lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 20 Mar 2017 08:17:54 +0100
From:   Takashi Iwai <tiwai@...e.de>
To:     "Dmitry Vyukov" <dvyukov@...gle.com>
Cc:     <alsa-devel@...a-project.org>, "Jaroslav Kysela" <perex@...ex.cz>,
        "LKML" <linux-kernel@...r.kernel.org>,
        "syzkaller" <syzkaller@...glegroups.com>
Subject: Re: sound: another deadlock in snd_seq_pool_done

On Fri, 10 Mar 2017 10:19:13 +0100,
Dmitry Vyukov wrote:
> 
> On Sat, Mar 4, 2017 at 5:31 PM, Dmitry Vyukov <dvyukov@...gle.com> wrote:
> > Hello,
> >
> > The following program creates processes deadlocked in snd_seq_pool_done:
> >
> > https://gist.githubusercontent.com/dvyukov/97efc9cb6d63b1b2c7b737b82cc8b0d6/raw/3546b133ae0b2d3e1190ae7c1f4e240ce7ce132e/gistfile1.txt
> >
> > After few seconds I get:
> >
> > # ps afxu | grep a.out
> > root      8660  2.0  0.0      0     0 pts/0    Zl   16:27   0:00
> > [a.out] <defunct>
> >
> > # kill -9 8660
> >
> > # cat /proc/8660/status
> > Name: a.out
> > State: Z (zombie)
> > Tgid: 8660
> > Ngid: 0
> > Pid: 8660
> > PPid: 1
> > TracerPid: 0
> > Uid: 0 0 0 0
> > Gid: 0 0 0 0
> > FDSize: 0
> > Groups: 0
> > NStgid: 8660
> > NSpid: 8660
> > NSpgid: 8660
> > NSsid: 2971
> > Threads: 2
> > SigQ: 1/3304
> > SigPnd: 0000000000000000
> > ShdPnd: 0000000000000100
> > SigBlk: 0000000000000000
> > SigIgn: 0000000180000000
> > SigCgt: 0000000000000440
> > CapInh: 0000000000000000
> > CapPrm: 0000003fffffffff
> > CapEff: 0000003fffffffff
> > CapBnd: 0000003fffffffff
> > CapAmb: 0000000000000000
> > NoNewPrivs: 0
> > Seccomp: 0
> > Cpus_allowed: f
> > Cpus_allowed_list: 0-3
> > Mems_allowed: 00000000,00000001
> > Mems_allowed_list: 0
> > voluntary_ctxt_switches: 12
> > nonvoluntary_ctxt_switches: 0
> >
> > # cat /proc/8660/task/*/stack
> > [<ffffffff835406db>] snd_seq_pool_done+0x31b/0x620
> > sound/core/seq/seq_memory.c:436
> > [<ffffffff8353a11e>] snd_seq_ioctl_set_client_pool+0x1ae/0x600
> > sound/core/seq/seq_clientmgr.c:1836
> > [<ffffffff835382ba>] snd_seq_ioctl+0x2da/0x4d0
> > sound/core/seq/seq_clientmgr.c:2130
> > [<ffffffff81aced2f>] vfs_ioctl fs/ioctl.c:45 [inline]
> > [<ffffffff81aced2f>] do_vfs_ioctl+0x1bf/0x1790 fs/ioctl.c:685
> > [<ffffffff81ad038f>] SYSC_ioctl fs/ioctl.c:700 [inline]
> > [<ffffffff81ad038f>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:691
> > [<ffffffff8457dc41>] entry_SYSCALL_64_fastpath+0x1f/0xc2
> 
> 
> A friendly ping.

Sorry for the delay, I've been on vacation for over the last two
weeks.  (And I have a deja vu feeing, as if I so often receive your
syzkaller bug reports during or just before my vacation in the past,
too... :)

Will take a look at this soon after digesting the pending mails.


thanks,

Takashi

Powered by blists - more mailing lists