Received: by 10.223.185.116 with SMTP id b49csp1974413wrg; Thu, 22 Feb 2018 06:17:52 -0800 (PST) X-Google-Smtp-Source: AH8x226D22d54Jn9wLu+lEQYXrFFizv/coyp6RT+GRuKr+nH3wNvfoMx8DlBnMTncHKncId4xnjR X-Received: by 10.98.210.70 with SMTP id c67mr7052267pfg.164.1519309072309; Thu, 22 Feb 2018 06:17:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519309072; cv=none; d=google.com; s=arc-20160816; b=DTslmfWvFLFBxal3UEDM/OYzV5MQP2LhkBY/E0kRQ0cDm/p8/+7xzjC6P9k4tdFXf4 LzbumdUUS52+ufopE5WUODEiLBWNQcHH1b6qOzMCkuzJfagEjKye/LYNS8aBm26I3c0G y3XL9N/kb2R3IT1QXe/3hNXf7IuEs7GYuatZuXMrG1QDjdpaD0W7rjIObitXRmaufZCy 1S9owjSxOSkjg3EK0XAbl36XCyykZfV0KYnL5HayFudI+k6YX2UGPMhJ01btYe1AUG9X mTmirr/QtctcARzbQKCnpXSbCrCfCryTrkzImKwvQjrkS6SvN674Dq/ZW1j3rmOgcXAd tSOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:arc-authentication-results; bh=dX/kJc3H8o5FpFoqBta1YMlOj1fX+VEuRaXg+C7kmdk=; b=N03QZZ8yM2wojPsL1lPACXcwC2xJq3+0LzkZ+lVBwX9n2KUgCzS6tejyZxlzl3Mlxh YPHKR2EoDW+8cJ0JQ2QjnjbGlVoFGdaeHw1dTElgSQk2tj1MPa6PL/H/UK3dNE2G4voG 3VW4J7As8qHSPT4I3qn3xJU62tp9nZin4M0iCf9c3FAUwdboKzrnvaGSoiA+F/EuOzxj s+qY16wP3S5hDsBxMEfSrDSNQuinLNSSnCgc+vDQwJlliALCRRdHkWinsf3VAjsUCXPv VjXTHZOUCb3C7QeVkIQGoiR/iLmJ9jQa6p+8OcLVYProC3IWHFEC4GKDjB8xakpigEAU GOCg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x189si87927pgb.216.2018.02.22.06.17.37; Thu, 22 Feb 2018 06:17:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932714AbeBVOPT (ORCPT + 99 others); Thu, 22 Feb 2018 09:15:19 -0500 Received: from lhrrgout.huawei.com ([194.213.3.17]:27179 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932604AbeBVOPR (ORCPT ); Thu, 22 Feb 2018 09:15:17 -0500 Received: from LHREML712-CAH.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 11EB4A0799DE; Thu, 22 Feb 2018 14:15:14 +0000 (GMT) Received: from localhost.localdomain (10.122.225.51) by smtpsuk.huawei.com (10.201.108.35) with Microsoft SMTP Server (TLS) id 14.3.361.1; Thu, 22 Feb 2018 14:15:05 +0000 From: Igor Stoppa To: CC: , , , Igor Stoppa Subject: [PATCH 1/1] crash vmalloc_to_page() Date: Thu, 22 Feb 2018 16:13:24 +0200 Message-ID: <20180222141324.5696-2-igor.stoppa@huawei.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180222141324.5696-1-igor.stoppa@huawei.com> References: <20180222141324.5696-1-igor.stoppa@huawei.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.122.225.51] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org this patch, when used with the config file for 0day kernel test for i386, against 4.16-rc2, causes the following: ... [ 8.686470] [TTM] Initializing DMA pool allocator [ 8.691148] WARNING: CPU: 0 PID: 1 at mm/vmalloc.c:301 vmalloc_to_page+0x360/0x370 [ 8.692185] Modules linked in: [ 8.692599] CPU: 0 PID: 1 Comm: swapper Not tainted 4.16.0-rc2-00062-g79c0ef3e85c0-dirty #69 [ 8.693736] EIP: vmalloc_to_page+0x360/0x370 [ 8.694336] EFLAGS: 00210286 CPU: 0 [ 8.694808] EAX: 00000001 EBX: 80000190 ECX: 00000000 EDX: 00000001 [ 8.695621] ESI: 00000001 EDI: 82473630 EBP: 951f7a70 ESP: 951f7a58 [ 8.696436] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 [ 8.697139] CR0: 80050033 CR2: 00000000 CR3: 02477000 CR4: 000006b0 [ 8.697965] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 [ 8.698780] DR6: fffe0ff0 DR7: 00000400 [ 8.699287] Call Trace: [ 8.699624] find_vm_area+0x75/0x90 [ 8.700126] ? kfree+0x4bb/0x4d0 [ 8.700577] iounmap+0x57/0x1b0 [ 8.700742] ttm_mem_reg_iounmap+0x67/0x70 [ 8.700742] ttm_bo_move_memcpy+0x3e1/0x6a0 [ 8.700742] ? unmap_mapping_pages+0x91/0x160 [ 8.700742] ttm_bo_handle_move_mem+0x4ed/0x510 [ 8.700742] ? ttm_bo_mem_space+0x53f/0x5d0 [ 8.700742] ttm_bo_validate+0x22f/0x290 [ 8.700742] bochs_bo_pin+0x1c1/0x230 [ 8.700742] bochsfb_create+0x249/0x500 [ 8.700742] __drm_fb_helper_initial_config_and_unlock+0x2b1/0x5e0 [ 8.700742] drm_fb_helper_initial_config+0x52/0x60 [ 8.700742] bochs_fbdev_init+0xc4/0xf0 [ 8.700742] bochs_load+0xe3/0xf0 [ 8.700742] drm_dev_register+0x155/0x2d0 [ 8.700742] ? pci_enable_device_flags+0x179/0x1f0 [ 8.700742] drm_get_pci_dev+0x10b/0x270 [ 8.700742] bochs_pci_probe+0xfc/0x150 [ 8.700742] pci_device_probe+0x113/0x1c0 [ 8.700742] ? devices_kset_move_last+0xd0/0x150 [ 8.700742] driver_probe_device+0x566/0x830 [ 8.700742] ? pci_match_id+0x9/0xd0 [ 8.700742] ? pci_match_device+0x12d/0x150 [ 8.700742] __driver_attach+0x1b9/0x230 [ 8.700742] ? driver_probe_device+0x830/0x830 [ 8.700742] bus_for_each_dev+0x6f/0xc0 [ 8.700742] driver_attach+0x1e/0x20 [ 8.700742] ? driver_probe_device+0x830/0x830 [ 8.700742] bus_add_driver+0x227/0x3e0 [ 8.700742] ? pci_bus_num_vf+0x20/0x20 [ 8.700742] driver_register+0xa4/0x190 [ 8.700742] ? vgem_init+0x34f/0x34f [ 8.700742] __pci_register_driver+0x50/0x60 [ 8.700742] bochs_init+0x44/0x46 [ 8.700742] do_one_initcall+0x4d/0x200 [ 8.700742] ? parse_args+0x243/0x4b0 [ 8.700742] ? kernel_init_freeable+0xc9/0x19f [ 8.700742] kernel_init_freeable+0xe6/0x19f [ 8.700742] ? rest_init+0x140/0x140 [ 8.700742] kernel_init+0x10/0x180 [ 8.700742] ? schedule_tail_wrapper+0x9/0xc [ 8.700742] ret_from_fork+0x2e/0x38 [ 8.700742] Code: 0c 89 c1 5b 0f ac d1 0c 8d 04 89 8d 04 c6 5e 5f 5d c3 89 f6 8d bc 27 00 00 00 00 0f 0b 8d b6 00 00 00 00 0f 0b e9 7d fd ff ff 90 <0f> 0b e9 9c fe ff ff 89 f6 8d bc 27 00 00 00 00 55 89 e5 e8 7c [ 8.700742] ---[ end trace dd335d17375dacda ]--- [ 8.726216] struct page = (null) [ 8.726523] bochs-drm 0000:00:02.0: fb0: bochsdrmfb frame buffer device [ 8.727887] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 1 ... --- mm/vmalloc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mm/vmalloc.c b/mm/vmalloc.c index 673942094328..7bd188947ffd 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c @@ -1469,8 +1469,11 @@ struct vm_struct *find_vm_area(const void *addr) struct vmap_area *va; va = find_vmap_area((unsigned long)addr); - if (va && va->flags & VM_VM_AREA) + if (va && va->flags & VM_VM_AREA) { + if (is_vmalloc_addr(addr)) + pr_err("struct page = %p", vmalloc_to_page(addr)); return va->vm; + } return NULL; } -- 2.14.1