lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 8 Apr 2018 21:58:44 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:     tiwai@...e.com, viro@...iv.linux.org.uk
Cc:     syzbot <syzbot+4f2016cf5185da7759dc@...kaller.appspotmail.com>,
        alsa-devel@...a-project.org, dan.carpenter@...cle.com,
        linux-kernel@...r.kernel.org, mingo@...nel.org,
        o-takashi@...amocchi.jp, perex@...ex.cz,
        syzkaller-bugs@...glegroups.com
Subject: Re: INFO: rcu detected stall in io_playback_transfer

I manually simplified the reproducer.

It is quite strange that removing unshare() hides this lockup bug.
Also, explicitly closing by "close()" hides this lockup bug.
Triggering "fput() from do_exit()" from "different namespace"
somehow affects this lockup bug?

----------------------------------------
#define _GNU_SOURCE
#include <fcntl.h>
#include <sched.h>
#include <unistd.h>
#include <sys/ioctl.h>
#include <linux/soundcard.h>

int main(int argc, char *argv[])
{
	const int fd = open("/dev/dsp1", O_RDWR);
	int frag = (0 << 16) | 0;
	char buf[48] = { };
	unshare(CLONE_NEWNS);
	ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &frag);
	write(fd, buf, sizeof(buf));
	return 0;
}
----------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ