[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 5 May 2020 15:00:34 -0400
From: Qian Cai <cai@....pw>
To: "Paul E. McKenney" <paulmck@...nel.org>
Cc: Al Viro <viro@...IV.linux.org.uk>,
LKML <linux-kernel@...r.kernel.org>,
linux-fsdevel@...r.kernel.org
Subject: Re: splice() rcu_sched self-detected stall on CPU
> On May 5, 2020, at 2:57 PM, Paul E. McKenney <paulmck@...nel.org> wrote:
>
> On Mon, May 04, 2020 at 03:11:09PM -0400, Qian Cai wrote:
>> Running a syscall fuzzer inside a container on linux-next floods systems with soft lockups. It looks like stuck in this line at iov_iter_copy_from_user_atomic(), Thoughts?
>>
>> iterate_all_kinds(i, bytes, v,
>> copyin((p += v.iov_len) - v.iov_len, v.iov_base, v.iov_len),
>> memcpy_from_page((p += v.bv_len) - v.bv_len, v.bv_page,
>> v.bv_offset, v.bv_len),
>> memcpy((p += v.iov_len) - v.iov_len, v.iov_base, v.iov_len)
>> )
>
> If the size being copied is large enough, something like this might happen.
>
> Is this a CONFIG_PREEMPT=n kernel? And is the size passed in to
Yes, CONFIG_PREEMPT=n.
> iov_iter_copy_from_user_atomic() quite large, given that this is generated
> by a fuzzer? If so, one thing to try is to add cond_resched() in the
> iterate_bvec(), iterate_kvec(), and iterate_iovec() macros.
I’ll try that.
Powered by blists - more mailing lists