Re: [syzbot] [kernel?] possible deadlock in binder_alloc_free_page

From: Hillf Danton
Date: Sat Jan 11 2025 - 20:49:26 EST

Next message: Ping-Ke Shih: "Re: [PATCH v3] wifi: rtw89: Correct immediate cfg_len calculation for scan_offload_be"
Previous message: linux: "[PATCH] kdb: Remove unused flags stack"
In reply to: syzbot: "Re: [syzbot] [kernel?] possible deadlock in binder_alloc_free_page"
Next in thread: syzbot: "Re: [syzbot] [kernel?] possible deadlock in binder_alloc_free_page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 11 Jan 2025 02:30:22 -0800
> syzbot found the following issue on:
>
> HEAD commit: 7b4b9bf203da Add linux-next specific files for 20250107
> git tree: linux-next
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10302dc4580000

#syz test

--- x/drivers/android/binder_alloc.c
+++ y/drivers/android/binder_alloc.c
@@ -1245,10 +1245,12 @@ void binder_alloc_init(struct binder_all
INIT_LIST_HEAD(&alloc->buffers);
}

+static struct lock_class_key key;
int binder_alloc_shrinker_init(void)
{
int ret;

+ binder_freelist.key = &key;
ret = list_lru_init(&binder_freelist);
if (ret)
return ret;
--- x/fs/debugfs/file.c
+++ y/fs/debugfs/file.c
@@ -87,9 +87,6 @@ static int __debugfs_file_get(struct den
if (!((unsigned long)d_fsd & DEBUGFS_FSDATA_IS_REAL_FOPS_BIT)) {
fsd = d_fsd;
} else {
- if (WARN_ON(mode == DBGFS_GET_ALREADY))
- return -EINVAL;
-
fsd = kmalloc(sizeof(*fsd), GFP_KERNEL);
if (!fsd)
return -ENOMEM;
--

Next message: Ping-Ke Shih: "Re: [PATCH v3] wifi: rtw89: Correct immediate cfg_len calculation for scan_offload_be"
Previous message: linux: "[PATCH] kdb: Remove unused flags stack"
In reply to: syzbot: "Re: [syzbot] [kernel?] possible deadlock in binder_alloc_free_page"
Next in thread: syzbot: "Re: [syzbot] [kernel?] possible deadlock in binder_alloc_free_page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]