Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1097758imm;
        Fri, 17 Aug 2018 11:48:17 -0700 (PDT)
X-Google-Smtp-Source: AA+uWPzECKeTrXoTx4sTaS/GI1gQy6P6hQ2e3bqYrJdXG8B9OSLjR72NyfbK8bD6W6iFUoPoFzx8
X-Received: by 2002:a17:902:724c:: with SMTP id c12-v6mr34228611pll.326.1534531697087;
        Fri, 17 Aug 2018 11:48:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1534531697; cv=none;
        d=google.com; s=arc-20160816;
        b=VORjbQlreQqiIiS8Wg4mGMxNwgCeYkaHoHKtbK3e+zl648W74hInJ97/ogZ9cgAGpn
         EOT8/KHv1sd039SSKZRuPlgr07GUxFvYx4J62BHfU1qJ0tWZNO+Y7jlUrQavPGu/Ahk/
         MpwszzaeKLDreCwdsgeX6izZHCCi4yQZcyVR3G/WH/OH5UXo/Av1fI758cFHqTYy+tPE
         3oomaRDK7fuGy+KvaOx1y+NkuftO5NPhuCQIbEZ6cuFmmC2u6qMVhY0BS0MYOWI6LB6b
         39Jo7LGnIW9WvLnMUxyKrhZktO4ZLB27A2D86TkNIuthWaElysPYsxMYQFnbJQop+IVc
         GXMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:subject:mime-version:user-agent
         :message-id:in-reply-to:date:references:cc:to:from
         :arc-authentication-results;
        bh=ayg6JkIuNKE8JLS3uC5e6pfP3bi7wRy5w9DKDEDbIa0=;
        b=qvTEJghe3qSRWw8k34q6dmMx1fwGM5bVMx32kB9I2RCYT76U0zmKUkkuiSgMhMmeTQ
         B9kXuob5BWXBoxWUjTGw0Dm2sYt4PkUsulUYzA7nv86UYlnO5vQvEkIrvDgUul0sIWY6
         67xtTwV+v5FmMIymEkvnR38bBYHycYxfbAX0W5pFYv4rirsz51kaPSKJTI7sVbdUrop0
         9Oofm1Cqs3c+74Q8yJRDEWZTq2s8BTv9SxdH5FzbHyGX7TLKcVfDiiF55fq+OYBixhbp
         NOwyr01MmkBbsz+/G970AWjnPF6s7ZUJoF02IV4PwR149v3rPXmDT1N0iRBG7j2oGOol
         llzA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l13-v6si2770686pgr.291.2018.08.17.11.48.02;
        Fri, 17 Aug 2018 11:48:17 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728147AbeHQVvQ (ORCPT <rfc822;chaneybenjamini@gmail.com>
        + 99 others); Fri, 17 Aug 2018 17:51:16 -0400
Received: from out03.mta.xmission.com ([166.70.13.233]:33869 "EHLO
        out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726888AbeHQVvQ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 17 Aug 2018 17:51:16 -0400
Received: from in02.mta.xmission.com ([166.70.13.52])
        by out03.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
        (Exim 4.87)
        (envelope-from <ebiederm@xmission.com>)
        id 1fqjlm-0006fR-ID; Fri, 17 Aug 2018 12:46:46 -0600
Received: from [97.119.167.31] (helo=x220.xmission.com)
        by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
        (Exim 4.87)
        (envelope-from <ebiederm@xmission.com>)
        id 1fqjll-0006px-7F; Fri, 17 Aug 2018 12:46:46 -0600
From:   ebiederm@xmission.com (Eric W. Biederman)
To:     Dmitry Vyukov <dvyukov@google.com>
Cc:     Linus Torvalds <torvalds@linux-foundation.org>,
        Oleg Nesterov <oleg@redhat.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Wen Yang <wen.yang99@zte.com.cn>,
        majiang <ma.jiang@zte.com.cn>,
        "J. Bruce Fields" <bfields@fieldses.org>,
        syzkaller-bugs <syzkaller-bugs@googlegroups.com>,
        Andrey Vagin <avagin@virtuozzo.com>,
        Cyrill Gorcunov <gorcunov@gmail.com>
References: <87efft5ncd.fsf_-_@xmission.com>
        <20180724032419.20231-7-ebiederm@xmission.com>
        <87k1orgdoo.fsf_-_@xmission.com>
        <CACT4Y+bYFatW=CMgH4M6AjtjO297gbQ8xwnEV0_f7J64FLQ4QQ@mail.gmail.com>
Date:   Fri, 17 Aug 2018 13:46:36 -0500
In-Reply-To: <CACT4Y+bYFatW=CMgH4M6AjtjO297gbQ8xwnEV0_f7J64FLQ4QQ@mail.gmail.com>
        (Dmitry Vyukov's message of "Fri, 17 Aug 2018 10:34:12 -0700")
Message-ID: <87pnyg7rw3.fsf@xmission.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-XM-SPF: eid=1fqjll-0006px-7F;;;mid=<87pnyg7rw3.fsf@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=97.119.167.31;;;frm=ebiederm@xmission.com;;;spf=neutral
X-XM-AID: U2FsdGVkX1/G6gJzgJ9OZ+GFm/1aKyyCeW3WriSnBZ4=
X-SA-Exim-Connect-IP: 97.119.167.31
X-SA-Exim-Mail-From: ebiederm@xmission.com
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on sa01.xmission.com
X-Spam-Level: 
X-Spam-Status: No, score=0.5 required=8.0 tests=ALL_TRUSTED,BAYES_50,
        DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,XMSubLong autolearn=disabled
        version=3.4.0
X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
        *  0.7 XMSubLong Long Subject
        *  0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available.
        *  0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
        *      [score: 0.4956]
        * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC
        *      [sa01 1397; Body=1 Fuz1=1 Fuz2=1]
X-Spam-DCC: XMission; sa01 1397; Body=1 Fuz1=1 Fuz2=1 
X-Spam-Combo: ;Dmitry Vyukov <dvyukov@google.com>
X-Spam-Relay-Country: 
X-Spam-Timing: total 782 ms - load_scoreonly_sql: 0.05 (0.0%),
        signal_user_changed: 3.0 (0.4%), b_tie_ro: 2.1 (0.3%), parse: 1.37 (0.2%),
        extract_message_metadata: 32 (4.0%), get_uri_detail_list: 4.4 (0.6%),
        tests_pri_-1000: 15 (1.9%), tests_pri_-950: 2.2 (0.3%), tests_pri_-900: 1.70
        (0.2%), tests_pri_-400: 43 (5.5%), check_bayes: 40 (5.2%), b_tokenize: 17
        (2.1%), b_tok_get_all: 10 (1.3%), b_comp_prob: 6 (0.8%), b_tok_touch_all: 3.1
        (0.4%), b_finish: 0.81 (0.1%), tests_pri_0: 669 (85.6%),
        check_dkim_signature: 0.90 (0.1%), check_dkim_adsp: 4.5 (0.6%),
        tests_pri_500: 10 (1.3%), rewrite_mail: 0.00 (0.0%)
Subject: Re: [PATCH] signal: Don't send signals to tasks that don't exist
X-Spam-Flag: No
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Dmitry Vyukov <dvyukov@google.com> writes:

> On Wed, Aug 15, 2018 at 9:04 PM, Eric W. Biederman
> <ebiederm@xmission.com> wrote:
>>
>> Recently syzbot reported crashes in send_sigio_to_task and
>> send_sigurg_to_task in linux-next.  Despite finding a reproducer
>> syzbot apparently did not bisected this or otherwise track down the
>> offending commit in linux-next.
>>
>> I happened to see this report and examined the code because I had
>> recently changed these functions as part of making PIDTYPE_TGID a real
>> pid type so that fork would does not need to restart when receiving a
>> signal.  By examination I see that I spotted a bug in the code
>> that could explain the reported crashes.
>>
>> When I took Oleg's suggestion and optimized send_sigurg and send_sigio
>> to only send to a single task when type is PIDTYPE_PID or PIDTYPE_TGID
>> I failed to handle pids that no longer point to tasks.  The macro
>> do_each_pid_task simply iterates for zero iterations.  With pid_task
>> an explicit NULL test is needed.
>>
>> Update the code to include the missing NULL test.
>>
>> Fixes: 019191342fec ("signal: Use PIDTYPE_TGID to clearly store where file signals will be sent")
>> Reported-by: syzkaller-bugs@googlegroups.com
>
> Since the commit does not contain the syzbot-provided Reported-by tag,
> we need to tell syzbot that this is fixed explicitly:

Nor will my commits ever contain that information.  That is information
only of use to syzbot.  That is not information useful to anyone else.

Further syzbot did not track this down and report this.  Syzbot said
something is fishy here and happened to CC a public mailing list.  Only
by chance did I see the report.  There was enough information to start
an investigation but it certainly was not any kind of useful bug report.

It is very annoying that despite syzbot claming to have a reproducer
syzbot completely failed to locate the problem commit or the proper
people to repor the issue to.  I looked at the syzbot website link and
there was no evidence that syzbot even tried to track down which branch
in linux-next the commit came from.  Much less to identify the commit on
that branch.

Very annoyingly syzbot sent out emails and report this before it found a
reproducer.  This is despite several people explicitly asking syzbot
to not report issuing on linux-next where syzbot does not have a
reproducer and it can not track down the offending commit.

> #syz fix: signal: Don't send signals to tasks that don't exist

Private internal communication on a public mailing list is rude.  Please
cut it out.

I appreciate the eagerness to report bugs.  But to play well with others
and not waste developers valuable time syzbot needs to track down the
offending commits and track fixes tags like everyone else.  Special
magic syzbot tags are annoying noise.

I will give credit where credit is due.  But syzbot is not so valuable
it can set rules for everyone else.  Automation is valuable when it
removes work.  Syzbot is not doing a good job at making the most of
developers limited time.

Cyrill Gorconov and Andrey Vagin did a much better job in tracking this
down and reporting this.  They just took a little bit longer.  Please
look at what they sent if you need an example of a useful bug report
looks like.

Eric