possible deadlock in console_lock_spinning_enable

0 views
Skip to first unread message

Rani Irawan

unread,
4:40 AM (15 hours ago) 4:40 AM
to syzk...@googlegroups.com, pet...@infradead.org, mi...@redhat.com, ac...@kernel.org, namh...@kernel.org, mark.r...@arm.com, alexander...@linux.intel.com, jo...@kernel.org, iro...@google.com, adrian...@intel.com, james...@linaro.org, linux-pe...@vger.kernel.org, linux-...@vger.kernel.org

Dear Linux maintainers and Syzkaller team,


We would like to report a bug found by our modified Syzkaller. This bug involves perf_event_open(), which triggers an Intel PMU event, causing an unchecked MSR access and a lockdep circular locking warning. The first visible error is:


unchecked MSR access error: WRMSR to 0x186

tried to write 0x00000001045106fb

intel_pmu_enable_event+0xd37/0x12a0 arch/x86/events/intel/core.c:3309


After that, printk emits the MSR warning while perf is still holding &ctx->lock, so lockdep reports:


WARNING: possible circular locking dependency detected

possible deadlock in console_lock_spinning_enable


Linux kernel commit: 4edcdefd4083ae04b1a5656f4be6cd83ae919ef4 (7.1.0-14063-g4edcdefd4083).


Attached to this email:

  1. Kernel config
  2. Syzkaller report
  3. Repro program (in .c and .txt)


This is the command used to run the repro (please change “/path-to” to the actual path):

On one terminal:

  • gcc -Wall -static -pthread repro-9c8.c -o repro-9c8
  • KERNEL=/path-to/linux
  • IMAGE=/path-to/image/bullseye.img
  • SSHKEY=/path-to/image/bullseye.id_rsa
  • PORT=10021
  • qemu-system-x86_64 \
      -m 8192 \
      -smp 2 \
      -cpu host,migratable=off,pmu=on \
      -enable-kvm \
      -kernel $KERNEL/arch/x86/boot/bzImage \
      -append "console=ttyS0 root=/dev/sda earlyprintk=serial net.ifnames=0 nokaslr oops=panic panic_on_warn=1 panic=86400 enforcing=0 selinux=0" \
      -drive file=$IMAGE/bullseye.img,format=raw \
      -net user,host=10.0.2.10,hostfwd=tcp:127.0.0.1:$PORT-:22 \
      -net nic,model=e1000 \
      -nographic \
      2>&1 | tee /path-to/repro-9c8-vm.log

On another terminal (set the $SSHKEY, $PORT):

  • scp -P "$PORT" \
      -i "$SSHKEY" \
      -o StrictHostKeyChecking=no \
      -o UserKnownHostsFile=/dev/null \
      /path-to/repro-9c8 \
      ro...@127.0.0.1:/root/repro-9c8
  • ssh -p "$PORT" \
      -i "$SSHKEY" \
      -o StrictHostKeyChecking=no \
      -o UserKnownHostsFile=/dev/null \
      ro...@127.0.0.1 \
      'chmod +x /root/repro-9c8 && sysctl -w kernel.perf_event_paranoid=-1 || true; /root/repro-9c8'


Please let me know if any additional information is needed.

Thank you and have a good day!


Best,

Rani


config-report
report0
repro-9c8.c
repro-9c8.txt
Reply all
Reply to author
Forward
0 new messages