Looking for guidance to reproduce a bug in drm/vkms reported by syzkaller

Looking for guidance to reproduce a bug in drm/vkms reported by syzkaller

[Melissa Wen]

Hi,

I am trying to reproduce a syzkaller bug found in the vkms:
- WARNING in vkms_gem_free_object
- https://groups.google.com/forum/#!msg/syzkaller-bugs/_oARhriB1SA/PelnW1BqAwAJ

However, I was not very successful in this task. As I don't know how to deal
with syzkaller and I am not sure if I am following the right steps, it would be
great if someone can give me some tips and guidance.

First, looking at the bug history at:
- https://syzkaller.appspot.com/bug?extid=e7ad70d406e74d8fc9d0,
it seems like the bug still exists. Am I right?

Second, here is a report of what I tried to do:
Note: For testing, I use a VM (QEMU) with Debian 10 with a kernel compiled at
- https://cgit.freedesktop.org/drm/drm-misc (branch drm-misc-next)

1 - Using the usual .config for my VM, I compiled and installed the kernel and,
as root, ran the C program provided by syzkaller:
- https://syzkaller.appspot.com/x/repro.c?x=15e27c53600000
Nothing happened.

2 - Then, I checked the debug/panic/hacking/drm/i915 debugging/vkms settings on
the .config reported by syzkaller:
- https://syzkaller.appspot.com/x/.config?x=7cf4eed5fe42c31a
and enabled the same things in my .config.
I compiled and installed the kernel and ran the C program.
Nothing happened.

3 - So, I reverted my current branch to the commit that generated the bug
(as reported: 94e2ec3f7fef86506293a448273b2b4ee21e6195) and used the kernel on
that state.
Nothing happened.

4 - I decided to use the syzkaller .config without modifications and
adaptations for my VM (although I didn't think it felt right). I compiled,
installed... some boot problems happened, but the kernel worked. I ran the C
program and nothing.

So I gave up... for a while :)

Does anyone have any advice for me?
I have already searched for information on the Internet, but I am still stuck.

The last thing that I noted is that syzkaller stopped providing a C program of
this bug for crashes after the beginning of the year (I also don't know if it
is something important).

Thanks in advance,

Melissa Wen
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel

Re: Looking for guidance to reproduce a bug in drm/vkms reported by syzkaller

[Daniel Vetter]

On Sat, Feb 22, 2020 at 10:03 AM Melissa Wen <melissa.srw@gmail.com> wrote:
>
> Hi,
>
> I am trying to reproduce a syzkaller bug found in the vkms:
> - WARNING in vkms_gem_free_object
> - https://groups.google.com/forum/#!msg/syzkaller-bugs/_oARhriB1SA/PelnW1BqAwAJ
>
> However, I was not very successful in this task. As I don't know how to deal
> with syzkaller and I am not sure if I am following the right steps, it would be
> great if someone can give me some tips and guidance.
>
> First, looking at the bug history at:
> - https://syzkaller.appspot.com/bug?extid=e7ad70d406e74d8fc9d0,
> it seems like the bug still exists. Am I right?
>
> Second, here is a report of what I tried to do:
> Note: For testing, I use a VM (QEMU) with Debian 10 with a kernel compiled at
> - https://cgit.freedesktop.org/drm/drm-misc (branch drm-misc-next)
>
> 1 - Using the usual .config for my VM, I compiled and installed the kernel and,
> as root, ran the C program provided by syzkaller:
> - https://syzkaller.appspot.com/x/repro.c?x=15e27c53600000
> Nothing happened.
>
> 2 - Then, I checked the debug/panic/hacking/drm/i915 debugging/vkms settings on
> the .config reported by syzkaller:
> - https://syzkaller.appspot.com/x/.config?x=7cf4eed5fe42c31a
> and enabled the same things in my .config.
> I compiled and installed the kernel and ran the C program.
> Nothing happened.
>
> 3 - So, I reverted my current branch to the commit that generated the bug
> (as reported: 94e2ec3f7fef86506293a448273b2b4ee21e6195) and used the kernel on
> that state.
> Nothing happened.
>
> 4 - I decided to use the syzkaller .config without modifications and
> adaptations for my VM (although I didn't think it felt right). I compiled,
> installed... some boot problems happened, but the kernel worked. I ran the C
> program and nothing.
>
> So I gave up... for a while :)
>
> Does anyone have any advice for me?

Adding the syzbot people (you can just grab the mail address from the
report, should go to the right place), maybe they have some ideas what
would help in reproducing the bug. I never tried to repro a syzbot bug
before yet, so not really useful experience from my side :-/
-Daniel

> I have already searched for information on the Internet, but I am still stuck.
>
> The last thing that I noted is that syzkaller stopped providing a C program of
> this bug for crashes after the beginning of the year (I also don't know if it
> is something important).
>
> Thanks in advance,
>
> Melissa Wen



-- 
Daniel Vetter
Software Engineer, Intel Corporation
+41 (0) 79 365 57 48 - http://blog.ffwll.ch
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel