lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Mar 2019 08:59:22 +0100 From: luca abeni <luca.abeni@...tannapisa.it> To: "chengjian (D)" <cj.chengjian@...wei.com> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Li Bin <huawei.libin@...wei.com>, "Xiexiuqi (Xie XiuQi)" <xiexiuqi@...wei.com>, <mingo@...hat.com>, Peter Zijlstra <peterz@...radead.org> Subject: Re: WARN ON at kernel/sched/deadline.c task_non_contending Hi all, On Tue, 12 Mar 2019 10:03:12 +0800 "chengjian (D)" <cj.chengjian@...wei.com> wrote: > Hi. > > When looking to test SCHED_DEADLINE syzkaller report an warn in > task_non_contending(). I tested the mainline kernel with the C program > and captured the same call trace. [...] > diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c > index 31c050a0d0ce..d73cb033a06d 100644 > --- a/kernel/sched/deadline.c > +++ b/kernel/sched/deadline.c > @@ -252,7 +252,6 @@ static void task_non_contending(struct > task_struct *p) if (dl_entity_is_special(dl_se)) > return; > > - WARN_ON(hrtimer_active(&dl_se->inactive_timer)); > WARN_ON(dl_se->dl_non_contending); > > zerolag_time = dl_se->deadline - > @@ -287,7 +286,9 @@ static void task_non_contending(struct > task_struct *p) } > > dl_se->dl_non_contending = 1; > - get_task_struct(p); > + > + if (!hrtimer_active(&dl_se->inactive_timer)); > + get_task_struct(p); > hrtimer_start(timer, ns_to_ktime(zerolag_time), > HRTIMER_MODE_REL); } At a first glance, I think the patch is OK, but I need some more time to look at the details. I'll run some experiments with the reproducer, and I'll let you know my conclusions. > Did I miss something ? > > I saw it directly remove the hrtimer in hrtime_start() if hrtime is > queued, it may be unsafe here when the timer handler is running. This is probably why I added that WARN_ON()... I'll look at a possible solution. Thanks, Luca > > Help ? > > I put the syzkaller log and C demo in attachments. > > Thanks. > > >
Powered by blists - more mailing lists