lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <tencent_85E3BD8449176BF76DA6DE736BA36E097705@qq.com>
Date: Tue, 22 Oct 2024 15:51:27 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+a234c2d63e0c171ca10e@...kaller.appspotmail.com
Cc: linux-kernel@...r.kernel.org,
	syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [serial?] BUG: soft lockup in debug_check_no_obj_freed

directly use the simpler _irq() lock/unlock calls instead of the more
complex _irqsave/_irqrestore variants

#syz test

diff --git a/lib/debugobjects.c b/lib/debugobjects.c
index 5ce473ad499b..936c94655e35 100644
--- a/lib/debugobjects.c
+++ b/lib/debugobjects.c
@@ -958,7 +958,7 @@ EXPORT_SYMBOL_GPL(debug_object_active_state);
 #ifdef CONFIG_DEBUG_OBJECTS_FREE
 static void __debug_check_no_obj_freed(const void *address, unsigned long size)
 {
-	unsigned long flags, oaddr, saddr, eaddr, paddr, chunks;
+	unsigned long oaddr, saddr, eaddr, paddr, chunks;
 	int cnt, objs_checked = 0;
 	struct debug_obj *obj, o;
 	struct debug_bucket *db;
@@ -975,7 +975,7 @@ static void __debug_check_no_obj_freed(const void *address, unsigned long size)
 
 repeat:
 		cnt = 0;
-		raw_spin_lock_irqsave(&db->lock, flags);
+		raw_spin_lock_irq(&db->lock);
 		hlist_for_each_entry_safe(obj, tmp, &db->list, node) {
 			cnt++;
 			oaddr = (unsigned long) obj->object;
@@ -985,7 +985,7 @@ static void __debug_check_no_obj_freed(const void *address, unsigned long size)
 			switch (obj->state) {
 			case ODEBUG_STATE_ACTIVE:
 				o = *obj;
-				raw_spin_unlock_irqrestore(&db->lock, flags);
+				raw_spin_unlock_irq(&db->lock);
 				debug_print_object(&o, "free");
 				debug_object_fixup(o.descr->fixup_free, (void *)oaddr, o.state);
 				goto repeat;
@@ -995,7 +995,7 @@ static void __debug_check_no_obj_freed(const void *address, unsigned long size)
 				break;
 			}
 		}
-		raw_spin_unlock_irqrestore(&db->lock, flags);
+		raw_spin_unlock_irq(&db->lock);
 
 		if (cnt > debug_objects_maxchain)
 			debug_objects_maxchain = cnt;


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ