# git gc Expanding reachable commits in commit graph: 78185 Expanding reachable commits in commit graph: 165493 Expanding reachable commits in commit graph: 259199 Expanding reachable commits in commit graph: 347354 Expanding reachable commits in commit graph: 443556 Expanding reachable commits in commit graph: 528212 Expanding reachable commits in commit graph: 629917 Expanding reachable commits in commit graph: 731753 Expanding reachable commits in commit graph: 836022 Expanding reachable commits in commit graph: 943406 Expanding reachable commits in commit graph: 1053513 Expanding reachable commits in commit graph: 1135238 Expanding reachable commits in commit graph: 1235193, done. Writing out commit graph in 4 passes: 60% (3003047/4940772) Writing out commit graph in 4 passes: 61% (3013871/4940772) Writing out commit graph in 4 passes: 62% (3063279/4940772) Writing out commit graph in 4 passes: 63% (3112687/4940772) Writing out commit graph in 4 passes: 64% (3162095/4940772) Writing out commit graph in 4 passes: 65% (3211502/4940772) Writing out commit graph in 4 passes: 66% (3260910/4940772) Writing out commit graph in 4 passes: 67% (3310318/4940772) Writing out commit graph in 4 passes: 68% (3359725/4940772) Writing out commit graph in 4 passes: 69% (3409133/4940772) Writing out commit graph in 4 passes: 70% (3458541/4940772) Writing out commit graph in 4 passes: 71% (3507949/4940772) Writing out commit graph in 4 passes: 72% (3557356/4940772) Writing out commit graph in 4 passes: 73% (3606764/4940772) Writing out commit graph in 4 passes: 74% (3656172/4940772) Writing out commit graph in 4 passes: 74% (3671671/4940772) Writing out commit graph in 4 passes: 75% (3705579/4940772) Writing out commit graph in 4 passes: 76% (3754987/4940772) Writing out commit graph in 4 passes: 77% (3804395/4940772) Writing out commit graph in 4 passes: 78% (3853803/4940772) Writing out commit graph in 4 passes: 79% (3903210/4940772) Writing out commit graph in 4 passes: 80% (3952618/4940772) Writing out commit graph in 4 passes: 81% (4002026/4940772) Writing out commit graph in 4 passes: 82% (4051434/4940772) Writing out commit graph in 4 passes: 83% (4100841/4940772) Writing out commit graph in 4 passes: 84% (4150249/4940772) Writing out commit graph in 4 passes: 85% (4199657/4940772) Writing out commit graph in 4 passes: 86% (4249064/4940772) Writing out commit graph in 4 passes: 87% (4298472/4940772) Writing out commit graph in 4 passes: 88% (4347880/4940772) Writing out commit graph in 4 passes: 89% (4397288/4940772) Writing out commit graph in 4 passes: 90% (4446695/4940772) Writing out commit graph in 4 passes: 91% (4496103/4940772) Writing out commit graph in 4 passes: 92% (4545511/4940772) Writing out commit graph in 4 passes: 93% (4594918/4940772) Writing out commit graph in 4 passes: 94% (4644326/4940772) Writing out commit graph in 4 passes: 95% (4693734/4940772) Writing out commit graph in 4 passes: 96% (4743142/4940772) Writing out commit graph in 4 passes: 97% (4792549/4940772) Writing out commit graph in 4 passes: 98% (4841957/4940772) Writing out commit graph in 4 passes: 99% (4891365/4940772) Writing out commit graph in 4 passes: 100% (4940772/4940772) Writing out commit graph in 4 passes: 100% (4940772/4940772), done. # git rev-parse -q --verify 9a6b294ab496650e9f270123730df37030911b55^{commit} # git fetch -q -n -f git://fs.ozlabs.ibm.com/kernel/linus master # git rev-parse -q --verify 9a6b294ab496650e9f270123730df37030911b55^{commit} 9a6b294ab496650e9f270123730df37030911b55 # git checkout -q -f -B kisskb 9a6b294ab496650e9f270123730df37030911b55 # git clean -qxdf # < git log -1 # commit 9a6b294ab496650e9f270123730df37030911b55 # Author: David Howells # Date: Thu Dec 21 13:57:31 2023 +0000 # # afs: Fix use-after-free due to get/remove race in volume tree # # When an afs_volume struct is put, its refcount is reduced to 0 before # the cell->volume_lock is taken and the volume removed from the # cell->volumes tree. # # Unfortunately, this means that the lookup code can race and see a volume # with a zero ref in the tree, resulting in a use-after-free: # # refcount_t: addition on 0; use-after-free. # WARNING: CPU: 3 PID: 130782 at lib/refcount.c:25 refcount_warn_saturate+0x7a/0xda # ... # RIP: 0010:refcount_warn_saturate+0x7a/0xda # ... # Call Trace: # afs_get_volume+0x3d/0x55 # afs_create_volume+0x126/0x1de # afs_validate_fc+0xfe/0x130 # afs_get_tree+0x20/0x2e5 # vfs_get_tree+0x1d/0xc9 # do_new_mount+0x13b/0x22e # do_mount+0x5d/0x8a # __do_sys_mount+0x100/0x12a # do_syscall_64+0x3a/0x94 # entry_SYSCALL_64_after_hwframe+0x62/0x6a # # Fix this by: # # (1) When putting, use a flag to indicate if the volume has been removed # from the tree and skip the rb_erase if it has. # # (2) When looking up, use a conditional ref increment and if it fails # because the refcount is 0, replace the node in the tree and set the # removal flag. # # Fixes: 20325960f875 ("afs: Reorganise volume and server trees to be rooted on the cell") # Signed-off-by: David Howells # Reviewed-by: Jeffrey Altman # cc: Marc Dionne # cc: linux-afs@lists.infradead.org # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/korg/gcc-11.3.0-nolibc/sparc64-linux/bin/sparc64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-11.3.0-nolibc/sparc64-linux/bin/sparc64-linux-ld --version # < git log --format=%s --max-count=1 9a6b294ab496650e9f270123730df37030911b55 # make -s -j 40 ARCH=sparc64 O=/kisskb/build/linus_allmodconfig_sparc64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.3.0-nolibc/sparc64-linux/bin/sparc64-linux- allmodconfig # Added to kconfig CONFIG_BUILD_DOCSRC=n # Added to kconfig CONFIG_HAVE_FTRACE_MCOUNT_RECORD=n # Added to kconfig CONFIG_SAMPLES=n # Added to kconfig CONFIG_MODULE_SIG=n # < make -s -j 40 ARCH=sparc64 O=/kisskb/build/linus_allmodconfig_sparc64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.3.0-nolibc/sparc64-linux/bin/sparc64-linux- help # make -s -j 40 ARCH=sparc64 O=/kisskb/build/linus_allmodconfig_sparc64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.3.0-nolibc/sparc64-linux/bin/sparc64-linux- olddefconfig # make -s -j 40 ARCH=sparc64 O=/kisskb/build/linus_allmodconfig_sparc64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.3.0-nolibc/sparc64-linux/bin/sparc64-linux- :1519:2: warning: #warning syscall clone3 not implemented [-Wcpp] kernel: arch/sparc/boot/image is ready kernel: arch/sparc/boot/zImage is ready Completed OK # rm -rf /kisskb/build/linus_allmodconfig_sparc64-gcc11 # Build took: 0:14:17.939005