Received: by 10.223.176.46 with SMTP id f43csp775908wra; Sat, 20 Jan 2018 04:40:38 -0800 (PST) X-Google-Smtp-Source: AH8x2274d54bcZ2DkMGuf/qNUlSjSRpZpsE3WIwzKk7jo3W4VUmIbG0NQ8Vm9jv20tWGEArVGGEn X-Received: by 10.99.149.8 with SMTP id p8mr1823071pgd.186.1516452038405; Sat, 20 Jan 2018 04:40:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516452038; cv=none; d=google.com; s=arc-20160816; b=cRFzO1O2VYPm1eml/fX2c9QK0VHIO3SFzKXULymZUYrTxLUysWWsCsT+fV6l1ZvKJP Dd34yNcYqirbSAgPoGwziMqFqDPgGefwSKmvaHj9F3pvOXHMJ4O7sG78c/Is6aHmE5sk AraVf6aeHD1RIALaMrZvCFqyG5t10qbd57KnT1XKBPFjC7LzbxDwfPgYx5SwcLgY7IJt yUDK09QuYFtrqN6SOL2vFSV8zTTQAJ4ZxABvTyRF4EEby3Ss6LqugFw+Wq0+QDl1Fdau 45nx1W4gfP/eOLyD9M2DGB5S0b1wBFLhQ0ziu1EbaRFbTuQlg4d2TSGSkbhBqDDIqnt2 IBUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=NnaBA4DTf9m4F+3Ff2r8LklaC/CrxqUQvIJZVJPCgrE=; b=ter6xNZWHGBdUfD0rZl7/KBmToa/IPLlZv+lOdfprvp4E+1lQI9XVfjLX0YgjTm5eo H1VeAoyjBbT9BeUcJaRiOV5ptGsEl/pYi1QcZd561rAlNuRPOm8AuMpFczjiDlGKR8Lk G8bz4te2xFiGEFnu52Vx1VmU8LglueD2uTtas2AG9UhLl4ZXm1hczcxA/VE0f1nOvc03 kI5c/w161i/P/97ICpQ94qT3olq2Y+Uw+E/8q1cW5PKSW/kjd9C2zulTns/JlzvNrIF7 0AXRPl0hjNYPm0MIAUcfiVnZEIRPcXkhBDD2THcmDnq3GG+mHyyojzQJYQxubioxmMMp +l7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Eln4yJC0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z5si2260520pgz.803.2018.01.20.04.40.23; Sat, 20 Jan 2018 04:40:38 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Eln4yJC0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754826AbeATMhy (ORCPT + 99 others); Sat, 20 Jan 2018 07:37:54 -0500 Received: from mail-pf0-f193.google.com ([209.85.192.193]:36870 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751334AbeATMhr (ORCPT ); Sat, 20 Jan 2018 07:37:47 -0500 Received: by mail-pf0-f193.google.com with SMTP id p1so3470532pfh.4 for ; Sat, 20 Jan 2018 04:37:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=NnaBA4DTf9m4F+3Ff2r8LklaC/CrxqUQvIJZVJPCgrE=; b=Eln4yJC0/RSCo1qI4nuardP3oc7F4FH+W+iMJYkCt8ZVyq7XDu+DGwCvkLDZzQcyFj GJ900kqNFNfJliS6Vqb+TLHgt2lUtfCOTY8IdX1cJ8KocAA8AwpwWGuk8HJDAVHTRN6R e/Sa5scSmUBEK6qLI0OTD1fxCSeahoV9qGlxo3YIuBceIhtuBnZbGzVyrAOMr2HZi/31 AkC7Qd42eN53aeA3gj9A9+PzD2s4WUCsudY+GitiU/i687oMdHmLFvEhcTojUglDE6xL Ro0sRS0lphN8TV3ZAWPj/j0qxMwsP6mGAbGA+BKjB/DRlaPeGBZh4RX2vPQxKigFVow+ 4V2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=NnaBA4DTf9m4F+3Ff2r8LklaC/CrxqUQvIJZVJPCgrE=; b=Wwt7ysIRTXZppLDp/6+gNnGVRkPSHd7aEzVbvyrgQPAcc6A7/8jP/HC42D7R6HWcPf kMiUOBeC+w834RwWegDxogUXzjsqQ5DjWhk9FAAVl0yg4t4tkRxH1cKBCv5P62MDFO2K TNrKkFmI2l2W2NJIl5wX8lk7ep0PjnONtZ0v1UXDOUwjvymGe+66j6X9TpoQWzgdFFAS 2KXRLOzM+kOAn40Zsz1nAZCEL2xLyiHbfhdA4Vtw3vSeN+GPvtHDhX8z+SLOr2St3edC 4GRvFhae4c3vfhNGBa/LEG+GAYYnrAnjqvMQQwx5Hq7f1ZJZFoMl0y7Jy3PhCekNG5mr IAxA== X-Gm-Message-State: AKwxytc+6eRu7KNHsf9mNnIW4WkJv9cDyQkGs1fd1fllLN9rgStxEBPG vRNMn4UnhMR6KdmVyP3OdCrnUApHlNN/jLgGSge3JQ== X-Received: by 10.99.126.86 with SMTP id o22mr1900563pgn.364.1516451866408; Sat, 20 Jan 2018 04:37:46 -0800 (PST) MIME-Version: 1.0 Received: by 10.236.140.151 with HTTP; Sat, 20 Jan 2018 04:37:25 -0800 (PST) In-Reply-To: <20180119140445.7b71846a087fccc4c05585db@linux-foundation.org> References: <001a114099b0994a5e0563282c1c@google.com> <20180119140445.7b71846a087fccc4c05585db@linux-foundation.org> From: Dmitry Vyukov Date: Sat, 20 Jan 2018 13:37:25 +0100 Message-ID: Subject: Re: BUG: unable to handle kernel paging request in memset_erms (2) To: Andrew Morton Cc: syzbot , alexander.deucher@amd.com, alsa-devel@alsa-project.org, Chris Wilson , David Miller , Greg Kroah-Hartman , LKML , mchehab@kernel.org, Ingo Molnar , Takashi Sakamoto , Jaroslav Kysela , syzkaller-bugs@googlegroups.com, Takashi Iwai Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 19, 2018 at 11:04 PM, Andrew Morton wrote: > On Fri, 19 Jan 2018 13:58:01 -0800 syzbot wrote: > >> Hello, >> >> syzbot hit the following crash on mmots commit >> 2164355612187e55e8d60a28d2cc6b2337841a7e (Fri Jan 19 01:07:54 2018 +0000) >> pci: test for unexpectedly disabled bridges >> >> So far this crash happened 2 times on mmots. >> C reproducer is attached. >> syzkaller reproducer is attached. >> Raw console output is attached. >> compiler: gcc (GCC) 7.1.1 20170620 >> .config is attached. >> >> IMPORTANT: if you fix the bug, please add the following tag to the commit: >> Reported-by: syzbot+29f08ad5cb6820798dfe@syzkaller.appspotmail.com >> It will help syzbot understand when the bug is fixed. See footer for >> details. >> If you forward the report, please keep this part and the footer. >> >> BUG: unable to handle kernel paging request at ffffc90001691000 >> IP: memset_erms+0x9/0x10 arch/x86/lib/memset_64.S:65 >> PGD 1dad2c067 P4D 1dad2c067 PUD 1dad2d067 PMD 1c6a8f067 PTE 0 >> Oops: 0002 [#1] SMP KASAN >> Dumping ftrace buffer: >> (ftrace buffer empty) >> Modules linked in: >> CPU: 1 PID: 5739 Comm: syzkaller592073 Not tainted 4.15.0-rc8-mm1+ #57 >> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS >> Google 01/01/2011 >> RIP: 0010:memset_erms+0x9/0x10 arch/x86/lib/memset_64.S:65 >> RSP: 0018:ffff8801cbbdfb78 EFLAGS: 00010246 >> RAX: fffff520002d3f00 RBX: ffffc90001691000 RCX: 000000000000ee51 >> RDX: 000000000000ee51 RSI: 0000000000000000 RDI: ffffc90001691000 >> RBP: ffff8801cbbdfb98 R08: fffff520002d3fcb R09: ffffc90001691000 >> R10: 0000000000001dcb R11: fffff520002d3fca R12: 000000000000ee51 >> R13: 0000000000000000 R14: 00007ffffffff000 R15: 000000002001be51 >> FS: 00007f88ae7d7700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 >> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 >> CR2: ffffc90001691000 CR3: 00000001ccefa005 CR4: 00000000001606e0 >> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 >> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 >> Call Trace: >> memset include/linux/string.h:329 [inline] >> _copy_from_user+0xe9/0x110 lib/usercopy.c:16 >> copy_from_user include/linux/uaccess.h:147 [inline] >> snd_pcm_oss_write1 sound/core/oss/pcm_oss.c:1347 [inline] >> snd_pcm_oss_write+0x438/0x880 sound/core/oss/pcm_oss.c:2659 >> __vfs_write+0xef/0x970 fs/read_write.c:480 >> vfs_write+0x189/0x510 fs/read_write.c:544 >> SYSC_write fs/read_write.c:589 [inline] >> SyS_write+0xef/0x220 fs/read_write.c:581 >> entry_SYSCALL_64_fastpath+0x29/0xa0 >> RIP: 0033:0x44a559 >> RSP: 002b:00007f88ae7d6da8 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 >> RAX: ffffffffffffffda RBX: 00000000006dcc24 RCX: 000000000044a559 >> RDX: 000000000000fe51 RSI: 000000002000c000 RDI: 0000000000000003 >> RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 >> R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc20 >> R13: 7073642f7665642f R14: 00800000c0045006 R15: 0000000000000001 >> Code: 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 >> 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 aa 4c 89 >> c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 >> RIP: memset_erms+0x9/0x10 arch/x86/lib/memset_64.S:65 RSP: ffff8801cbbdfb78 >> CR2: ffffc90001691000 >> ---[ end trace 8f421641f3e10f44 ]--- >> Kernel panic - not syncing: Fatal exception >> Dumping ftrace buffer: >> (ftrace buffer empty) >> Kernel Offset: disabled >> Rebooting in 86400 seconds.. > > It's hard to believe that the (four year old) > workaround-for-a-pci-restoring-bug.patch could cause this. Hi Andrew, This commit is not the guilty commit (not the result of bisection). It's just the commit on which testing was conducted (so that one can make sense out of the line numbers and also understand if it includes/excludes some related commits). If the current wording is unclear, we can improve it if one can suggest a more clear wording.