Re: [syzbot] INFO: rcu detected stall in syscall_exit_to_user_mode (2)

From: Hillf Danton
Date: Fri Mar 08 2024 - 07:10:03 EST

Next message: Maciej W. Rozycki: "Re: [PATCH v2 7/7] sparc32: Fix section mismatch in leon_pci_grpci"
Previous message: Andy Shevchenko: "Re: [PATCH v1 1/1] PCI: dwc: Remove unused of_gpio.h"
In reply to: syzbot: "Re: [syzbot] [usb] INFO: rcu detected stall in syscall_exit_to_user_mode (2)"
Next in thread: syzbot: "Re: [syzbot] [usb] INFO: rcu detected stall in syscall_exit_to_user_mode (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 25 Dec 2022 17:42:37 -0800
> syzbot has found a reproducer for the following issue on:
>
> HEAD commit: 72a85e2b0a1e Merge tag 'spi-fix-v6.2-rc1' of git://git.ker..
> git tree: upstream
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12569d7f880000

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master

--- x/drivers/media/rc/imon.c
+++ y/drivers/media/rc/imon.c
@@ -1758,6 +1758,7 @@ static void usb_rx_callback_intf0(struct

switch (urb->status) {
case -ENOENT: /* usbcore unlink successful! */
+ case -EPROTO:
return;

case -ESHUTDOWN: /* transport endpoint was shut down */
--- x/net/batman-adv/network-coding.c
+++ y/net/batman-adv/network-coding.c
@@ -397,6 +397,7 @@ static void batadv_nc_purge_orig_hash(st
struct hlist_head *head;
struct batadv_orig_node *orig_node;
u32 i;
+ int loop = 0;

if (!hash)
return;
@@ -406,9 +407,14 @@ static void batadv_nc_purge_orig_hash(st
head = &hash->table[i];

rcu_read_lock();
- hlist_for_each_entry_rcu(orig_node, head, hash_entry)
+ hlist_for_each_entry_rcu(orig_node, head, hash_entry) {
batadv_nc_purge_orig(bat_priv, orig_node,
batadv_nc_to_purge_nc_node);
+ if (++loop > 20) {
+ rcu_read_unlock();
+ return;
+ }
+ }
rcu_read_unlock();
}
}
@@ -433,6 +439,7 @@ static void batadv_nc_purge_paths(struct
struct batadv_nc_path *nc_path;
spinlock_t *lock; /* Protects lists in hash */
u32 i;
+ int loop = 0;

for (i = 0; i < hash->size; i++) {
head = &hash->table[i];
@@ -441,6 +448,10 @@ static void batadv_nc_purge_paths(struct
/* For each nc_path in this bin */
spin_lock_bh(lock);
hlist_for_each_entry_safe(nc_path, node_tmp, head, hash_entry) {
+ if (++loop > 20) {
+ spin_unlock_bh(lock);
+ return;
+ }
/* if an helper function has been passed as parameter,
* ask it if the entry has to be purged or not
*/
@@ -675,6 +686,7 @@ batadv_nc_process_nc_paths(struct batadv
struct batadv_nc_path *nc_path;
bool ret;
int i;
+ int loop = 0;

if (!hash)
return;
@@ -686,6 +698,10 @@ batadv_nc_process_nc_paths(struct batadv
/* Loop coding paths */
rcu_read_lock();
hlist_for_each_entry_rcu(nc_path, head, hash_entry) {
+ if (++loop > 20) {
+ rcu_read_unlock();
+ return;
+ }
/* Loop packets */
spin_lock_bh(&nc_path->packet_list_lock);
list_for_each_entry_safe(nc_packet, nc_packet_tmp,
--

Next message: Maciej W. Rozycki: "Re: [PATCH v2 7/7] sparc32: Fix section mismatch in leon_pci_grpci"
Previous message: Andy Shevchenko: "Re: [PATCH v1 1/1] PCI: dwc: Remove unused of_gpio.h"
In reply to: syzbot: "Re: [syzbot] [usb] INFO: rcu detected stall in syscall_exit_to_user_mode (2)"
Next in thread: syzbot: "Re: [syzbot] [usb] INFO: rcu detected stall in syscall_exit_to_user_mode (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]