Re: INFO: task hung in __do_page_fault (2)

From: Dmitry Vyukov
Date: Thu Nov 21 2019 - 15:13:28 EST

Next message: tip-bot2 for Andy Lutomirski: "[tip: x86/urgent] x86/doublefault/32: Fix stack canaries in the double fault handler"
Previous message: Fenghua Yu: "Re: [PATCH v10 6/6] x86/split_lock: Enable split lock detection by kernel parameter"
In reply to: Andy Lutomirski: "Re: INFO: task hung in __do_page_fault (2)"
Next in thread: Eric W. Biederman: "Re: INFO: task hung in __do_page_fault (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Nov 21, 2019 at 7:01 PM Andy Lutomirski <luto@xxxxxxxxxx> wrote:
>
> On Wed, Nov 20, 2019 at 11:52 AM syzbot
> <syzbot+6b074f741adbd93d2df5@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> >
> > syzbot has bisected this bug to:
> >
> > commit 0161028b7c8aebef64194d3d73e43bc3b53b5c66
> > Author: Andy Lutomirski <luto@xxxxxxxxxx>
> > Date: Mon May 9 22:48:51 2016 +0000
> >
> > perf/core: Change the default paranoia level to 2
> >
> > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15910e86e00000
> > start commit: 18d0eae3 Merge tag 'char-misc-4.20-rc1' of git://git.kerne..
> > git tree: upstream
> > final crash: https://syzkaller.appspot.com/x/report.txt?x=17910e86e00000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=13910e86e00000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=342f43de913c81b9
> > dashboard link: https://syzkaller.appspot.com/bug?extid=6b074f741adbd93d2df5
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12482713400000
> > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=158fd4a3400000
> >
> > Reported-by: syzbot+6b074f741adbd93d2df5@xxxxxxxxxxxxxxxxxxxxxxxxx
> > Fixes: 0161028b7c8a ("perf/core: Change the default paranoia level to 2")
> >
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
>
> Hi syzbot-
>
> I'm not quite sure how to tell you this in syzbotese, but I'm pretty
> sure you've bisected this wrong. The blamed patch makes no sense.

Hi Andy,

Three is no way to tell syzbot about this, it does not have any way to
use this information.
You can tell this to other recipients, though, and for the record on
the bug report email thread. For this you can use any free form.

But what makes you think this is wrong?
>From everything I see this looks like amazingly precise bisection.
The reproducer contains perf_event_open which seems to cause the hang
(there is a number of reports where perf_event_open hangs kernel dead
IIRC) _and_ it contains setresuid. Which makes good match for
"perf/core: Change the default paranoia level to 2" (for unpriv
users).
The bisection log also looks perfectly correct to me: no unrelated
kernel bugs were hit along the way; the crash was always reproduced
100% reliably in all 10 runs; nothing else suspicious.
I can totally imagine that your patch unmasked some latent bug, but
it's not 100% obvious to me and in either case syzbot did the job as
well as a robot could possibly do.

Next message: tip-bot2 for Andy Lutomirski: "[tip: x86/urgent] x86/doublefault/32: Fix stack canaries in the double fault handler"
Previous message: Fenghua Yu: "Re: [PATCH v10 6/6] x86/split_lock: Enable split lock detection by kernel parameter"
In reply to: Andy Lutomirski: "Re: INFO: task hung in __do_page_fault (2)"
Next in thread: Eric W. Biederman: "Re: INFO: task hung in __do_page_fault (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]