On 2020/05/22 4:50, Oliver Neukum wrote: > interesting. Do you have a test case for these patches working? No. > >> wait_event(desc->wait, >> /* >> * needs both flags. We cannot do with one >> * because resetting it would cause a race >> * with write() yet we need to signal >> * a disconnect >> */ >> !test_bit(WDM_IN_USE, &desc->flags) || >> test_bit(WDM_DISCONNECTING, &desc->flags)); >> >> but wdm_write() is not calling wake_up(&desc->wait) after >> clear_bit(WDM_IN_USE, &desc->flags) when usb_submit_urb() failed. > > Yes, because desc->wlock is held. There can be nobody sleeping here. Then, this patch is not needed. (But adding some comment is welcomed.) > >>> And is this a bugfix? For what? Does it need to go to stable kernels? >> >> Potential bugfix. syzbot is reporting two bugs that hung at wdm_flush(), >> but I think that this patch won't fix these bugs. Therefore, I don't think >> this patch needs to go to stable kernels. > > Do you have links for them? It turned out that the second bug report is a duplicate of the first bug report. The dashboard link for the first bug report is https://syzkaller.appspot.com/bug?id=e7b761593b23eb50855b9ea31e3be5472b711186 .
