lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <dd264bf7-821b-4cf4-802b-60ae3c7b83bd@I-love.SAKURA.ne.jp>
Date: Wed, 20 Mar 2024 16:30:24 +0900
From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To: Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc: syzbot <syzbot+f78380e4eae53c64125c@...kaller.appspotmail.com>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        John Fastabend <john.fastabend@...il.com>,
        Petr Mladek <pmladek@...e.com>, Steven Rostedt <rostedt@...dmis.org>,
        John Ogness
 <john.ogness@...utronix.de>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        LKML <linux-kernel@...r.kernel.org>, bpf <bpf@...r.kernel.org>
Subject: Re: [syzbot] [kernel?] possible deadlock in console_flush_all (2)

On 2024/03/20 16:12, Alexei Starovoitov wrote:
> On Wed, Mar 20, 2024 at 12:05 AM Tetsuo Handa
> <penguin-kernel@...ove.sakura.ne.jp> wrote:
>>
>> On 2024/03/20 15:56, Alexei Starovoitov wrote:
>>> This has nothing to do with bpf.
>>> bpf never calls printk().
>>
>> Please see the Sample crash report in the dashboard.
>> bpf program is hitting printk() via report_bug().
> 
> Exactly. local_bh_neable is simply asking for a splat.
> _this_ bug is in printk.
> It's a generic issue.

I can't catch. printk() is called due to report_bug().

If the reason report_bug() is called is that spin_unlock_bh() is bad,
this is a bug in sock_map_delete_elem() rather than a bug in printk(), isn't it.

> 
> sockmap bug is orthogonal.
> It's already being looked at.

Then, can we expect that this bug is also fixed shortly?

> 
>> -> #0 (console_owner){....}-{0:0}:
>>        check_prev_add kernel/locking/lockdep.c:3134 [inline]
>>        check_prevs_add kernel/locking/lockdep.c:3253 [inline]
>>        validate_chain+0x18cb/0x58e0 kernel/locking/lockdep.c:3869
>>        __lock_acquire+0x1346/0x1fd0 kernel/locking/lockdep.c:5137
>>        lock_acquire+0x1e4/0x530 kernel/locking/lockdep.c:5754
>>        console_lock_spinning_enable kernel/printk/printk.c:1873 [inline]
>>        console_emit_next_record kernel/printk/printk.c:2901 [inline]
>>        console_flush_all+0x810/0xfd0 kernel/printk/printk.c:2973
>>        console_unlock+0x13b/0x4d0 kernel/printk/printk.c:3042
>>        vprintk_emit+0x5a6/0x770 kernel/printk/printk.c:2342
>>        _printk+0xd5/0x120 kernel/printk/printk.c:2367
>>        __report_bug lib/bug.c:195 [inline]
>>        report_bug+0x346/0x500 lib/bug.c:219
>>        handle_bug+0x3e/0x70 arch/x86/kernel/traps.c:239
>>        exc_invalid_op+0x1a/0x50 arch/x86/kernel/traps.c:260
>>        asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621
>>        __local_bh_enable_ip+0x1be/0x200 kernel/softirq.c:362
>>        spin_unlock_bh include/linux/spinlock.h:396 [inline]
>>        __sock_map_delete net/core/sock_map.c:424 [inline]
>>        sock_map_delete_elem+0xca/0x140 net/core/sock_map.c:446
>>        bpf_prog_2c29ac5cdc6b1842+0x42/0x46
>>        bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]
>>        __bpf_prog_run include/linux/filter.h:657 [inline]
>>        bpf_prog_run include/linux/filter.h:664 [inline]


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ