lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <67116876-008b-4ab6-b24c-13f6cafaa9e6@gmail.com>
Date: Sat, 21 Sep 2024 14:33:55 +0200
From: Mirsad Todorovac <mtodorovac69@...il.com>
To: linux-kernel@...r.kernel.org
Cc: "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
 Paolo Abeni <pabeni@...hat.com>, Jamal Hadi Salim <jhs@...atatu.com>,
 Cong Wang <xiyou.wangcong@...il.com>, Jiri Pirko <jiri@...nulli.us>,
 Zhengchao Shao <shaozhengchao@...wei.com>, David Ahern <dsahern@...nel.org>,
 Ryosuke Yasuoka <ryasuoka@...hat.com>, Ido Schimmel <idosch@...dia.com>,
 Amit Cohen <amcohen@...dia.com>, netdev@...r.kernel.org
Subject: [BUG] kernel: BUG: MAX_LOCKDEP_ENTRIES too low! -- from
 netlink_sendmsg()

Hi, all!

Me again.

In the vanilla torvalds tree kernel v6.11-7341-gbaeb9a7d8b60, I came across this bug.

Or is it a feature?

Now, we came across this a couple of months ago, in fact a year and a half, and this came from a call
with a different context, so I thought it would be prudent to investigate.

The work was nothing demanding, but the "make kselftest".

Please find the config attached:

Maybe the interesting part would be LOCKDEP-related stuff:

CONFIG_LOCKDEP_SUPPORT=y
CONFIG_LOCKDEP=y
CONFIG_LOCKDEP_BITS=15
CONFIG_LOCKDEP_CHAINS_BITS=16
CONFIG_LOCKDEP_STACK_TRACE_BITS=19
CONFIG_LOCKDEP_STACK_TRACE_HASH_BITS=14
CONFIG_LOCKDEP_CIRCULAR_QUEUE_BITS=12
# CONFIG_DEBUG_LOCKDEP is not set


Best regards,
Mirsad Todorovac

----------------------------------------------------------------------------------------------------------------------------------------------------
kernel: BUG: MAX_LOCKDEP_ENTRIES too low!
kernel: turning off the locking correctness validator.
kernel: CPU: 20 UID: 0 PID: 34450 Comm: tc Not tainted 6.11.0-gc13-x86-64-tmem-07341-gbaeb9a7d8b60 #76
kernel: Hardware name: ASRock X670E PG Lightning/X670E PG Lightning, BIOS 1.21 04/26/2023
kernel: Call Trace:
kernel:  <TASK>
kernel: dump_stack_lvl (lib/dump_stack.c:122) 
kernel: dump_stack (lib/dump_stack.c:129) 
kernel: add_lock_to_list (kernel/locking/lockdep.c:1409 kernel/locking/lockdep.c:1430) 
kernel: __lock_acquire (kernel/locking/lockdep.c:3232 kernel/locking/lockdep.c:3277 kernel/locking/lockdep.c:3901 kernel/locking/lockdep.c:5199) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: lock_acquire (kernel/locking/lockdep.c:467 (discriminator 4) kernel/locking/lockdep.c:5824 (discriminator 4) kernel/locking/lockdep.c:5787 (discriminator 4)) 
kernel: ? dev_reset_queue (net/sched/sch_generic.c:1308) 
kernel: ? dev_deactivate_many (./include/linux/bottom_half.h:20 (discriminator 1) ./include/linux/netdevice.h:4442 (discriminator 1) net/sched/sch_generic.c:568 (discriminator 1) net/sched/sch_generic.c:1363 (discriminator 1)) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? trace_preempt_off (kernel/trace/trace_preemptirq.c:111) 
kernel: ? dev_deactivate_many (./include/linux/bottom_half.h:20 (discriminator 1) ./include/linux/netdevice.h:4442 (discriminator 1) net/sched/sch_generic.c:568 (discriminator 1) net/sched/sch_generic.c:1363 (discriminator 1)) 
kernel: _raw_spin_lock_bh (./include/linux/spinlock_api_smp.h:127 kernel/locking/spinlock.c:178) 
kernel: ? dev_reset_queue (net/sched/sch_generic.c:1308) 
kernel: dev_reset_queue (net/sched/sch_generic.c:1308) 
kernel: ? dev_deactivate_many (./include/linux/bottom_half.h:20 (discriminator 1) ./include/linux/netdevice.h:4442 (discriminator 1) net/sched/sch_generic.c:568 (discriminator 1) net/sched/sch_generic.c:1363 (discriminator 1)) 
kernel: dev_deactivate_many (./include/linux/netdevice.h:2503 (discriminator 1) net/sched/sch_generic.c:1374 (discriminator 1)) 
kernel: dev_deactivate (./include/linux/list.h:124 ./include/linux/list.h:215 ./include/linux/list.h:229 net/sched/sch_generic.c:1398) 
kernel: qdisc_graft (net/sched/sch_api.c:1137) 
kernel: ? lock_is_held_type (kernel/locking/lockdep.c:5563 (discriminator 1) kernel/locking/lockdep.c:5894 (discriminator 1)) 
kernel: tc_modify_qdisc (net/sched/sch_api.c:1789) 
kernel: ? preempt_count_sub (kernel/sched/core.c:5748 kernel/sched/core.c:5744 kernel/sched/core.c:5766) 
kernel: rtnetlink_rcv_msg (net/core/rtnetlink.c:6646) 
kernel: ? __pfx_rtnetlink_rcv_msg (net/core/rtnetlink.c:6540) 
kernel: netlink_rcv_skb (net/netlink/af_netlink.c:2550) 
kernel: rtnetlink_rcv (net/core/rtnetlink.c:6665) 
kernel: netlink_unicast (net/netlink/af_netlink.c:1331 net/netlink/af_netlink.c:1357) 
kernel: netlink_sendmsg (net/netlink/af_netlink.c:1901) 
kernel: ____sys_sendmsg (net/socket.c:730 (discriminator 1) net/socket.c:745 (discriminator 1) net/socket.c:2603 (discriminator 1)) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ___sys_sendmsg (net/socket.c:2659) 
kernel: __sys_sendmsg (net/socket.c:2686) 
kernel: __x64_sys_sendmsg (net/socket.c:2693) 
kernel: x64_sys_call (arch/x86/entry/syscall_64.c:36) 
kernel: do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) 
kernel: ? syscall_exit_to_user_mode (kernel/entry/common.c:221) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? do_syscall_64 (./arch/x86/include/asm/cpufeature.h:178 arch/x86/entry/common.c:98) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? ___sys_recvmsg (net/socket.c:2867) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? __sys_recvmsg (net/socket.c:2894) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? syscall_exit_to_user_mode (kernel/entry/common.c:221) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? do_syscall_64 (./arch/x86/include/asm/cpufeature.h:178 arch/x86/entry/common.c:98) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? irqentry_exit_to_user_mode (kernel/entry/common.c:234) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? irqentry_exit (kernel/entry/common.c:367) 
kernel: ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
kernel: ? exc_page_fault (arch/x86/mm/fault.c:1543) 
kernel: entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
kernel: RIP: 0033:0x75972092c004
kernel: Code: 15 19 6e 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb bf 0f 1f 44 00 00 f3 0f 1e fa 80 3d 45 f0 0d 00 00 74 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 4c c3 0f 1f 00 55 48 89 e5 48 83 ec 20 89 55
All code
========
   0:	15 19 6e 0d 00       	adc    $0xd6e19,%eax
   5:	f7 d8                	neg    %eax
   7:	64 89 02             	mov    %eax,%fs:(%rdx)
   a:	b8 ff ff ff ff       	mov    $0xffffffff,%eax
   f:	eb bf                	jmp    0xffffffffffffffd0
  11:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  16:	f3 0f 1e fa          	endbr64
  1a:	80 3d 45 f0 0d 00 00 	cmpb   $0x0,0xdf045(%rip)        # 0xdf066
  21:	74 13                	je     0x36
  23:	b8 2e 00 00 00       	mov    $0x2e,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 4c                	ja     0x7e
  32:	c3                   	ret
  33:	0f 1f 00             	nopl   (%rax)
  36:	55                   	push   %rbp
  37:	48 89 e5             	mov    %rsp,%rbp
  3a:	48 83 ec 20          	sub    $0x20,%rsp
  3e:	89                   	.byte 0x89
  3f:	55                   	push   %rbp

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 4c                	ja     0x54
   8:	c3                   	ret
   9:	0f 1f 00             	nopl   (%rax)
   c:	55                   	push   %rbp
   d:	48 89 e5             	mov    %rsp,%rbp
  10:	48 83 ec 20          	sub    $0x20,%rsp
  14:	89                   	.byte 0x89
  15:	55                   	push   %rbp
kernel: RSP: 002b:00007ffc08ba32d8 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
kernel: RAX: ffffffffffffffda RBX: 00005fff600ab480 RCX: 000075972092c004
kernel: RDX: 0000000000000000 RSI: 00007ffc08ba3340 RDI: 0000000000000005
kernel: RBP: 0000000066eea9e8 R08: 0000000000000010 R09: 0000000000000000
kernel: R10: 00005fff74839920 R11: 0000000000000202 R12: 00007ffc08ba3340
kernel: R13: 00005fff600ab480 R14: 00005fff600841fa R15: 00007ffc08bb3658
kernel:  </TASK>
----------------------------------------------------------------------------------------------------------------------------------------------------

View attachment ".config" of type "text/plain" (293226 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ