Mailing List Archive

From:: Alexandr Nedvedicky <sashan@fastmail.net>
Subject:: Re: syzkaller dt ioctl record race
To:: Alexander Bluhm <bluhm@openbsd.org>
Cc:: tech@openbsd.org
Date:: Thu, 31 Jul 2025 10:22:17 +0200

Download raw body.

Thread

2025-07-30 23:12 Alexander Bluhm:
syzkaller dt ioctl record race
- 2025-07-31 08:22 Alexandr Nedvedicky:
  syzkaller dt ioctl record race

Hello,

On Thu, Jul 31, 2025 at 01:12:01AM +0200, Alexander Bluhm wrote:
> Hi,
> 
> syzkaller finds a crash in dt_ioctl_record_stop().
> https://syzkaller.appspot.com/bug?extid=34f860f29dc941cfb548
> 
> Note that this also happens on single processor kernel.  The code
> is protected by kernel lock.  But that means there should be no
> sleeps as they release the kernel lock.  rw_enter_write(&dt_lock)
> may sleep which breaks the locking assumptions.
> 
> So move the rw_enter_write() at the beginning.  This gives the
> benefit that more variables are locked by this.
> 
> ok?
> 

    The diff and clarification look good to me.

OK sashan

2025-07-30 23:12 Alexander Bluhm:
syzkaller dt ioctl record race
- 2025-07-31 08:22 Alexandr Nedvedicky:
  syzkaller dt ioctl record race