Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp911796rwd;
        Sat, 20 May 2023 08:51:51 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ4bdy0S9UqiW8mGDF5lEHr0RJ1iTFJKGFqYUJiuozyj3tc9huBC+GhkcogjhaVJvqlIuwSj
X-Received: by 2002:a05:6a21:3703:b0:105:2a95:17d1 with SMTP id yl3-20020a056a21370300b001052a9517d1mr4487721pzb.57.1684597910870;
        Sat, 20 May 2023 08:51:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1684597910; cv=none;
        d=google.com; s=arc-20160816;
        b=fuhDdUYlp3SRR8oZFabBOzMcZcABYzgkTlu8INW8lNTHXbVhn1CXTlDf43uz6GkRdw
         I+rwQFOMqlvBFIrKnFRHjlgrHReWiLFp6S9HGc5Hhwu4kmQSVFEKHTplReKs8ZqZdkug
         RK6ZvrNlIvUAaD2oNISpBOOgwd5P7xqv0THYhYRAQtUspoZ10ad5TvoUieHE4V/0eEij
         cBBUHgJK1REi5Ei54Myyoc12uk5RjKBiTlhoTwnRfZc1+Tm2pNG87D1gXgYjovnEfnys
         UKxgMNIExMEHsc4FRQosxOS3TxiSjz1kTp/oXuj7BuwmRZijDf317CkLeyeUNXe9J8av
         5fmA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=ruUrAlortwiilwry6ET8AiL0PWumpYDZU7GF3aZyrno=;
        b=y68pVRNOBJWsjrPAMZZmwRw+v8AOjB3V8ZpQ5G//PjTQxzgGeNqyWiRE+qEFJSqUfC
         3RdD22VlJwKBqLC0dZX2FFxj+PAXLBiRmeKw705waaFT9oQbPGkOL64TpB1sIkcvJYWA
         CYaNZyXxyLpEijJyaDOVPoZ5tkOHUpRL73b0zW1ELzAWS5XIYCD5shDE5RpdfJ6kH/5U
         RgzQT7RO9xO2Wi0a6E0ZUY6O4kbcWmBLUA6oQ5/rOVhkkvY3KxnPT/tQdDhV7J1GuyTU
         FlT+28vvP52FS1jW/85SvEx1W1XsnfRK6KBAOvgIm8AeWFdPBaxmwBT9GbkNMIlqt8dC
         3OJA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id p19-20020a637f53000000b0051b694b4069si1642582pgn.804.2023.05.20.08.51.35;
        Sat, 20 May 2023 08:51:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231719AbjETPG1 (ORCPT <rfc822;69blacklab@gmail.com> + 99 others);
        Sat, 20 May 2023 11:06:27 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57840 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229737AbjETPGZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 20 May 2023 11:06:25 -0400
Received: from netrider.rowland.org (netrider.rowland.org [192.131.102.5])
        by lindbergh.monkeyblade.net (Postfix) with SMTP id 2D0FDC3
        for <linux-kernel@vger.kernel.org>; Sat, 20 May 2023 08:06:24 -0700 (PDT)
Received: (qmail 73707 invoked by uid 1000); 20 May 2023 11:06:23 -0400
Date:   Sat, 20 May 2023 11:06:23 -0400
From:   Alan Stern <stern@rowland.harvard.edu>
To:     syzbot <syzbot+e761775e8f4a28711f19@syzkaller.appspotmail.com>
Cc:     andreyknvl@google.com, charu@tickmarks.net,
        gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org,
        linux-usb@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [usb?] INFO: task hung in usb_register_dev
Message-ID: <32b49d74-16df-4f8e-9956-c7705a900ee9@rowland.harvard.edu>
References: <0000000000003a41f705a9c74dfa@google.com>
 <00000000000041730905fc1940ff@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <00000000000041730905fc1940ff@google.com>
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,
        HEADER_FROM_DIFFERENT_DOMAINS,SPF_HELO_PASS,SPF_PASS,
        T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=no autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, May 19, 2023 at 10:24:25PM -0700, syzbot wrote:
> syzbot suspects this issue was fixed by commit:
> 
> commit df05a9b05e466a46725564528b277d0c570d0104
> Author: Alan Stern <stern@rowland.harvard.edu>
> Date:   Mon Apr 10 19:38:22 2023 +0000
> 
>     USB: sisusbvga: Add endpoint checks
> 
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=1286f641280000
> start commit:   7d2a07b76933 Linux 5.14
> git tree:       upstream
> kernel config:  https://syzkaller.appspot.com/x/.config?x=b04081cf516e2565
> dashboard link: https://syzkaller.appspot.com/bug?extid=e761775e8f4a28711f19
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=133519b1300000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=116ec82e300000
> 
> If the result looks correct, please mark the issue as fixed by replying with:
> 
> #syz fix: USB: sisusbvga: Add endpoint checks
> 
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection

If that commit does fix this problem, it's entirely by accident.  I 
suspect that instead the commit merely prevents the reproducer from 
entering the buggy pathway, but that pathway still exists.

In fact, I'd guess from reading through the driver that the problem is 
that it does dozens of I/O operations, with 5-second timeouts and 
multiple retries, without checking for errors until the end.  All while 
holding a contested mutex.

However the driver is not maintained much AFAICT, so it's not likely to 
get fixed.  It's probably also not used by more than a few people, if 
any.

Alan Stern