lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZvViU8vmNiXhCjKX@pathway.suse.cz>
Date: Thu, 26 Sep 2024 15:32:03 +0200
From: Petr Mladek <pmladek@...e.com>
To: Sergey Senozhatsky <senozhatsky@...omium.org>
Cc: John Ogness <john.ogness@...utronix.de>,
	Catalin Marinas <catalin.marinas@....com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, linux-serial@...r.kernel.org
Subject: Re: [next-20240925] possible circular locking: uart vs kmemleak

On Thu 2024-09-26 13:07:15, Sergey Senozhatsky wrote:
> Greetings,
> 
> Ran into the following issue today.  It's sort of interesting, not sure
> what even to do about it.  The
> 
> 	uart -> tty -> mm /* kmalloc -> kmemleak */
> 
> chain looks problematic, it certainly overlaps with
> 
> 	mm -> printk -> uart  /* which can kmalloc and re-enter mm -> kmemleak? */

I believe that it will get solved by the uart console driver
conversion to nbcon. I should remove the path:

	printk -> uart

or more precisely, it should remove the path:

	console_owner --> &port_lock_key

The patchset with the uart 8250 console driver conversion is still
pending a review, see the last version at
https://lore.kernel.org/r/20240913140538.221708-1-john.ogness@linutronix.de

Best Regards,
Petr

> chain.
> 
> [   40.056844] ======================================================
> [   40.056845] WARNING: possible circular locking dependency detected
> [   40.056847] 6.11.0-next-20240925+ #729 Tainted: G        W        N
> [   40.056849] ------------------------------------------------------
> [   40.056850] modprobe/431 is trying to acquire lock:
> [   40.056851] ffffffff83cef3e0 (console_owner){-...}-{0:0}, at: console_flush_all+0xd9/0x9d0
> [   40.056859]
> [   40.056859] but task is already holding lock:
> [   40.056859] ffffffff83ed97d8 (kmemleak_lock){-.-.}-{2:2}, at: kmemleak_free+0x2e/0x70
> [   40.056866]
> [   40.056866] which lock already depends on the new lock.
> [   40.056866]
> [   40.056867]
> [   40.056867] the existing dependency chain (in reverse order) is:
> [   40.056868]
> [   40.056868] -> #2 (kmemleak_lock){-.-.}-{2:2}:
> [   40.056872]        _raw_spin_lock_irqsave+0x76/0xb0
> [   40.056876]        __create_object+0x3a/0x110
> [   40.056878]        __kmalloc_noprof+0x1ff/0x390
> [   40.056882]        __tty_buffer_request_room+0x18b/0x4e0
> [   40.056887]        __tty_insert_flip_string_flags+0x8b/0x3c0
> [   40.056889]        uart_insert_char+0x211/0x7f0
> [   40.056893]        serial8250_handle_irq+0x34a/0xb10
> [   40.056897]        serial8250_default_handle_irq+0xaa/0x170
> [   40.056900]        serial8250_interrupt+0xa7/0x130
> [   40.056902]        __handle_irq_event_percpu+0x1e1/0x680
> [   40.056904]        handle_irq_event+0x87/0x1c0
> [   40.056906]        handle_edge_irq+0x201/0x9b0
> [   40.056910]        __common_interrupt+0xb4/0x120
> [   40.056914]        common_interrupt+0x78/0x90
> [   40.056917]        asm_common_interrupt+0x22/0x40
> [   40.056921]        default_idle+0xb/0x10
> [   40.056924]        default_idle_call+0x6e/0xa0
> [   40.056927]        do_idle+0x172/0x3c0
> [   40.056930]        cpu_startup_entry+0x45/0x60
> [   40.056932]        start_secondary+0x12b/0x130
> [   40.056935]        common_startup_64+0x12c/0x137
> [   40.056938]
> [   40.056938] -> #1 (&port_lock_key){-.-.}-{2:2}:
> [   40.056942]        _raw_spin_lock_irqsave+0x76/0xb0
> [   40.056945]        serial8250_console_write+0xf5/0x1b10
> [   40.056947]        console_flush_all+0x4fd/0x9d0
> [   40.056949]        console_unlock+0x99/0x230
> [   40.056952]        vprintk_emit+0x3b6/0x650
> [   40.056955]        _printk+0x59/0x7b
> [   40.056958]        register_console+0x7fb/0xb40
> [   40.056960]        univ8250_console_init+0x3b/0x6b
> [   40.056965]        console_init+0x11a/0x3bb
> [   40.056970]        start_kernel+0x22a/0x39b
> [   40.056975]        x86_64_start_reservations+0x26/0x2b
> [   40.056979]        copy_bootdata+0x0/0xb0
> [   40.056981]        common_startup_64+0x12c/0x137
> [   40.056983]
> [   40.056983] -> #0 (console_owner){-...}-{0:0}:
> [   40.056986]        __lock_acquire+0x3790/0x7830
> [   40.056992]        lock_acquire+0x140/0x3b0
> [   40.056994]        console_flush_all+0x482/0x9d0
> [   40.056996]        console_unlock+0x99/0x230
> [   40.056999]        vprintk_emit+0x3b6/0x650
> [   40.057001]        _printk+0x59/0x7b
> [   40.057003]        __find_and_remove_object+0x106/0x120
> [   40.057005]        kmemleak_free+0x3d/0x70
> [   40.057007]        free_large_kmalloc+0x4d/0xb0
> [   40.057009]        init_module+0x12/0xffb [zram]
> [   40.057016]        do_one_initcall+0x130/0x450
> [   40.057018]        do_init_module+0x36a/0x890
> [   40.057021]        __se_sys_finit_module+0x513/0x7e0
> [   40.057022]        do_syscall_64+0x71/0x110
> [   40.057024]        entry_SYSCALL_64_after_hwframe+0x4b/0x53
> [   40.057027]
> [   40.057027] other info that might help us debug this:
> [   40.057027]
> [   40.057028] Chain exists of:
> [   40.057028]   console_owner --> &port_lock_key --> kmemleak_lock
> [   40.057028]
> [   40.057032]  Possible unsafe locking scenario:
> [   40.057032]
> [   40.057033]        CPU0                    CPU1
> [   40.057033]        ----                    ----
> [   40.057034]   lock(kmemleak_lock);
> [   40.057035]                                lock(&port_lock_key);
> [   40.057037]                                lock(kmemleak_lock);
> [   40.057039]   lock(console_owner);
> [   40.057040]
> [   40.057040]  *** DEADLOCK ***
> [   40.057040]
> [   40.057041] 3 locks held by modprobe/431:
> [   40.057043]  #0: ffffffff83ed97d8 (kmemleak_lock){-.-.}-{2:2}, at: kmemleak_free+0x2e/0x70
> [   40.057048]  #1: ffffffff83cef440 (console_lock){+.+.}-{0:0}, at: _printk+0x59/0x7b
> [   40.057053]  #2: ffffffff83cef050 (console_srcu){....}-{0:0}, at: console_flush_all+0xd9/0x9d0
> [   40.057057]
> [   40.057057] stack backtrace:
> [   40.057059] CPU: 11 UID: 0 PID: 431 Comm: modprobe Tainted: G        W        N 6.11.0-next-20240925+ #729
> [   40.057063] Tainted: [W]=WARN, [N]=TEST
> [   40.057065] Call Trace:
> [   40.057066]  <TASK>
> [   40.057067]  dump_stack_lvl+0xa3/0xeb
> [   40.057071]  print_circular_bug+0x136/0x1b0
> [   40.057074]  check_noncircular+0x26a/0x370
> [   40.057078]  __lock_acquire+0x3790/0x7830
> [   40.057085]  lock_acquire+0x140/0x3b0
> [   40.057087]  ? console_flush_all+0xd9/0x9d0
> [   40.057090]  ? console_flush_all+0xd9/0x9d0
> [   40.057092]  console_flush_all+0x482/0x9d0
> [   40.057094]  ? console_flush_all+0xd9/0x9d0
> [   40.057096]  ? console_flush_all+0xd9/0x9d0
> [   40.057100]  console_unlock+0x99/0x230
> [   40.057103]  vprintk_emit+0x3b6/0x650
> [   40.057107]  _printk+0x59/0x7b
> [   40.057110]  __find_and_remove_object+0x106/0x120
> [   40.057113]  kmemleak_free+0x3d/0x70
> [   40.057115]  free_large_kmalloc+0x4d/0xb0
> [   40.057118]  init_module+0x12/0xffb [zram]
> [   40.057125]  do_one_initcall+0x130/0x450
> [   40.057127]  ? __cfi_init_module+0x5/0x5 [zram]
> [   40.057133]  ? stack_depot_save_flags+0x25/0x700
> [   40.057136]  ? stack_trace_save+0xb3/0x150
> [   40.057140]  ? kasan_save_track+0x3c/0x60
> [   40.057143]  ? kasan_save_track+0x2b/0x60
> [   40.057145]  ? __kasan_kmalloc+0x6e/0x80
> [   40.057147]  ? do_init_module+0x16e/0x890
> [   40.057149]  ? __se_sys_finit_module+0x513/0x7e0
> [   40.057151]  ? do_syscall_64+0x71/0x110
> [   40.057156]  ? entry_SYSCALL_64_after_hwframe+0x4b/0x53
> [   40.057160]  ? stack_depot_save_flags+0x25/0x700
> [   40.057162]  ? stack_trace_save+0xb3/0x150
> [   40.057165]  ? __create_object+0x62/0x110
> [   40.057168]  ? do_raw_spin_unlock+0x5a/0x950
> [   40.057170]  ? __create_object+0x62/0x110
> [   40.057173]  ? _raw_spin_unlock_irqrestore+0x31/0x40
> [   40.057176]  ? __create_object+0x62/0x110
> [   40.057179]  ? kasan_unpoison+0x49/0x70
> [   40.057182]  ? __asan_register_globals+0x54/0x70
> [   40.057184]  do_init_module+0x36a/0x890
> [   40.057189]  __se_sys_finit_module+0x513/0x7e0
> [   40.057195]  do_syscall_64+0x71/0x110
> [   40.057197]  entry_SYSCALL_64_after_hwframe+0x4b/0x53

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ