On 10/15/24 15:29, Marius Fleischer wrote: > Hi Jens, > Please find the config we used for testing the reproducer on v5.15.167 > - hope that helps. > > Which of the reproducers did you try? Upon more testing, it seems like the > C reproducer (repro.c) is a little unstable on v5.15.167 but repro.syz works > fine. Instructions on how to run repro.syz are here: > https://github.com/google/syzkaller/blob/master/docs/executing_syzkaller_programs.md FWIW, those instructions don't work if you don't have 'go' in your path already. Even when you do, it apparently needs to be a pretty recent version. They also say "Unpack it (a tarball) to $HOME/goroot". I read that as: mkdir $HOME/goroot cd $HOME/goroot tar -zxf $TARBALL When I think it really means something like: cd $HOME tar -zxf $TARBALL mv go goroot or something. I figured it out eventually, but it would be nice to make those instructions a _bit_ more clear, especially for folks that don't have a recent go toolchain already sitting around. Oh, and the go toolchain had a jolly old time beating up on my poor little 4GB-of-RAM test VM. I had to double its RAM just to compile this beast. > TL;DR compile syzkaller, copy syz-execprog, syz-executor, repro.syz into > the VM and run the command below inside the VM > ./syz-execprog -executor=./syz-executor -procs=8 -repeat=0 repro.syz > > Please let me know if you need more details from us! It didn't reproduce for me, either, at least ~10k executed programs in. How long should it take? The next step would be to figure out specifically why get_pat_info() failed. To double check that io_uring is the thing that's involved and (presumably) why follow_phys() failed. Basically, I think we need to know what state the page tables and the VMA were in.
