| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210302054941.GA23892@xsang-OptiPlex-9020>
Date: Tue, 2 Mar 2021 13:49:41 +0800
From: kernel test robot <oliver.sang@...el.com>
To: John Wood <john.wood@....com>
Cc: 0day robot <lkp@...el.com>, LKML <linux-kernel@...r.kernel.org>,
lkp@...ts.01.org, Kees Cook <keescook@...omium.org>,
Jann Horn <jannh@...gle.com>,
Randy Dunlap <rdunlap@...radead.org>,
Jonathan Corbet <corbet@....net>,
James Morris <jmorris@...ei.org>,
Shuah Khan <shuah@...nel.org>, John Wood <john.wood@....com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-doc@...r.kernel.org, linux-security-module@...r.kernel.org,
linux-kselftest@...r.kernel.org,
kernel-hardening@...ts.openwall.com
Subject: [security/brute] cfe92ab6a3: WARNING:inconsistent_lock_state
Greeting,
FYI, we noticed the following commit (built with gcc-9):
commit: cfe92ab6a3ea700c08ba673b46822d51f38d6b40 ("[PATCH v5 2/8] security/brute: Define a LSM and manage statistical data")
url: https://github.com/0day-ci/linux/commits/John-Wood/Fork-brute-force-attack-mitigation/20210228-022911
base: https://git.kernel.org/cgit/linux/kernel/git/shuah/linux-kselftest.git next
in testcase: trinity
version: trinity-static-i386-x86_64-f93256fb_2019-08-28
with following parameters:
group: ["group-00", "group-01", "group-02", "group-03", "group-04"]
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 8G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-------------------------------------------------------------------------+------------+------------+
| | 1d53b7aac6 | cfe92ab6a3 |
+-------------------------------------------------------------------------+------------+------------+
| WARNING:inconsistent_lock_state | 0 | 6 |
| inconsistent{IN-SOFTIRQ-W}->{SOFTIRQ-ON-W}usage | 0 | 6 |
+-------------------------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 116.852721] ================================
[ 116.853120] WARNING: inconsistent lock state
[ 116.853120] 5.11.0-rc7-00013-gcfe92ab6a3ea #1 Tainted: G S
[ 116.853120] --------------------------------
[ 116.853120] inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
[ 116.853120] swapper/0/1 [HC0[0]:SC0[0]:HE1:SE1] takes:
[ 116.853120] c1c36e50 (&stats->lock){+.?.}-{2:2}, at: brute_task_free+0x20/0xa0
[ 116.853120] {IN-SOFTIRQ-W} state was registered at:
[ 116.864330] lock_acquire+0xa3/0x380
[ 116.864330] _raw_spin_lock+0x2a/0x80
[ 116.864330] brute_task_free+0x20/0xa0
[ 116.864330] security_task_free+0x2a/0x60
[ 116.864330] __put_task_struct+0x52/0x140
[ 116.864330] delayed_put_task_struct+0xa7/0x140
[ 116.864330] rcu_do_batch+0x1e5/0x900
[ 116.864330] rcu_core+0x21d/0x3e0
[ 116.864330] rcu_core_si+0xd/0x20
[ 116.864330] __do_softirq+0xc1/0x44b
[ 116.864330] call_on_stack+0x45/0x60
[ 116.880334] do_softirq_own_stack+0x25/0x40
[ 116.880334] irq_exit_rcu+0xc5/0xe0
[ 116.880334] sysvec_call_function_single+0x44/0x60
[ 116.880334] handle_exception_return+0x0/0xcd
[ 116.880334] lock_acquire+0xc0/0x380
[ 116.880334] down_write+0x38/0x100
[ 116.880334] crypto_larval_kill+0x15/0xa0
[ 116.880334] crypto_wait_for_test+0x5a/0x80
[ 116.880334] crypto_register_alg+0x54/0x80
[ 116.880334] crypto_register_algs+0x35/0x80
[ 116.880334] crypto_null_mod_init+0x18/0x60
[ 116.880334] do_one_initcall+0x60/0x320
[ 116.880334] kernel_init_freeable+0x208/0x257
[ 116.896332] kernel_init+0xd/0xf3
[ 116.896332] ret_from_fork+0x1c/0x28
[ 116.896332] irq event stamp: 50228285
[ 116.896332] hardirqs last enabled at (50228285): [<d3a0f442>] _raw_spin_unlock_irq+0x22/0x40
[ 116.896332] hardirqs last disabled at (50228284): [<d3a0f1bd>] _raw_spin_lock_irq+0x5d/0x80
[ 116.896332] softirqs last enabled at (50222932): [<d3a113f0>] __do_softirq+0x2f0/0x44b
[ 116.896332] softirqs last disabled at (50222927): [<ce8cb565>] call_on_stack+0x45/0x60
[ 116.896332]
[ 116.896332] other info that might help us debug this:
[ 116.896332] Possible unsafe locking scenario:
[ 116.896332]
[ 116.896332] CPU0
[ 116.896332] ----
[ 116.896332] lock(&stats->lock);
[ 116.912333] <Interrupt>
[ 116.912333] lock(&stats->lock);
[ 116.912333]
[ 116.912333] *** DEADLOCK ***
[ 116.912333]
[ 116.912333] 1 lock held by swapper/0/1:
[ 116.912333] #0: c92364e0 (&dev->mutex){....}-{3:3}, at: __device_attach+0x2f/0x160
[ 116.912333]
[ 116.912333] stack backtrace:
[ 116.912333] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G S 5.11.0-rc7-00013-gcfe92ab6a3ea #1
[ 116.912333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.912333] Call Trace:
[ 116.912333] dump_stack+0x6d/0x8b
[ 116.912333] print_usage_bug.cold+0x15e/0x166
[ 116.912333] mark_lock_irq+0x2a0/0x4a0
[ 116.912333] ? save_trace+0x3f/0x360
[ 116.928337] mark_lock+0x1e0/0x740
[ 116.928337] __lock_acquire+0x31e/0xa60
[ 116.928337] ? kvm_sched_clock_read+0x15/0x40
[ 116.928337] ? sched_clock+0x11/0x20
[ 116.928337] lock_acquire+0xa3/0x380
[ 116.928337] ? brute_task_free+0x20/0xa0
[ 116.928337] ? find_held_lock+0x24/0x80
[ 116.928337] ? wait_for_completion+0xc3/0xe0
[ 116.928337] _raw_spin_lock+0x2a/0x80
[ 116.928337] ? brute_task_free+0x20/0xa0
[ 116.928337] brute_task_free+0x20/0xa0
[ 116.928337] security_task_free+0x2a/0x60
[ 116.928337] __put_task_struct+0x52/0x140
[ 116.928337] kthread_stop+0x167/0x2e0
[ 116.928337] scsi_host_dev_release+0x57/0xe0
[ 116.944331] device_release+0x30/0xa0
[ 116.944331] kobject_release+0x3a/0x180
[ 116.944331] kobject_put+0x57/0x80
[ 116.944331] put_device+0x11/0x20
[ 116.944331] scsi_host_put+0x12/0x20
[ 116.944331] aha1542_hw_init+0x127/0x6c0
[ 116.944331] aha1542_isa_match+0x10/0x40
[ 116.944331] isa_bus_match+0x34/0x60
[ 116.944331] __device_attach_driver+0x27/0xe0
[ 116.944331] ? driver_allows_async_probing+0x60/0x60
[ 116.944331] bus_for_each_drv+0x5f/0xa0
[ 116.944331] __device_attach+0xd7/0x160
[ 116.944331] ? driver_allows_async_probing+0x60/0x60
[ 116.944331] device_initial_probe+0x12/0x20
[ 116.944331] bus_probe_device+0x77/0x80
[ 116.944331] device_add+0x347/0x7a0
[ 116.960328] ? pm_runtime_init+0xc5/0xe0
[ 116.960328] device_register+0x17/0x20
[ 116.960328] isa_register_driver+0xd5/0x160
[ 116.960328] ? aha152x_init+0x5d3/0x5d3
[ 116.960328] aha1542_init+0x38/0x5e
[ 116.960328] do_one_initcall+0x60/0x320
[ 116.960328] ? rcu_read_lock_sched_held+0x47/0x80
[ 116.960328] ? trace_initcall_level+0x84/0xac
[ 116.960328] kernel_init_freeable+0x208/0x257
[ 116.960328] ? rest_init+0x22d/0x22d
[ 116.960328] kernel_init+0xd/0xf3
[ 116.960328] ret_from_fork+0x1c/0x28
To reproduce:
# build kernel
cd linux
cp config-5.11.0-rc7-00013-gcfe92ab6a3ea .config
make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Oliver Sang
View attachment "config-5.11.0-rc7-00013-gcfe92ab6a3ea" of type "text/plain" (266173 bytes)
View attachment "job-script" of type "text/plain" (4127 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (39676 bytes)
Powered by blists - more mailing lists