Re: [PATCH v2] kasan: remove kasan_find_vm_area() to prevent possible deadlock
From: Andrey Konovalov
Date: Thu Jul 03 2025 - 15:05:41 EST
On Thu, Jul 3, 2025 at 8:55 PM Yeoreum Yun <yeoreum.yun@xxxxxxx> wrote:
>
> Hi Andrey,
>
> > >
> > > find_vm_area() couldn't be called in atomic_context.
> > > If find_vm_area() is called to reports vm area information,
> > > kasan can trigger deadlock like:
> > >
> > > CPU0 CPU1
> > > vmalloc();
> > > alloc_vmap_area();
> > > spin_lock(&vn->busy.lock)
> > > spin_lock_bh(&some_lock);
> > > <interrupt occurs>
> > > <in softirq>
> > > spin_lock(&some_lock);
> > > <access invalid address>
> > > kasan_report();
> > > print_report();
> > > print_address_description();
> > > kasan_find_vm_area();
> > > find_vm_area();
> > > spin_lock(&vn->busy.lock) // deadlock!
> > >
> > > To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().
> >
> > Can we keep it for when we are in_task()?
>
> We couldn't do. since when kasan_find_vm_area() is called,
> the report_lock is grabbed with irq disabled.
>
> Please check discuss with Andrey Ryabinin:
> https://lore.kernel.org/all/4599f645-f79c-4cce-b686-494428bb9e2a@xxxxxxxxx/
That was about checking for !in_interrupt(), but I believe checking
for in_task() is different? But I'm not an expert on these checks.