Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp740438ybt;
        Fri, 26 Jun 2020 10:21:56 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJz5DIcXuuxts4azO5Ct5E1P+JWuVGRv9tZ7J6N6fOgpFN96ZguzIniBHPmyf5RR0i1jMO5W
X-Received: by 2002:aa7:da4f:: with SMTP id w15mr4323534eds.384.1593192115973;
        Fri, 26 Jun 2020 10:21:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1593192115; cv=none;
        d=google.com; s=arc-20160816;
        b=06T/xIy3E6lBJI3ftiUe4plzekQBiZ4JrVkjwfZzSrqvf/GQGBLzMaygLOvBJ5i6ZI
         C5sfsBS2oMtHGlUqxje8KjNOoA2lOQenE4flA1sOdM9sKj1W0UzCj5WxOnRxFP23Y0iy
         l3NOJ0eN1bsHsajlm1M036Nwzzlzqml9Kt7CVivIzOiumQhRTY+e1P6GjFTpSxhCCNyz
         uuVS62kDBHUtNlJZHrpAt+5YI9w90o6wAluipas1AW7ViI40o1tfZBw9lfern3Xqz94G
         xIO1BIeouyqBdeR1p50zNdQCMMC5lyDB9hSbP7bcqtq8wOTyj4dq464fSM9cYt4ryh7C
         7TkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:dkim-filter;
        bh=aPpev6+jbpMjykTXQYkoFzkRvxyLE0DzAEOYxd8rSiU=;
        b=TnQsKzbQkb1U56ibD1MNC2FgLJXjevdMbyeCwNZu2ZbyFhmxsADYz1gZr3wPtFM/aC
         hOHBjQLaL3PHkjF+xbP1o74pV5LsgEWbI353akWykeXlkUKvxjjDvL5aPCdOulwBqRsf
         +xgrArh/lNR8wOstt6q13LUpx5g9ooo4eoDAO2vZwmTmTvOA0UEmivutpR3toKoYXXJR
         kdKIG2xG3l/HHkAbyZ1ga+u6I51CrYa0yuMtiZfxGvlpKyMJ9hX4oHOUBH+4fpQ57eUe
         V8mx2H4FDkO6EMEl7Wv783ShidLmdAZpyRMtfY4IvTgsPnakRlO8w1oVUsObc3IJXcRv
         ktJA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@fieldses.org header.s=default header.b=CQ7eCI8V;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id i3si6347502edy.403.2020.06.26.10.21.32;
        Fri, 26 Jun 2020 10:21:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@fieldses.org header.s=default header.b=CQ7eCI8V;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727956AbgFZQr2 (ORCPT <rfc822;rajatbajpailinux@gmail.com>
        + 99 others); Fri, 26 Jun 2020 12:47:28 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36448 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727847AbgFZQr2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Jun 2020 12:47:28 -0400
Received: from fieldses.org (fieldses.org [IPv6:2600:3c00:e000:2f7::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 151E1C03E979;
        Fri, 26 Jun 2020 09:47:28 -0700 (PDT)
Received: by fieldses.org (Postfix, from userid 2815)
        id 52F92879E; Fri, 26 Jun 2020 12:47:27 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 fieldses.org 52F92879E
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fieldses.org;
        s=default; t=1593190047;
        bh=aPpev6+jbpMjykTXQYkoFzkRvxyLE0DzAEOYxd8rSiU=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=CQ7eCI8VvZx5C558KfIaB1SEBm2kT5+g8WAks5U1BkF+e8Ug1ZPeK0J0/UAGpVtvB
         +1k/uOO7Qz8/iuJZyz7BZZHHq3e1G4xlhf+9ch3aNUeYLzj/Ky3iev+kj3yaQtlbR2
         DiOGzvPQ9EWdDEhat+BWw5GAmOJbTJPHEaFn/PwY=
Date:   Fri, 26 Jun 2020 12:47:27 -0400
From:   "J. Bruce Fields" <bfields@fieldses.org>
To:     Dmitry Vyukov <dvyukov@google.com>
Cc:     Hillf Danton <hdanton@sina.com>,
        syzbot <syzbot+0e37e9d19bded16b8ab9@syzkaller.appspotmail.com>,
        chuck.lever@oracle.com, LKML <linux-kernel@vger.kernel.org>,
        linux-nfs@vger.kernel.org,
        syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Subject: Re: BUG: unable to handle kernel paging request in rb_erase
Message-ID: <20200626164727.GB3565@fieldses.org>
References: <0000000000005016dd05a5e6b308@google.com>
 <20200603043435.13820-1-hdanton@sina.com>
 <20200603144326.GA2035@fieldses.org>
 <20200604035359.2516-1-hdanton@sina.com>
 <20200604215812.GC3458@fieldses.org>
 <20200625210229.GE6605@fieldses.org>
 <CACT4Y+b_byN4xT+-42M6XtHv=QKRrgD2aSH+Hd0CDJ=v+OYWPA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CACT4Y+b_byN4xT+-42M6XtHv=QKRrgD2aSH+Hd0CDJ=v+OYWPA@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jun 26, 2020 at 12:32:42PM +0200, Dmitry Vyukov wrote:
> So far this crash happened only once:
> https://syzkaller.appspot.com/bug?extid=0e37e9d19bded16b8ab9
> 
> For continuous fuzzing on syzbot it usually means either (1) it's a
> super narrow race or (2) it's a previous unnoticed memory corruption.
> 
> Simpler bugs usually have much higher hit counts:
> https://syzkaller.appspot.com/upstream
> https://syzkaller.appspot.com/upstream/fixed
> 
> If you did a reasonable looking for any obvious bugs in the code that
> would lead to such failure, it can make sense to postpone any
> additional actions until we have more info.
> If no info comes, at some point syzbot will auto-obsolete it, and then
> then we can assume it was (2).

OK, thanks.

It's a big heavily used data structure, if there was random memory
corruption then I guess this wouldn't be a surprising way for it to show
up.

--b.