[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZnqLnw1efH2k+7oD@xpf.sh.intel.com>
Date: Tue, 25 Jun 2024 17:19:27 +0800
From: Pengfei Xu <pengfei.xu@...el.com>
To: Marco Elver <elver@...gle.com>
CC: <andreyknvl@...il.com>, <akpm@...ux-foundation.org>,
<linux-kernel@...r.kernel.org>
Subject: Re: [Syzkaller & bisect] There is BUG: MAX_LOCKDEP_KEYS too low! in
v6.10-rc5 kernel
Hi Marco,
On 2024-06-25 at 10:21:57 +0200, Marco Elver wrote:
> On Tue, 25 Jun 2024 at 04:15, Pengfei Xu <pengfei.xu@...el.com> wrote:
> >
> > Hi Andrey,
> >
> > Greeting!
> >
> > There is BUG: MAX_LOCKDEP_KEYS too low! in v6.10-rc5 kernel.
> >
> > All detailed info: https://github.com/xupengfe/syzkaller_logs/tree/main/240624_120854__MAX_LOCKDEP_KEYS_too_low
> > Syzkaller reproduced code: https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/repro.c
> > Syzkaller syscall repro steps: https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/repro.prog
> > Mount img: https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/mount_0.gz
> > Syzkaller report: https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/repro.report
> > Kconfig(make olddefconfig): https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/kconfig_origin
> > Bisect info: https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/bisect_info.log
> > v6.10-rc5 dmesg: https://github.com/xupengfe/syzkaller_logs/blob/main/240624_120854__MAX_LOCKDEP_KEYS_too_low/f2661062f16b2de5d7b6a5c42a9a5c96326b8454_dmesg.log
> >
> > Bisected and found related commit:
> > cc478e0b6bdf kasan: avoid resetting aux_lock
>
> This is known to trigger on heavily instrumented kernels.
>
> On syzbot we just increase CONFIG_LOCKDEP_BITS and friends [1]. See [2].
>
> [1] https://github.com/google/syzkaller/blob/master/dashboard/config/linux/bits/lockdep.yml
> [2] https://github.com/torvalds/linux/blob/55027e689933ba2e64f3d245fb1ff185b3e7fc81/lib/Kconfig.debug#L1505
>
> I don't see it set in your config. You should probably enable it on
> heavily instrumented builds.
Thank you very much for your suggestion and link sharing for pointing me
towards the relevant configuration options.
I have updated the kernel configuration to set CONFIG_LOCKDEP_BITS=17 to
avoid such issues in the future. And I will take care some other kconfig
items like "CONFIG_LOCKDEP_CHAINS_BITS". I will try some other number for
CONFIG_LOCKDEP_BITS if it's necessary.
Thanks for your guidance and sorry for inconvenience.
Best Regards,
Thanks!
>
> > "
> > [ 157.974013] BUG: MAX_LOCKDEP_KEYS too low!
> > [ 157.974233] turning off the locking correctness validator.
> > [ 157.974459] CPU: 1 PID: 736 Comm: repro Tainted: G W 6.10.0-rc5-f2661062f16b+ #1
> > [ 157.974864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
> > [ 157.975392] Call Trace:
> > [ 157.975502] <TASK>
> > [ 157.975600] dump_stack_lvl+0xea/0x150
> > [ 157.975786] dump_stack+0x19/0x20
> > [ 157.975937] register_lock_class+0xaee/0x10d0
> > [ 157.976136] ? __pfx_register_lock_class+0x10/0x10
> > [ 157.976351] ? __pfx_mark_lock.part.0+0x10/0x10
> > [ 157.976553] __lock_acquire+0xfe/0x5ca0
> > [ 157.976727] ? __pfx_mark_lock.part.0+0x10/0x10
> > [ 157.976929] ? __pfx_register_lock_class+0x10/0x10
> > [ 157.977140] ? __kasan_check_read+0x15/0x20
> > [ 157.977325] ? __pfx___lock_acquire+0x10/0x10
> > [ 157.977517] ? __kasan_check_read+0x15/0x20
> > [ 157.977696] ? mark_lock.part.0+0xf3/0x17a0
> > [ 157.977878] ? __kasan_check_read+0x15/0x20
> > [ 157.978059] lock_acquire+0x1ce/0x580
> > [ 157.978221] ? touch_wq_lockdep_map+0x75/0x130
> > [ 157.978416] ? register_lock_class+0xbf/0x10d0
> > [ 157.978610] ? __pfx_lock_acquire+0x10/0x10
> > [ 157.978794] ? __pfx_register_lock_class+0x10/0x10
> > [ 157.979000] ? lockdep_init_map_type+0x2df/0x810
> > [ 157.979201] ? lockdep_init_map_type+0x2df/0x810
> > [ 157.979403] ? touch_wq_lockdep_map+0x75/0x130
> > [ 157.979598] touch_wq_lockdep_map+0x8a/0x130
> > [ 157.979786] ? touch_wq_lockdep_map+0x75/0x130
> > [ 157.979988] __flush_workqueue+0xfd/0x1040
> > [ 157.980164] ? __this_cpu_preempt_check+0x21/0x30
> > [ 157.980370] ? lock_release+0x418/0x840
> > [ 157.980542] ? __pfx___flush_workqueue+0x10/0x10
> > [ 157.980745] ? __mutex_unlock_slowpath+0x16f/0x630
> > [ 157.980979] ? xfs_log_force+0x1db/0xa30
> > [ 157.981191] ? sync_filesystem+0x1e5/0x2a0
> > [ 157.981386] xlog_cil_push_now.isra.0+0x6c/0x210
> > [ 157.981588] xlog_cil_force_seq+0x1d4/0x790
> > [ 157.981775] ? __pfx_xlog_cil_force_seq+0x10/0x10
> > [ 157.981982] ? xfs_fs_sync_fs+0x1ed/0x3a0
> > [ 157.982157] ? debug_smp_processor_id+0x20/0x30
> > [ 157.982358] ? rcu_is_watching+0x19/0xc0
> > [ 157.982532] ? __sanitizer_cov_trace_const_cmp1+0x1e/0x30
> > [ 157.982767] ? sync_filesystem+0x1e5/0x2a0
> > [ 157.982944] xfs_log_force+0x1db/0xa30
> > [ 157.983109] ? sync_filesystem+0x1e5/0x2a0
> > [ 157.983287] ? sync_filesystem+0x1e5/0x2a0
> > [ 157.983464] xfs_fs_sync_fs+0x1ed/0x3a0
> > [ 157.983632] ? __pfx_xfs_fs_sync_fs+0x10/0x10
> > [ 157.983821] sync_filesystem+0x1e5/0x2a0
> > [ 157.983990] generic_shutdown_super+0x8c/0x520
> > [ 157.984183] kill_block_super+0x45/0xa0
> > [ 157.984349] xfs_kill_sb+0x1e/0x60
> > [ 157.984498] deactivate_locked_super+0xcb/0x1c0
> > [ 157.984694] deactivate_super+0xc0/0xe0
> > [ 157.984865] cleanup_mnt+0x2fc/0x460
> > [ 157.985023] __cleanup_mnt+0x1f/0x30
> > [ 157.985179] task_work_run+0x19c/0x2b0
> > [ 157.985343] ? __pfx_task_work_run+0x10/0x10
> > [ 157.985528] ? __this_cpu_preempt_check+0x21/0x30
> > [ 157.985734] ? syscall_exit_to_user_mode+0x109/0x200
> > [ 157.985951] syscall_exit_to_user_mode+0x1ec/0x200
> > [ 157.986160] do_syscall_64+0x79/0x140
> > [ 157.986322] entry_SYSCALL_64_after_hwframe+0x76/0x7e
> > [ 157.986536] RIP: 0033:0x7fab3634e87b
> > [ 157.986692] Code: 0f 1e fa 48 89 fe 31 ff e9 72 08 00 00 66 90 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 71 b5 0a 00 f7 d8
> > [ 157.987430] RSP: 002b:00007ffc181e2598 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
> > [ 157.987742] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fab3634e87b
> > [ 157.988031] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffc181e2640
> > [ 157.988321] RBP: 00007ffc181e3680 R08: 0000000000000000 R09: 00007ffc181e2430
> > [ 157.988611] R10: 00007fab363b13e0 R11: 0000000000000202 R12: 00007ffc181e37f8
> > [ 157.988761] XFS (loop7): Ending clean mount
> > [ 157.988901] R13: 0000000000403138 R14: 000000000040fe08 R15: 00007fab36460000
> > [ 157.989407] </TASK>
> > "
> >
> > I hope it's helpful.
> >
> > Thanks!
> >
Powered by blists - more mailing lists