Thread (3 messages) 3 messages, 3 authors, 2024-09-10

Re: [syzbot] Monthly trace report (Sep 2024)

From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Date: 2024-09-09 15:15:17
Also in: lkml 

On Mon, 09 Sep 2024 01:12:20 -0700
syzbot [off-list ref] wrote:

Hello trace maintainers/developers,

This is a 31-day syzbot report for the trace subsystem.
All related reports/information can be found at:
https://syzkaller.appspot.com/upstream/s/trace

During the period, 1 new issues were detected and 0 were fixed.
In total, 8 issues are still open and 37 have been fixed so far.

Some of the still happening issues:

Ref Crashes Repro Title
<1> 2278    Yes   possible deadlock in console_flush_all (3)
                  https://syzkaller.appspot.com/bug?extid=18cfb7f63482af8641df
This is artifically injected circuler lock dependency about the combination
of eBPF + fault injection.

 - BPF test program traces sched_switch event. (under rq->lock)
 - fault inject injects a fault in BPF's strncpy_from_user.
 - this fault printk dump to the console.(to lock console_owner)

To avoid this issue, use another event to test fault injection.

<2> 1023    Yes   WARNING in format_decode (3)
                  https://syzkaller.appspot.com/bug?extid=e2c932aec5c8a6e1d31c
This seems also be caused by bpf test program.

<3> 31      Yes   INFO: task hung in blk_trace_ioctl (4)
                  https://syzkaller.appspot.com/bug?extid=ed812ed461471ab17a0c
This is a bug in blk_trace.

<4> 15      Yes   WARNING in bpf_get_stack_raw_tp
                  https://syzkaller.appspot.com/bug?extid=ce35de20ed6652f60652
This may be a bpf issue.

<5> 11      Yes   WARNING in get_probe_ref
                  https://syzkaller.appspot.com/bug?extid=8672dcb9d10011c0a160
This is a bug in blk_trace.

It seems blk_trace does not check input parameters of ioctl correctly.

Thank you,

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

To disable reminders for individual bugs, reply with the following command:
#syz set <Ref> no-reminders

To change bug's subsystems, reply with:
#syz set <Ref> subsystems: new-subsystem

You may send multiple commands in a single email message.

-- 
Masami Hiramatsu (Google) [off-list ref]
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help