INFO: rcu detected stall in sys_sendfile64 (2)

Tue Mar 12 17:10:37 UTC 2019

On Tue, Mar 12, 2019 at 5:08 AM Al Viro <viro at zeniv.linux.org.uk> wrote:
>
> On Mon, Mar 11, 2019 at 08:59:00PM -0700, syzbot wrote:
> > syzbot has bisected this bug to:
> >
> > commit 34e07e42c55aeaa78e93b057a6664e2ecde3fadb
> > Author: Chris Wilson <chris at chris-wilson.co.uk>
> > Date:   Thu Feb 8 10:54:48 2018 +0000
> >
> >     drm/i915: Add missing kerneldoc for 'ent' in i915_driver_init_early
> >
> > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=13220283200000
> > start commit:   34e07e42 drm/i915: Add missing kerneldoc for 'ent' in i915..
> > git tree:       upstream
> > final crash:    https://syzkaller.appspot.com/x/report.txt?x=10a20283200000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=17220283200000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=abc3dc9b7a900258
> > dashboard link: https://syzkaller.appspot.com/bug?extid=1505c80c74256c6118a5
> > userspace arch: amd64
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=12c4dc28c00000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=15df4108c00000
> >
> > Reported-by: syzbot+1505c80c74256c6118a5 at syzkaller.appspotmail.com
> > Fixes: 34e07e42 ("drm/i915: Add missing kerneldoc for 'ent' in
> > i915_driver_init_early")
>
> Umm...  Might be a good idea to add some plausibility filters - it is,
> in theory, possible that adding a line in a comment changes behaviour
> (without compiler bugs, even - playing with __LINE__ is all it would
> take), but the odds that it's _not_ a false positive are very low.

Thanks for pointing this out.

I've started collecting all such cases, so that we are able to draw
broader conclusions later:
https://github.com/google/syzkaller/issues/1051

added for this one:
=========
A mix of problems: unrelated bug triggered by the same repro
("WARNING: ODEBUG bug in netdev_freemem"); lots of infrastructure
failures ("failed to copy test binary to VM"); also the original
failure seems to be flaky. All this contributed to pointing to a
random commit.
Al Viro points out that the commit only touches comments, so we could
mark the end result as suspicious.
=========

The infrastructure problems is definitely something we need to fix
("failed to copy test binary to VM") (currently the machine hangs
periodically with lots of time consumed by dmcrypt, but I don't know
if it's related or not yet).

Re the comment-only changes, I would like to see more cases where it
would help before we start creating new universes for this. We could
parse sources with clang to understand that a change was comment-only,
but I guess kernel is mostly broken with clang throughout history....