From: Alexandr Nedvedicky <sashan@fastmail.net>
Subject: Re: syzkaller dt ioctl record race
To: Alexander Bluhm <bluhm@openbsd.org>
Cc: tech@openbsd.org
Date: Thu, 31 Jul 2025 10:22:17 +0200

Hello,

On Thu, Jul 31, 2025 at 01:12:01AM +0200, Alexander Bluhm wrote:
> Hi,
> 
> syzkaller finds a crash in dt_ioctl_record_stop().
> https://syzkaller.appspot.com/bug?extid=34f860f29dc941cfb548
> 
> Note that this also happens on single processor kernel.  The code
> is protected by kernel lock.  But that means there should be no
> sleeps as they release the kernel lock.  rw_enter_write(&dt_lock)
> may sleep which breaks the locking assumptions.
> 
> So move the rw_enter_write() at the beginning.  This gives the
> benefit that more variables are locked by this.
> 
> ok?
> 

    The diff and clarification look good to me.

OK sashan