Since syzkaller continues various test cases until the kernel crashes, syzkaller tends to examine more locking dependencies than normal systems. As a result, syzbot is reporting that the fuzz testing was terminated due to hitting upper limits lockdep can track [1] [2] [3].
Like CONFIG_LOCKDEP_SMALL which halves the upper limits, let's introduce CONFIG_LOCKDEP_LARGE which doubles the upper limits. [1] https://syzkaller.appspot.com/bug?id=3d97ba93fb3566000c1c59691ea427370d33ea1b [2] https://syzkaller.appspot.com/bug?id=381cb436fe60dc03d7fd2a092b46d7f09542a72a [3] https://syzkaller.appspot.com/bug?id=a588183ac34c1437fc0785e8f220e88282e5a29f Reported-by: syzbot <syzbot+cd0ec5211ac07c18c...@syzkaller.appspotmail.com> Reported-by: syzbot <syzbot+91fd909b6e62ebe06...@syzkaller.appspotmail.com> Reported-by: syzbot <syzbot+62ebe501c1ce9a91f...@syzkaller.appspotmail.com> Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp> --- kernel/locking/lockdep.c | 4 ++++ kernel/locking/lockdep_internals.h | 5 +++++ lib/Kconfig.debug | 8 ++++++++ 3 files changed, 17 insertions(+) diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c index 29a8de4..85ba7eb 100644 --- a/kernel/locking/lockdep.c +++ b/kernel/locking/lockdep.c @@ -1349,7 +1349,11 @@ static int add_lock_to_list(struct lock_class *this, /* * For good efficiency of modular, we use power of 2 */ +#ifdef CONFIG_LOCKDEP_LARGE +#define MAX_CIRCULAR_QUEUE_SIZE 8192UL +#else #define MAX_CIRCULAR_QUEUE_SIZE 4096UL +#endif #define CQ_MASK (MAX_CIRCULAR_QUEUE_SIZE-1) /* diff --git a/kernel/locking/lockdep_internals.h b/kernel/locking/lockdep_internals.h index baca699..00a3ec3 100644 --- a/kernel/locking/lockdep_internals.h +++ b/kernel/locking/lockdep_internals.h @@ -93,6 +93,11 @@ enum { #define MAX_LOCKDEP_CHAINS_BITS 15 #define MAX_STACK_TRACE_ENTRIES 262144UL #define STACK_TRACE_HASH_SIZE 8192 +#elif defined(CONFIG_LOCKDEP_LARGE) +#define MAX_LOCKDEP_ENTRIES 65536UL +#define MAX_LOCKDEP_CHAINS_BITS 17 +#define MAX_STACK_TRACE_ENTRIES 1048576UL +#define STACK_TRACE_HASH_SIZE 32768 #else #define MAX_LOCKDEP_ENTRIES 32768UL diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 9ad9210..69ba624 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -1266,6 +1266,14 @@ config LOCKDEP config LOCKDEP_SMALL bool +config LOCKDEP_LARGE + bool "Use larger buffer for tracking more locking dependencies" + depends on LOCKDEP && !LOCKDEP_SMALL + help + If you say Y here, the upper limits the lock dependency engine uses will + be doubled. Useful for fuzz testing which tends to test many complecated + dependencies than normal systems. + config DEBUG_LOCKDEP bool "Lock dependency engine debugging" depends on DEBUG_KERNEL && LOCKDEP -- 1.8.3.1
