Received: by 2002:ab2:1689:0:b0:1f7:5705:b850 with SMTP id d9csp1073994lqa; Sun, 28 Apr 2024 18:00:58 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXlkLzPOYYczf6v5nlmpjY+xPUtd0szXILyW+HiAiucyhqE0KV9NvEPOc4VmdKVWWFGN6AlFYWI3wS5nA9CsGvrr9WpURw+KOYOujJaeA== X-Google-Smtp-Source: AGHT+IFsv1+J3GaudFbWIgSmBDCfNI44pks90fhhtJI4s2MOjyV7y8uxVTqbgJuVrEiPojQWTA95 X-Received: by 2002:a05:6a20:748b:b0:1a7:5334:fbf3 with SMTP id p11-20020a056a20748b00b001a75334fbf3mr10924552pzd.55.1714352457706; Sun, 28 Apr 2024 18:00:57 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714352457; cv=pass; d=google.com; s=arc-20160816; b=AA9++xU0C5TFYqSA6ONbsgetXqcRFkTq0a3CbvmH8mmX+uDxmeYpKxuKnxG34q5lkd R6EoEo6JTVJ3h8OHuPTqzVIpp55bgkVA8Uf91+xOsRwcbbSA0dod+eGdG/jazScmhLbh L8CtbjAWAqCsQAnmw4GATLWScE/SihYX6Ajtv1e5nydLHL6InStx8M/gMeTUQ4uW32UH nhpg9CElZ2PsgrpXLq7V4k/C+r4DnjFlQnEWf/VTDow6ZEQlv/RwSzDuD8oVh5iIWHQF EQdJrl/JL2qdFNHBRqsqgUJLHCjZMw2a8/5YIKMe8OTVBxWjQJ67fZ4XJZwzA2tp4UiQ oiAA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id; bh=dl2LZ3Jdz/qpOKE/vNYAoXaotOFXq8NXw1XhEoNRqjE=; fh=3iINkpzy6TS0338JsB8c7IvyF/3n5IqEYcFcLBL7n24=; b=Od0A2tIcz1RYKMf8E6FzGrByobK+J19l2K2KO0XTt6eh4rBKI1h4AoUvYRA03WCPqs JyLBJP5ruzATGEsi/LrxrtjFoqkIfYs9AdbqdRKctP2lMpSf91GSSrYYowahusUsMKav Zf5ph0gDoRnoe0N+OZGJ7i8lEtEW22Y/GCqsHT+cPyZ01u2FNzDJ1MX5NDgLpzQCLn4y BllKRmjv5ezeL6WmTm+OrD8g0Wp0sJK8/jo3yHLVVZS6rQsNqoWLFgnfVkbKvXgjapnV FrOEGd/vtUyAvm1s5JlC/8nvgMyYXOHz2ord5W3ZdUB91x4vW5sq/6qnpQDKd7XF4Guu jQCg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=i-love.sakura.ne.jp); spf=pass (google.com: domain of linux-kernel+bounces-161658-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-161658-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id f21-20020a631015000000b005dc81a6b2absi18526321pgl.792.2024.04.28.18.00.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 28 Apr 2024 18:00:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-161658-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=i-love.sakura.ne.jp); spf=pass (google.com: domain of linux-kernel+bounces-161658-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-161658-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 4CF5428225A for ; Mon, 29 Apr 2024 01:00:57 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AF11F7FE; Mon, 29 Apr 2024 01:00:49 +0000 (UTC) Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1307C7F; Mon, 29 Apr 2024 01:00:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=202.181.97.72 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714352449; cv=none; b=X4Af5mfsvkB7+hex8yWlpViM2LZ4dMqrNd6ui3TpYdG1R8RSus68fYe/3CIrXkEAaCWolOWkD9mQxcLbMb1g+0JZGGvUrZQqEQXz1cnVqLcW6ijIqVKIdcFxguG20SKzxPTXVMNJlFYrKSUTHUtoF4sJ/3obPaDh/ylzdnoKkOw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714352449; c=relaxed/simple; bh=etxDARaiQCIvJBPFCwe6H3mQwF1npXNEqvXf+0RiTUU=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=gSuzgBodDpFgm1eVdN8hhcyLCiDlhbwaUvoqs4n80Jud3JvyMWf1Uzy3SWK0bBUXL0NAu1GwzRV6jkx6nJJZBU3WVV8BKitP+OFh+9S8lcKjEPH8kFCEIpvCigfjnlEy4sl07bE6LLsm6b17Mk5ka6JziU+YB8NB98Hmwy0HdJQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=I-love.SAKURA.ne.jp; spf=pass smtp.mailfrom=I-love.SAKURA.ne.jp; arc=none smtp.client-ip=202.181.97.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=I-love.SAKURA.ne.jp Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=I-love.SAKURA.ne.jp Received: from fsav311.sakura.ne.jp (fsav311.sakura.ne.jp [153.120.85.142]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 43T10VjC039860; Mon, 29 Apr 2024 10:00:31 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav311.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav311.sakura.ne.jp); Mon, 29 Apr 2024 10:00:31 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav311.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 43T10VJT039857 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Mon, 29 Apr 2024 10:00:31 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: Date: Mon, 29 Apr 2024 10:00:30 +0900 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [syzbot] [bpf?] [trace?] possible deadlock in force_sig_info_to_task To: Linus Torvalds , Hillf Danton Cc: syzbot , andrii@kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com References: <0000000000009dfa6d0617197994@google.com> <20240427231321.3978-1-hdanton@sina.com> <20240428232302.4035-1-hdanton@sina.com> Content-Language: en-US From: Tetsuo Handa In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 2024/04/29 9:50, Linus Torvalds wrote: > On Sun, 28 Apr 2024 at 16:23, Hillf Danton wrote: >> >> So is game like copying from/putting to user with runqueue locked >> at the first place. > > No, that should be perfectly fine. In fact, it's even normal. It would > happen any time you have any kind of tracing thing, where looking up > the user mode frame involves doing user accesses with page faults > disabled. > > The runqueue lock is irrelevant. As mentioned, it's only a symptom of > something else going wrong. > > Now, judging by the syz reproducer, the trigger for this all is almost > certainly that > > bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, > &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) > > and that probably causes the instability. But the immediate problem is > not the user space access, it's that something goes horribly wrong > *around* it. I can't recall title of the commit, but I feel that things went very wrong after a commit that allows running tracing function upon lock contention (run code when e.g. a spinlock could not be taken) was introduced. That commit is forming random locking dependency, resulting in flood of lockdep warnings. > >> Plus as per another syzbot report [1], bpf could make trouble with >> workqueue pool locked. > > That seems to be entirely different. There's no unexplained page fault > in that case, that seems to be purely a "take lock in the wrong order" > > Linus