| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b6d1c35b-0db6-4d4d-9586-0d0ee0475e36@gmail.com>
Date: Tue, 26 Aug 2025 10:30:14 +0800
From: Leon Hwang <hffilwlqm@...il.com>
To: Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc: syzbot <syzbot+fa5c2814795b5adca240@...kaller.appspotmail.com>,
Andrii Nakryiko <andrii@...nel.org>, Alexei Starovoitov <ast@...nel.org>,
bpf <bpf@...r.kernel.org>, Daniel Borkmann <daniel@...earbox.net>,
Eduard <eddyz87@...il.com>, Hao Luo <haoluo@...gle.com>,
John Fastabend <john.fastabend@...il.com>, Jiri Olsa <jolsa@...nel.org>,
KP Singh <kpsingh@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Network Development <netdev@...r.kernel.org>,
Stanislav Fomichev <sdf@...ichev.me>, Song Liu <song@...nel.org>,
syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
Yonghong Song <yonghong.song@...ux.dev>
Subject: Re: [syzbot] [bpf?] possible deadlock in __bpf_ringbuf_reserve (2)
On 26/8/25 10:23, Alexei Starovoitov wrote:
> On Mon, Aug 25, 2025 at 7:20 PM Leon Hwang <hffilwlqm@...il.com> wrote:
>>
>>
>>
>> On 26/8/25 01:39, syzbot wrote:
>>> Hello,
>>>
>>> syzbot found the following issue on:
>>>
>>> HEAD commit: dd9de524183a xsk: Fix immature cq descriptor production
>>> git tree: bpf
>>> console output: https://syzkaller.appspot.com/x/log.txt?x=102da862580000
>>> kernel config: https://syzkaller.appspot.com/x/.config?x=c321f33e4545e2a1
>>> dashboard link: https://syzkaller.appspot.com/bug?extid=fa5c2814795b5adca240
>>> compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7
>>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=142da862580000
>>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1588aef0580000
>>>
>>> Downloadable assets:
>>> disk image: https://storage.googleapis.com/syzbot-assets/5a3389c1558f/disk-dd9de524.raw.xz
>>> vmlinux: https://storage.googleapis.com/syzbot-assets/c97133192a27/vmlinux-dd9de524.xz
>>> kernel image: https://storage.googleapis.com/syzbot-assets/3ae5a1a88637/bzImage-dd9de524.xz
>>>
>>> IMPORTANT: if you fix the issue, please add the following tag to the commit:
>>> Reported-by: syzbot+fa5c2814795b5adca240@...kaller.appspotmail.com
>>>
>>> ============================================
>>> WARNING: possible recursive locking detected
>>> syzkaller #0 Not tainted
>>> --------------------------------------------
>>> syz-execprog/5866 is trying to acquire lock:
>>> ffffc900048c10d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c7/0x5a0 kernel/bpf/ringbuf.c:423
>>>
>>> but task is already holding lock:
>>> ffffc900048e90d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c7/0x5a0 kernel/bpf/ringbuf.c:423
>>>
>>> other info that might help us debug this:
>>> Possible unsafe locking scenario:
>>>
>>> CPU0
>>> ----
>>> lock(&rb->spinlock);
>>> lock(&rb->spinlock);
>>>
>>> *** DEADLOCK ***
>>>
>>> May be due to missing lock nesting notation
>>
>> Confirmed.
>>
>> I can reproduce this deadlock issue and will work on a fix.
>
> Don't.
>
> It's due to revert.
> Once rqspinlock is fixed the revert will be reverted.
OK. I'll test it after the fixing.
Thanks,
Leon
Powered by blists - more mailing lists