mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/kernel/locking
History
Peter Zijlstra 1301467cbe lockdep: Fix block chain corruption 
[ Upstream commit bca4104b00 ]

Kent reported an occasional KASAN splat in lockdep. Mark then noted:

> I suspect the dodgy access is to chain_block_buckets[-1], which hits the last 4
> bytes of the redzone and gets (incorrectly/misleadingly) attributed to
> nr_large_chain_blocks.

That would mean @size == 0, at which point size_to_bucket() returns -1
and the above happens.

alloc_chain_hlocks() has 'size - req', for the first with the
precondition 'size >= rq', which allows the 0.

This code is trying to split a block, del_chain_block() takes what we
need, and add_chain_block() puts back the remainder, except in the
above case the remainder is 0 sized and things go sideways.

Fixes: 810507fe6f ("locking/lockdep: Reuse freed chain_hlocks entries")
Reported-by: Kent Overstreet <kent.overstreet@linux.dev>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Kent Overstreet <kent.overstreet@linux.dev>
Link: https://lkml.kernel.org/r/20231121114126.GH8262@noisy.programming.kicks-ass.net
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-12-08 08:46:09 +01:00
..
Makefile
lock_events.c
lock_events.h
lock_events_list.h
lockdep.c lockdep: Fix block chain corruption 2023-12-08 08:46:09 +01:00
lockdep_internals.h lockdep: Allow tuning tracing capacity constants. 2022-08-21 15:15:27 +02:00
lockdep_proc.c locking/lockdep: Iterate lock_classes directly when reading lockdep files 2022-04-08 14:40:32 +02:00
lockdep_states.h
locktorture.c
mcs_spinlock.h
mutex-debug.c locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal 2021-05-26 12:06:50 +02:00
mutex-debug.h locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal 2021-05-26 12:06:50 +02:00
mutex.c locking/mutex: Fix HANDOFF condition 2021-09-15 09:50:23 +02:00
mutex.h locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal 2021-05-26 12:06:50 +02:00
osq_lock.c
percpu-rwsem.c
qrwlock.c locking/qrwlock: Fix ordering in queued_write_lock_slowpath() 2021-04-28 13:40:00 +02:00
qspinlock.c
qspinlock_paravirt.h
qspinlock_stat.h
rtmutex-debug.c
rtmutex-debug.h
rtmutex.c kernel: delete repeated words in comments 2022-02-01 17:25:45 +01:00
rtmutex.h
rtmutex_common.h
rwsem.c kernel: delete repeated words in comments 2022-02-01 17:25:45 +01:00
rwsem.h
semaphore.c kernel: delete repeated words in comments 2022-02-01 17:25:45 +01:00
spinlock.c
spinlock_debug.c
test-ww_mutex.c locking/ww_mutex/test: Fix potential workqueue corruption 2023-11-28 16:54:49 +00:00