystem 23a53bb9-f815-47a5-b74c-5e08f7731193 with ordered data mode. Quota mode: none.
[    3.569544] VFS: Mounted root (ext4 filesystem) readonly on device 8:0.
[    3.570559] devtmpfs: mounted
[    3.576773] Freeing unused decrypted memory: 2036K
[    3.578958] Freeing unused kernel image (initmem) memory: 10400K
[    3.579472] Write protecting the kernel read-only data: 45056k
[    3.580937] Freeing unused kernel image (rodata/data gap) memory: 436K
[    3.656757] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[    3.657273] Run /sbin/init as init process
[    3.657604]   with arguments:
[    3.657608]     /sbin/init
[    3.657613]   with environment:
[    3.657617]     HOME=/
[    3.657622]     TERM=linux
[    3.734361] systemd[1]: RTC configured in localtime, applying delta of 0 minutes to system time.
[    3.757907] systemd[1]: systemd 239 (239-49.el8) running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=legacy)
[    3.759784] systemd[1]: Detected virtualization kvm.
[    3.760198] systemd[1]: Detected architecture x86-64.
[    3.809325] systemd[1]: Set hostname to <test>.
[    4.019713] systemd[1]: Listening on Journal Socket.
[    4.020976] systemd[1]: Listening on Device-mapper event daemon FIFOs.
[    4.022648] systemd[1]: Reached target Swap.
[    4.023642] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
[    4.025145] systemd[1]: Listening on udev Kernel Socket.
[    4.047355] systemd[1]: Starting Remount Root and Kernel File Systems...
[    4.199570] EXT4-fs (sda): re-mounted 23a53bb9-f815-47a5-b74c-5e08f7731193. Quota mode: none.
[    5.647520] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[    5.648613] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[    5.847753] Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks!
[    5.848948] Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks!
[   14.012455] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=340 'systemd'
Jens Axboe March 28, 2023, 3:03 p.m. UTC | #2
On 3/27/23 8:55 PM, Pengfei Xu wrote:
> Hi Jens Axboe,
> 
> On 2023-03-27 at 20:08:25 -0600, Jens Axboe wrote:
>> Unless we have at least one entry queued, then don't call into
>> io_poll_remove_entries(). Normally this isn't possible, but if we
>> retry poll then we can have ->nr_entries cleared again as we're
>> setting it up. If this happens for a poll retry, then we'll still have
>> at least REQ_F_SINGLE_POLL set. io_poll_remove_entries() then thinks
>> it has entries to remove.
>>
>> Clear REQ_F_SINGLE_POLL and REQ_F_DOUBLE_POLL unconditionally when
>> arming a poll request.
>>
>> Fixes: c16bda37594f ("io_uring/poll: allow some retries for poll triggering spuriously")
>> Cc: stable@vger.kernel.org
>> Reported-by: Pengfei Xu <pengfei.xu@intel.com>
>> Signed-off-by: Jens Axboe <axboe@kernel.dk>
>>
>> ---
>>
>> diff --git a/io_uring/poll.c b/io_uring/poll.c
>> index 795facbd0e9f..55306e801081 100644
>> --- a/io_uring/poll.c
>> +++ b/io_uring/poll.c
>> @@ -726,6 +726,7 @@ int io_arm_poll_handler(struct io_kiocb *req, unsigned issue_flags)
>>  	apoll = io_req_alloc_apoll(req, issue_flags);
>>  	if (!apoll)
>>  		return IO_APOLL_ABORTED;
>> +	req->flags &= ~(REQ_F_SINGLE_POLL | REQ_F_DOUBLE_POLL);
>>  	req->flags |= REQ_F_POLLED;
>>  	ipt.pt._qproc = io_async_queue_proc;
>>  
>   Thanks for your patch!
>   I have tested the above patch on top of v6.3-rc4 kernel.
>   This issue was fixed.
>   Reproduced code from syzkaller: https://github.com/xupengfe/syzkaller_logs/blob/main/230327_041425_io_poll_remove_entries/repro.c
>   One more info, bisect methodology comes from myself, not from syzkaller.

Great, thanks for testing!
diff mbox series

Patch

diff --git a/io_uring/poll.c b/io_uring/poll.c
index 795facbd0e9f..55306e801081 100644
--- a/io_uring/poll.c
+++ b/io_uring/poll.c
@@ -726,6 +726,7 @@  int io_arm_poll_handler(struct io_kiocb *req, unsigned issue_flags)
 	apoll = io_req_alloc_apoll(req, issue_flags);
 	if (!apoll)
 		return IO_APOLL_ABORTED;
+	req->flags &= ~(REQ_F_SINGLE_POLL | REQ_F_DOUBLE_POLL);
 	req->flags |= REQ_F_POLLED;
 	ipt.pt._qproc = io_async_queue_proc;