Re: [syzbot] [syzbot] [kernel?] inconsistent lock state in sock_hash_delete_elem

From: Thomas Gleixner
Date: Sat Apr 13 2024 - 07:10:32 EST


On Sun, Mar 31 2024 at 23:46, syzbot wrote:
> For archival purposes, forwarding an incoming command email to
> linux-kernel@xxxxxxxxxxxxxxx.
>
> ***
>
> Subject: [syzbot] [kernel?] inconsistent lock state in sock_hash_delete_elem
> Author: lizhi.xu@xxxxxxxxxxxxx
>
> #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git fe46a7dd189e
>
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index d44efa0d0611..07a3c1d2c2d8 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -5676,7 +5676,7 @@ void scheduler_tick(void)
>
> sched_clock_tick();
>
> - rq_lock(rq, &rf);
> + rq_lock_irqsave(rq, &rf);

That's just wrong. scheduler_tick() is invoked from hard interrupt
context with interrupts disabled.

> update_rq_clock(rq);
> thermal_pressure = arch_scale_thermal_pressure(cpu_of(rq));
> @@ -5688,7 +5688,7 @@ void scheduler_tick(void)
> sched_core_tick(rq);
> task_tick_mm_cid(rq, curr);
>
> - rq_unlock(rq, &rf);
> + rq_unlock_irqrestore(rq, &rf);
>
> if (sched_feat(LATENCY_WARN) && resched_latency)
> resched_latency_warn(cpu, resched_latency);