On Thu, Jan 16, 2025 at 03:03:56PM +0100, Uladzislau Rezki wrote: > Hello, Cheung Wall! > > > > > I am writing to report a potential vulnerability identified in the > > Linux Kernel version v6.12-rc4. This vulnerability was discovered > > while i was testing the kernel. > > > > Linux Kernel Repository Git Commit: > > 42f7652d3eb527d03665b09edac47f85fb600924 (tag: v6.12-rc4) > > > > Bug Location: 0010:rcu_sr_normal_complete+0xd0/0x110 kernel/rcu/tree.c:1638 > > > > Bug report: https://pastebin.com/kuJ7wnPe > > > > Entire Log: https://pastebin.com/fT42ya0T > > > > Thank you for your time and attention. > > > Do you have a reproducer of this splat? > The reproducer is below: for (( i=0; i<$LOOPS; i++ )); do tools/testing/selftests/rcutorture/bin/kvm.sh --allcpus --configs \ '16*TREE05' --memory 10G --bootargs 'rcutorture.fwd_progress=1' \ --kconfig "CONFIG_NR_CPUS=4" echo "Done $i" done Please note, it also requires to modify TREE05: +# This part is for synchronize_rcu() testing +rcutorture.nfakewriters=-1 +rcutorture.gp_sync=1 +rcupdate.rcu_normal=1 +rcutree.rcu_normal_wake_from_gp=1 and: diff --git a/kernel/rcu/rcutorture.c b/kernel/rcu/rcutorture.c index d26fb1d33ed9..6bc161e1e8ac 100644 --- a/kernel/rcu/rcutorture.c +++ b/kernel/rcu/rcutorture.c @@ -4050,6 +4050,10 @@ rcu_torture_init(void) writer_task); if (torture_init_error(firsterr)) goto unwind; + + if (nfakewriters < 0) + nfakewriters = (int) num_possible_cpus(); + if (nfakewriters > 0) { fakewriter_tasks = kcalloc(nfakewriters, sizeof(fakewriter_tasks[0]), -- Uladzislau Rezki
