| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKHoSAvxELqPbBhuAT3i1ce_OOh-c0_eHnU_5RX9q8eK1oEEdg@mail.gmail.com> Date: Fri, 3 Jan 2025 16:11:18 +0800 From: cheung wall <zzqq0103.hey@...il.com> To: Ingo Molnar <mingo@...hat.com>, Peter Zijlstra <peterz@...radead.org>, Juri Lelli <juri.lelli@...hat.com>, Vincent Guittot <vincent.guittot@...aro.org> Cc: Dietmar Eggemann <dietmar.eggemann@....com>, Steven Rostedt <rostedt@...dmis.org>, Ben Segall <bsegall@...gle.com>, Mel Gorman <mgorman@...e.de>, Valentin Schneider <vschneid@...hat.com>, linux-kernel@...r.kernel.org Subject: "INFO: rcu_tasks_trace detected stalls on tasks in kernel/sched/core.c" in Linux kernel version 6.13.0-rc2 Hello, I am writing to report a potential vulnerability identified in the Linux Kernel version 6.13.0-rc2. This issue was discovered using our custom vulnerability discovery tool. HEAD commit: fac04efc5c793dccbd07e2d59af9f90b7fc0dca4 (tag: v6.13-rc2) Affected File: kernel/sched/core.c File: kernel/sched/core.c Detailed Call Stack: ------------[ cut here begin]------------ INFO: rcu_tasks_trace detected stalls on tasks Call Trace: <TASK> context_switch kernel/sched/core.c:5369 [inline] __schedule+0xcf2/0x23f0 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0x79/0x290 kernel/sched/core.c:6848 do_nanosleep+0x1a7/0x430 kernel/time/hrtimer.c:2079 hrtimer_nanosleep+0x12a/0x410 kernel/time/hrtimer.c:2126 common_nsleep+0x94/0xc0 kernel/time/posix-timers.c:1356 __do_sys_clock_nanosleep kernel/time/posix-timers.c:1402 [inline] __se_sys_clock_nanosleep kernel/time/posix-timers.c:1379 [inline] __x64_sys_clock_nanosleep+0x2e3/0x400 kernel/time/posix-timers.c:1379 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xa6/0x1a0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f029f3dbdaa RSP: 002b:00007fffd2a6b500 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f029f3dbdaa RDX: 00007fffd2a6b590 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00007fffd2a6b61c R08: 0000000000019800 R09: 00007f02a00d3000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffd2a6b590 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 </TASK> ------------[ cut here end]------------ Root Cause: The system crash was triggered by a malfunction in the Linux kernel’s scheduler, specifically within the context_switch, __schedule, __schedule_loop, and schedule functions located in kernel/sched/core.c. These scheduler functions failed to properly manage task states, causing critical tasks like syz-executor.7 and systemd-udevd to become stuck in a running state while attempting to execute sleep operations. Concurrent filesystem issues, including unexpected loop device capacity changes and unrecognized mount parameters, likely exacerbated the problem by imposing additional stress on the scheduler. This combination led to prolonged Read-Copy-Update (RCU) stalls, preventing the system from efficiently handling task scheduling and ultimately resulting in the crash. Thank you for your time and attention. Best regards Wall
Powered by blists - more mailing lists