[PATCH] ANDROID: binder: Latelimit binder_debug().

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>From 62ddef96020cb397dcbf4b8574f1859b32f983de Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 9 Jul 2018 09:54:01 +0900
Subject: [PATCH] ANDROID: binder: Latelimit binder_debug().

syzbot is reporting hung tasks [1] [2]. This might be due to flooding of
printk() messages from binder subsystem, for NMI backtrace says the CPU
was busy doing printk() from binder subsystem. Since the kernel log buffer
is trivially spammed by debug messages, let's latelimit binder_debug().

While at it, let's add cond_resched() to binder_thread_write(),
binder_transaction() and binder_release_work() loops because they might
take long time.

[1] https://syzkaller.appspot.com/bug?id=0e75779a6f0faac461510c6330514e8f0e893038
[2] https://syzkaller.appspot.com/bug?id=aa11d2d767f3750ef9a40d156a149e9cfa735b73

Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
Reported-by: syzbot+e38306788a2e7102a3b6@xxxxxxxxxxxxxxxxxxxxxxxxx
Reported-by: syzbot+4417a2fa149da3802a74@xxxxxxxxxxxxxxxxxxxxxxxxx
---
 drivers/android/binder.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 95283f3..c136fce 100644
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -161,7 +161,7 @@ static int binder_set_stop_on_user_error(const char *val,
 #define binder_debug(mask, x...) \
 	do { \
 		if (binder_debug_mask & mask) \
-			pr_info(x); \
+			pr_info_ratelimited(x); \
 	} while (0)
 
 #define binder_user_error(x...) \
@@ -3016,7 +3016,7 @@ static void binder_transaction(struct binder_proc *proc,
 	sg_bufp = (u8 *)(PTR_ALIGN(off_end, sizeof(void *)));
 	sg_buf_end = sg_bufp + extra_buffers_size;
 	off_min = 0;
-	for (; offp < off_end; offp++) {
+	for (; offp < off_end; cond_resched(), offp++) {
 		struct binder_object_header *hdr;
 		size_t object_size = binder_validate_object(t->buffer, *offp);
 
@@ -3307,6 +3307,7 @@ static int binder_thread_write(struct binder_proc *proc,
 
 		if (get_user(cmd, (uint32_t __user *)ptr))
 			return -EFAULT;
+		cond_resched();
 		ptr += sizeof(uint32_t);
 		trace_binder_command(cmd);
 		if (_IOC_NR(cmd) < ARRAY_SIZE(binder_stats.bc)) {
@@ -4193,6 +4194,7 @@ static void binder_release_work(struct binder_proc *proc,
 	struct binder_work *w;
 
 	while (1) {
+		cond_resched();
 		w = binder_dequeue_work_head(proc, list);
 		if (!w)
 			return;
-- 
1.8.3.1

_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
[Index of Archives]     [Linux Driver Backports]     [DMA Engine]     [Linux GPIO]     [Linux SPI]     [Video for Linux]     [Linux USB Devel]     [Linux Coverity]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]
  Powered by Linux