Thread (6 messages) 6 messages, 3 authors, 2019-11-01

Re: BUG: unable to handle kernel paging request in io_wq_cancel_all

From: Jens Axboe <axboe@kernel.dk>
Date: 2019-11-01 18:07:32
Also in: linux-fsdevel, lkml 

On 11/1/19 12:03 PM, Dmitry Vyukov wrote:
On Fri, Nov 1, 2019 at 6:56 PM Jens Axboe [off-list ref] wrote:
quoted
On 11/1/19 11:50 AM, Dmitry Vyukov wrote:
quoted
On Wed, Oct 30, 2019 at 3:41 PM Jens Axboe [off-list ref] wrote:
quoted
On 10/30/19 1:44 AM, syzbot wrote:
quoted
syzbot has bisected this bug to:

commit ef0524d3654628ead811f328af0a4a2953a8310f
Author: Jens Axboe [off-list ref]
Date:   Thu Oct 24 13:25:42 2019 +0000

        io_uring: replace workqueue usage with io-wq

bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=16acf5d0e00000
start commit:   c57cf383 Add linux-next specific files for 20191029
git tree:       linux-next
final crash:    https://syzkaller.appspot.com/x/report.txt?x=15acf5d0e00000
console output: https://syzkaller.appspot.com/x/log.txt?x=11acf5d0e00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=cb86688f30db053d
dashboard link: https://syzkaller.appspot.com/bug?extid=221cc24572a2fed23b6b
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=168671d4e00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=140f4898e00000

Reported-by: syzbot+221cc24572a2fed23b6b@syzkaller.appspotmail.com
Fixes: ef0524d36546 ("io_uring: replace workqueue usage with io-wq")
Good catch, it's a case of NULL vs ERR_PTR() confusion. I'll fold in
the below fix.
Hi Jens,

Please either add the syzbot tag to commit, or close manually with
"#syz fix" (though requires waiting until the fixed commit is in
linux-next).
See https://goo.gl/tpsmEJ#rebuilt-treesamended-patches for details.
Otherwise, the bug will be considered open and will waste time of
humans looking at open bugs and prevent syzbot from reporting new bugs
in io_uring.
It's queued up since two days ago:

http://git.kernel.dk/cgit/linux-block/commit/?h=for-5.5/io_uring&id=975c99a570967dd48e917dd7853867fee3febabd

and should have the right attributions, so hopefully it'll catch up
eventually.

--
Jens Axboe
Cool! Thanks!
I've seen "fold in" and historically lots of developers did not add
the tag during amending, so wanted to double check.
I'm often guilty of that, I think, but for this one I just kept it
separate since I didn't want to rebase things at this point. So I do
appreciate the reminder, I'm sure it'll be pertinent in many other
cases...

-- 
Jens Axboe
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help