All of lore.kernel.org
 help / color / mirror / Atom feed
From: Petr Mladek <pmladek@suse.com>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>,
	syzbot <syzbot+e9f364d3b15ce41d8451@syzkaller.appspotmail.com>,
	Samuel Ortiz <sameo@linux.intel.com>,
	David Miller <davem@davemloft.net>,
	linux-wireless@vger.kernel.org, netdev <netdev@vger.kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Steven Rostedt <rostedt@goodmis.org>,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Subject: Re: INFO: rcu detected stall in llcp_sock_sendmsg
Date: Tue, 10 Jul 2018 12:55:51 +0200	[thread overview]
Message-ID: <20180710105551.ds6weeo7y7keekb5@pathway.suse.cz> (raw)
In-Reply-To: <6e2e4cfa-2cde-ec28-933d-1ee17c8b1da9@gmail.com>

On Mon 2018-07-09 14:05:08, Eric Dumazet wrote:
> 
> 
> On 07/09/2018 01:50 PM, Dmitry Vyukov wrote:
> > On Mon, Jul 9, 2018 at 10:34 PM, syzbot
> > <syzbot+e9f364d3b15ce41d8451@syzkaller.appspotmail.com> wrote:
> >> Hello,
> >>
> >> syzbot found the following crash on:
> >>
> >> HEAD commit:    1e4b044d2251 Linux 4.18-rc4
> >> git tree:       upstream
> >> console output: https://syzkaller.appspot.com/x/log.txt?x=1414c2c2400000
> >> kernel config:  https://syzkaller.appspot.com/x/.config?x=25856fac4e580aa7
> >> dashboard link: https://syzkaller.appspot.com/bug?extid=e9f364d3b15ce41d8451
> >> compiler:       gcc (GCC) 8.0.1 20180413 (experimental)
> >>
> >> Unfortunately, I don't have any reproducer for this crash yet.
> >>
> >> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> >> Reported-by: syzbot+e9f364d3b15ce41d8451@syzkaller.appspotmail.com
> > 
> > Looks like the problem is actually in nfc, so +nfc maintainers.
> 
> Note this issue was discussed before, maybe we should patch NFC without waiting for nfc maintainer.

Do you have any particular solution in mind, please? See below.

> ----------------------------------------------------
> 
> On 06/25/2018 10:12 PM, Sergey Senozhatsky wrote:
> > On (06/26/18 07:07), Dmitry Vyukov wrote:
> > [..]
> >>>  #include <net/nfc/nfc.h>
> >>> @@ -755,7 +756,8 @@ int nfc_llcp_send_ui_frame(struct nfc_llcp_sock *sock, u8 ssap, u8 dsap,
> >>>                 pdu = nfc_alloc_send_skb(sock->dev, &sock->sk, MSG_DONTWAIT,
> >>>                                          frag_len + LLCP_HEADER_SIZE, &err);
> >>>                 if (pdu == NULL) {
> >>> -                       pr_err("Could not allocate PDU\n");
> >>> +                       pr_err_ratelimited("Could not allocate PDU\n");
> >>> +                       cond_resched();
> >>>                         continue;
> >>>                 }
> >>
> >>
> >> But this thread is still in an infinite (unkillable?) loop? If yes, we
> >> are waiting for the next syzbot report 
> >
> > The loop is still infinite, correct, but we have a preemption point now.
> > Sure, net people can come with a much better solution, I'll be happy to
> > scratch my patch.
> >
> 
> This can not be the right solution, think about current thread being real time,
> cond_resched() might be a nop.
> 
> We should probably not loop at all, or not use MSG_DONTWAIT.

These two solutions look promising. But they both need to
get reviewed by someone familiar with the code.

On one hand, nfc_llcp_send_ui_frame() already returns some errors
before sending anything. But I am not sure how to deal with situation
when a fragment of the message has already been sent.

Best Regards,
Petr

      reply	other threads:[~2018-07-10 10:55 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-09 20:34 INFO: rcu detected stall in llcp_sock_sendmsg syzbot
2018-07-09 20:50 ` Dmitry Vyukov
2018-07-09 21:05   ` Eric Dumazet
2018-07-10 10:55     ` Petr Mladek [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180710105551.ds6weeo7y7keekb5@pathway.suse.cz \
    --to=pmladek@suse.com \
    --cc=davem@davemloft.net \
    --cc=dvyukov@google.com \
    --cc=eric.dumazet@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-wireless@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=rostedt@goodmis.org \
    --cc=sameo@linux.intel.com \
    --cc=sergey.senozhatsky@gmail.com \
    --cc=syzbot+e9f364d3b15ce41d8451@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.