From: ssrane_b23@ee.vjti.ac.in
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org,
syzbot+c530b4d95ec5cd4f33a7@syzkaller.appspotmail.com,
Shaurya Rane <ssrane_b23@ee.vjti.ac.in>
Subject: [PATCH] trace/ring_buffer: Fix locking order in ring_buffer_map()
Date: Sun, 5 Oct 2025 19:46:36 +0530 [thread overview]
Message-ID: <20251005141636.12405-2-ssranevjti@gmail.com> (raw)
In-Reply-To: <20251005141636.12405-1-ssranevjti@gmail.com>
From: Shaurya Rane <ssrane_b23@ee.vjti.ac.in>
The kernel's lockdep validator detected a circular locking dependency
in ring_buffer_map(). The function was acquiring the per-CPU
'cpu_buffer->mapping_lock' before the global 'buffer->mutex'.
This violates the established locking hierarchy where 'buffer->mutex'
should be acquired first, leading to a potential deadlock.
Fix this by reordering the mutex acquisition to lock 'buffer->mutex'
before 'cpu_buffer->mapping_lock', satisfying the lockdep requirements
and preventing the deadlock.
Reported-by: syzbot+c530b4d95ec5cd4f33a7@syzkaller.appspotmail.com
Signed-off-by: Shaurya Rane <ssrane_b23@ee.vjti.ac.in>
---
kernel/trace/ring_buffer.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c
index 43460949ad3f..82c3d5d2dcf6 100644
--- a/kernel/trace/ring_buffer.c
+++ b/kernel/trace/ring_buffer.c
@@ -7222,9 +7222,10 @@ int ring_buffer_map(struct trace_buffer *buffer, int cpu,
if (!cpumask_test_cpu(cpu, buffer->cpumask))
return -EINVAL;
-
+
cpu_buffer = buffer->buffers[cpu];
-
+
+ guard(mutex)(&buffer->mutex);
guard(mutex)(&cpu_buffer->mapping_lock);
if (cpu_buffer->user_mapped) {
--
2.34.1
next prev parent reply other threads:[~2025-10-05 14:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-29 21:46 [syzbot] [trace?] possible deadlock in ring_buffer_map syzbot
2025-09-29 23:09 ` Steven Rostedt
2025-10-05 14:16 ` ssrane_b23
2025-10-05 14:16 ` ssrane_b23 [this message]
2025-10-08 14:52 ` [PATCH] trace/ring_buffer: Fix locking order in ring_buffer_map() Steven Rostedt
2025-10-05 14:16 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251005141636.12405-2-ssranevjti@gmail.com \
--to=ssrane_b23@ee.vjti.ac.in \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mhiramat@kernel.org \
--cc=rostedt@goodmis.org \
--cc=syzbot+c530b4d95ec5cd4f33a7@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.