Message ID | 20220901122129.GA493609@francesco-nb.int.toradex.com (mailing list archive) |
---|---|
State | RFC |
Headers | show |
Series | possible circular locking in kernfs_remove_by_name_ns/devinet_ioctl linux 6.0-rc3 | expand |
Context | Check | Description |
---|---|---|
netdev/tree_selection | success | Not a local patch |
On Thu, Sep 01, 2022 at 02:21:29PM +0200, Francesco Dolcini wrote: > [ 21.629186] ====================================================== > [ 21.635418] WARNING: possible circular locking dependency detected > [ 21.641646] 6.0.0-rc3 #7 Not tainted > [ 21.645256] ------------------------------------------------------ > [ 21.651480] connmand/542 is trying to acquire lock: > [ 21.656399] c2ce1d70 (kn->active#9){++++}-{0:0}, at: kernfs_remove_by_name_ns+0x50/0xa0 > [ 21.664516] > but task is already holding lock: > [ 21.670394] c17af6e0 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0xc8/0x870 > [ 21.677441] > which lock already depends on the new lock. ... > [ 21.945318] Chain exists of: > kn->active#9 --> udc_lock --> rtnl_mutex > > [ 21.954902] Possible unsafe locking scenario: > > [ 21.960865] CPU0 CPU1 > [ 21.965430] ---- ---- > [ 21.969994] lock(rtnl_mutex); > [ 21.973174] lock(udc_lock); > [ 21.978709] lock(rtnl_mutex); > [ 21.984419] lock(kn->active#9); > [ 21.987779] > *** DEADLOCK *** > > [ 21.993745] 1 lock held by connmand/542: > [ 21.997704] #0: c17af6e0 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0xc8/0x870 > [ 22.005191] ... > I have not tried to bisect this yet, just probing if someone has already > some idea on this. Commit 2191c00855b0 ("USB: gadget: Fix use-after-free Read in usb_udc_uevent()") introduced this, see https://lore.kernel.org/all/20220901192204.GA2268599@francesco-nb.int.toradex.com/ Francesco
--- original 2022-09-01 14:13:12.334642373 +0200 +++ new 2022-09-01 14:12:46.799096809 +0200 @@ -1 +1 @@ -CONFIG_KERNEL_LZO=y +CONFIG_KERNEL_LZ4=y @@ -18,5 +17,0 @@ -CONFIG_SOC_IMX31=y -CONFIG_SOC_IMX35=y -CONFIG_SOC_IMX50=y -CONFIG_SOC_IMX51=y -CONFIG_SOC_IMX53=y @@ -24,3 +18,0 @@ -CONFIG_SOC_IMX6SL=y -CONFIG_SOC_IMX6SLL=y -CONFIG_SOC_IMX6SX=y @@ -29,2 +20,0 @@ -CONFIG_SOC_IMX7ULP=y -CONFIG_SOC_VF610=y @@ -36 +25,0 @@ -CONFIG_KEXEC=y @@ -58,0 +48 @@ +# CONFIG_SWAP is not set @@ -67,0 +58,2 @@ +CONFIG_CAN_FLEXCAN=y +CONFIG_CAN_MCP251X=m @@ -71,0 +64,2 @@ +CONFIG_BT_MRVL=m +CONFIG_BT_MRVL_SDIO=m @@ -101 +94,0 @@ -CONFIG_MTD_NAND_VF610_NFC=y @@ -103 +95,0 @@ -CONFIG_MTD_SPI_NOR=y @@ -121 +112,0 @@ -CONFIG_PATA_IMX=y @@ -138 +128,0 @@ -CONFIG_CAN_FLEXCAN=y @@ -200,0 +191 @@ +CONFIG_SPI_MEM=y @@ -204,5 +195 @@ -CONFIG_SPI_FSL_DSPI=y -CONFIG_PINCTRL_IMX8MM=y -CONFIG_PINCTRL_IMX8MN=y -CONFIG_PINCTRL_IMX8MP=y -CONFIG_PINCTRL_IMX8MQ=y +CONFIG_SPI_SPIDEV=y @@ -240,0 +228 @@ +CONFIG_REGULATOR=y @@ -252,3 +239,0 @@ -CONFIG_RC_CORE=y -CONFIG_RC_DEVICES=y -CONFIG_IR_GPIO_CIR=y @@ -269 +253,0 @@ -CONFIG_DRM_MSM=y @@ -273,0 +258 @@ +CONFIG_DRM_SIMPLE_BRIDGE=y @@ -391,5 +376 @@ -CONFIG_CLK_IMX8MM=y -CONFIG_CLK_IMX8MN=y -CONFIG_CLK_IMX8MP=y -CONFIG_CLK_IMX8MQ=y -CONFIG_SOC_IMX8M=y +CONFIG_EXTCON_USB_GPIO=y @@ -410 +390,0 @@ -CONFIG_NVMEM_VF610_OCOTP=y @@ -417 +397 @@ -CONFIG_EXT2_FS=y +CONFIG_EXT2_FS=m @@ -421 +401 @@ -CONFIG_EXT3_FS=y +CONFIG_EXT3_FS=m @@ -423,0 +404 @@ +CONFIG_EXT4_FS=y @@ -428 +409 @@ -CONFIG_FUSE_FS=y +CONFIG_FUSE_FS=m @@ -434,0 +416 @@ +CONFIG_NTFS3_FS=m @@ -436 +418 @@ -CONFIG_JFFS2_FS=y +CONFIG_JFFS2_FS=m @@ -457 +439,3 @@ -CONFIG_CMA_SIZE_MBYTES=64 +CONFIG_CMA_SIZE_MBYTES=256 +CONFIG_CMA_SIZE_PERCENTAGE=50 +CONFIG_CMA_SIZE_SEL_MIN=y @@ -461,0 +446 @@ +CONFIG_DYNAMIC_DEBUG=y