Re: [PATCH] char: misc: make misc_open() and misc_register() killable
From: Tetsuo Handa
Date: Tue Jul 05 2022 - 10:10:41 EST
On 2022/07/05 14:21, Tetsuo Handa wrote:
> Possible locations where snapshot_open() might sleep with system_transition_mutex held are
> pm_notifier_call_chain_robust()/wait_for_device_probe()/create_basic_memory_bitmaps().
> But I think we can exclude pm_notifier_call_chain_robust() because lockdep does not report
> that that process is holding "struct blocking_notifier_head"->rwsem. I suspect that
> that process is sleeping at wait_for_device_probe(), for it waits for probe operations.
>
> ----------------------------------------
> void wait_for_device_probe(void)
> {
> /* wait for the deferred probe workqueue to finish */
> flush_work(&deferred_probe_work);
>
> /* wait for the known devices to complete their probing */
> wait_event(probe_waitqueue, atomic_read(&probe_count) == 0);
> async_synchronize_full();
> }
> ----------------------------------------
syzbot confirmed that snapshot_open() is unable to proceed due to
atomic_read(&probe_count) == 2 for 145 seconds.
----------------------------------------
[ 86.794300][ T4209] Held system_transition_mutex.
[ 86.821486][ T4209] Calling wait_for_device_probe()
[ 86.841374][ T4209] Calling flush_work(&deferred_probe_work)
[ 86.867398][ T4209] Calling wait_event(probe_waitqueue)
[ 87.966188][ T4209] Calling probe_count=2
(...snipped...)
[ 233.554473][ T4209] Calling probe_count=2
[ 234.444800][ T28] INFO: task syz-executor.4:4146 blocked for more than 143 seconds.
----------------------------------------
Apart from whether we should fuzz snapshot code or not,
there seems to be a bug that causes wait_for_device_probe() to hung.
On 2022/07/05 22:44, syzbot wrote:
> Tested on:
>
> commit: c1084b6c Merge tag 'soc-fixes-5.19-2' of git://git.ker..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=156cc410080000
> kernel config: https://syzkaller.appspot.com/x/.config?x=66f70cacb0085db4
> dashboard link: https://syzkaller.appspot.com/bug?extid=358c9ab4c93da7b7238c
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> patch: https://syzkaller.appspot.com/x/patch.diff?x=11ae4834080000