Re: splice() rcu_sched self-detected stall on CPU

From: Qian Cai
Date: Tue May 05 2020 - 15:00:40 EST




> On May 5, 2020, at 2:57 PM, Paul E. McKenney <paulmck@xxxxxxxxxx> wrote:
>
> On Mon, May 04, 2020 at 03:11:09PM -0400, Qian Cai wrote:
>> Running a syscall fuzzer inside a container on linux-next floods systems with soft lockups. It looks like stuck in this line at iov_iter_copy_from_user_atomic(), Thoughts?
>>
>> iterate_all_kinds(i, bytes, v,
>> copyin((p += v.iov_len) - v.iov_len, v.iov_base, v.iov_len),
>> memcpy_from_page((p += v.bv_len) - v.bv_len, v.bv_page,
>> v.bv_offset, v.bv_len),
>> memcpy((p += v.iov_len) - v.iov_len, v.iov_base, v.iov_len)
>> )
>
> If the size being copied is large enough, something like this might happen.
>
> Is this a CONFIG_PREEMPT=n kernel? And is the size passed in to

Yes, CONFIG_PREEMPT=n.

> iov_iter_copy_from_user_atomic() quite large, given that this is generated
> by a fuzzer? If so, one thing to try is to add cond_resched() in the
> iterate_bvec(), iterate_kvec(), and iterate_iovec() macros.

Iâll try that.