Re: general protection fault in delayed_uprobe_remove

[Steven Rostedt]

On Thu, 21 Mar 2019 17:18:41 +0100
Oleg Nesterov <oleg@xxxxxxxxxx> wrote:

> iiuc,
> 
> #syz fix: Uprobes: Fix kernel oops with delayed_uprobe_remove()

Thanks, because I haven't been able to reproduce this, and couldn't see
how it could bug like it did by looking at the current code.

-- Steve

> 
> On 03/21, syzbot wrote:
> >
> > syzbot has bisected this bug to:
> > 
> > commit a6ca88b241d5e929e6e60b12ad8cd288f0ffa256
> > Author: Song Liu <songliubraving@xxxxxx>
> > Date:   Tue Oct 2 05:36:36 2018 +0000
> > 
> >     trace_uprobe: support reference counter in fd-based uprobe
> > 
> > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=12c86993200000
> > start commit:   a6ca88b2 trace_uprobe: support reference counter in fd-bas..
> > git tree:       linux-next
> > final crash:    https://syzkaller.appspot.com/x/report.txt?x=11c86993200000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=16c86993200000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=2a22859d870756c1
> > dashboard link: https://syzkaller.appspot.com/bug?extid=eab6e18f95a9fe69005e
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=137174f5400000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1278485d400000
> > 
> > Reported-by: syzbot+eab6e18f95a9fe69005e@xxxxxxxxxxxxxxxxxxxxxxxxx
> > Fixes: a6ca88b241d5 ("trace_uprobe: support reference counter in fd-based
> > uprobe")