lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aDUFL68oPvsIp47F@hyeyoo>
Date: Tue, 27 May 2025 09:19:59 +0900
From: Harry Yoo <harry.yoo@...cle.com>
To: Xianying Wang <wangxianying546@...il.com>
Cc: akpm@...ux-foundation.org, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [BUG] BUG: scheduling while atomic in throttle_direct_reclaim

On Tue, May 27, 2025 at 09:04:58AM +0900, Harry Yoo wrote:
> On Mon, May 26, 2025 at 11:49:30PM +0800, Xianying Wang wrote:
> > Hi,
> > 
> > I discovered a kernel crash described as "BUG: scheduling while atomic
> > in throttle_direct_reclaim." This issue occurs in the memory reclaim
> > path, specifically in the throttle_direct_reclaim function
> > (mm/vmscan.c), where the kernel attempts to perform a potentially
> > blocking operation (schedule_timeout) while still in an atomic or
> > non-preemptible context, leading to an invalid scheduling state and
> > triggering __schedule_bug().
> > 
> > The crash trace shows that this condition can occur when the kernel
> > mounts a specially crafted ISO9660 image via syz_mount_image$iso9660.
> > During image parsing, the VFS initiates page readahead through
> > read_pages, which issues block I/O backed by a loop device. This leads
> > to a SCSI read path where scsi_alloc_sgtables
> > (drivers/scsi/scsi_lib.c) attempts to allocate memory for a
> > scatterlist using mempool_alloc. If memory pressure is present,
> > mempool_alloc triggers try_to_free_pages, and subsequently
> > throttle_direct_reclaim.
> > 
> > At this point, the kernel is likely in an atomic context due to
> > earlier direct reclaim or preemption disabling within the block layer
> > or SCSI stack. As a result, schedule_timeout is not allowed and
> > triggers a BUG.
> > 
> > I recommend reviewing the reclaim context propagation in:
> > 
> > scsi_alloc_sgtables and sg_alloc_table_chained
> > mempool_alloc in SCSI I/O paths
> > throttle_direct_reclaim to ensure blocking calls are not made from
> > atomic contexts
> >
> > This can be reproduced on:
> > 
> > HEAD commit:
> > 
> > commit e8f897f4afef0031fe618a8e94127a0934896aba
> 
> Well, that's Linux v6.8, which is already end of life.
> Please DO NOT REPORT bugs from kernels that are past their EOL.

I mean, it is fine to report bugs from the following:

1) The latest stable version (e.g., v6.14.8, v6.12.30, v6.6.92, ... etc)
   which can be found at [1] [2], or
2) The latest mainline (Currently v6.15), or
3) Development trees like linux-next and Andrew's mm.git.

FYI, kernel.org [1] lists kernel versions that are supported.

I appreciate your effort to test kernels, but testing EOL kernels might be
a waste of time as the bug you're encountering might have already been
fixed in a newer version but wasn't backported due to the kernel being EOL.

[1] https://kernel.org
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

-- 
Cheers,
Harry / Hyeonggon

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ