Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1282706yba; Thu, 4 Apr 2019 07:48:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqwh6I5zAaJ9GB9e8Hap4vrmxhBF07qmkI74P3enjxEhdgzA84wXfYvFrm+vByC/erTOMA/Y X-Received: by 2002:a65:5ac3:: with SMTP id d3mr6473006pgt.168.1554389288588; Thu, 04 Apr 2019 07:48:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554389288; cv=none; d=google.com; s=arc-20160816; b=GHF2ktBBxMDFlbSALtOBdCKRYMaqaD8vxNWXlhPsUU8wn64rb8RbqxfJFdMRDhxi83 p/abg7OlB8xwS83tvlmm564ON1LzunrpzP6pS3RKjhszV3Uu3wIGPxD6kVtROUhV/uzo kg5iH0lzaDAIeT5fWdqUhgUmUP4Twpgonp7KEekxZip1UviLUkOJdrgNmwmB8forGNOP B8KkOQNZ9c+K5vxVJMQpB/EBmuUPuglqDpHZmjbkQh9jjUsXVBEKLeyY6cNj1ReHAkKm b7kcUYu9lVK4weqlz+WDgkA7Uqi0qxF8M4jH/CJhWPn2ZivqH/32tgxXpsvw9uMCYOMk KA5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=Ta2RvN4wePGlNokewK6TDhJiHr5vI+uy2KtuMR77OUA=; b=Ks+G5AaXC6EQqyt8hEpCX3U8D5MhLHd8GuA34Z5d/hddRWhvMCJ2Nxlc2YhIHc0XWu zc9CIqhxuQYf9MeAC3vNPg4s6OtbvsFQz9cPNJ4EHHmufYlpStBEQCHxHjz9t5WgspXT nxngM9u5bpjBNQl74M/UFqrdH5yj/ju8tSFgla+blBp4xf9Lli6534drV5dl3csm24Cu C/sZP0PHWaqlit7vClD3AapyJgxUbh2+6C95XzbpKp8xDwvfljDFkWA4MUPQV4TRPOe/ ruEW3AuE1yW9QAHOSq767Hx8wBm36HZ/bnbcNXGvWqWLJ2WwiAZB9Els5Q69sJBzKJbp OzCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=h8qEun+7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f1si15682358pgv.418.2019.04.04.07.47.52; Thu, 04 Apr 2019 07:48:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=h8qEun+7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729409AbfDDOrO (ORCPT + 99 others); Thu, 4 Apr 2019 10:47:14 -0400 Received: from mail-vk1-f194.google.com ([209.85.221.194]:37303 "EHLO mail-vk1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729257AbfDDOrN (ORCPT ); Thu, 4 Apr 2019 10:47:13 -0400 Received: by mail-vk1-f194.google.com with SMTP id o187so684269vkg.4 for ; Thu, 04 Apr 2019 07:47:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=Ta2RvN4wePGlNokewK6TDhJiHr5vI+uy2KtuMR77OUA=; b=h8qEun+7IXgcs5rxuFQKR0vf6mXbu2eWiFZx1783Ow/nbqm7FglwnZxOehBfoUCOHb SCUdy0Ac3nZl4jJbTHTZ1IpkOcXwHZnatFINHbRktOhCZb6SSZ6rbaoTKoqxvdqG7m+C yVb+dNdd63khbqLcJOUs7OW+UgZQrQ0nIoxp9GOlrSMwkPk6tHu8tmblS6RZo7UL1TEi tlzi6izkVc6fJMs7YHQ5FO2MjwPPToAPxnalnAyVTT9e+MpRrgYIQz6pHXWUh8C6TQiC x2/IbeOXFyv4Xv/kOQxVIBPwqhJC0v/tw2ggEXnDdHknMA+3T/2c8RtiKK+jJLCk1cTc QmEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=Ta2RvN4wePGlNokewK6TDhJiHr5vI+uy2KtuMR77OUA=; b=aaaawNiY1v/PUWuL69csN30nQeSy97O1JJ1aXsUqhDJI0rABktq/6p69ZKmZJAA2I/ mNqY9BW3uM8UnGzfvytMwR8bg63TGRRcm+bfVKfAedHjKXMpp+jZ7Nb1MqaUYvSD605V Me7i7BGhnQwIp31S3J42mrubPqA4Nu4IvRFJ12V0jWJZea0xhWokjhw4m/oyOkHmzvkC EkN42rz+gZ9UFA9icTEZXJd81JWplD9BZY2czoTyth7odIEYLq4Na/BtL0C69VkU9wDn mbUD6yM7LoDpLjfQZO5A0PWtRnlgrcR0kfsWKjtJGbAezvVEpo6LFVo1JqdvUboyeJVC uZVA== X-Gm-Message-State: APjAAAXFHTCbX4Oi1Y7jrFuaUgnNoiPv9AsbLjMvRE38VF/srLrOSLe/ yRmvar1weH4RrKCs+25kPJ7hjMC2WOcAKWv4uzfN6A== X-Received: by 2002:a1f:4c3:: with SMTP id 186mr4234902vke.26.1554389232463; Thu, 04 Apr 2019 07:47:12 -0700 (PDT) MIME-Version: 1.0 References: <0000000000001c2b95057ad0935b@google.com> <000000000000462a4105848c8e12@google.com> In-Reply-To: <000000000000462a4105848c8e12@google.com> From: Alexander Potapenko Date: Thu, 4 Apr 2019 16:47:00 +0200 Message-ID: Subject: Re: kernel BUG at arch/x86/mm/physaddr.c:LINE! (2) To: syzbot Cc: David Miller , hverkuil@xs4all.nl, linux-can@vger.kernel.org, LKML , linux-media@vger.kernel.org, mchehab@kernel.org, mchehab@s-opensource.com, mkl@pengutronix.de, Networking , socketcan@hartkopp.net, syzkaller-bugs Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 20, 2019 at 9:35 PM syzbot wrote: > > syzbot has bisected this bug to: > > commit 6d469a202ee73196d0df76025af80bd6a379e658 > Author: Mauro Carvalho Chehab > Date: Sun May 14 17:07:21 2017 +0000 > > Merge tag 'v4.12-rc1' into patchwork > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=3D12639fd720= 0000 > start commit: 6d469a20 Merge tag 'v4.12-rc1' into patchwork > git tree: upstream > final crash: https://syzkaller.appspot.com/x/report.txt?x=3D15639fd720= 0000 > console output: https://syzkaller.appspot.com/x/log.txt?x=3D11639fd720000= 0 > kernel config: https://syzkaller.appspot.com/x/.config?x=3Dd86f24333880b= 605 > dashboard link: https://syzkaller.appspot.com/bug?extid=3D6c0effb5877f6b0= 344e2 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=3D1312062b400= 000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=3D131bd09340000= 0 > > Reported-by: syzbot+6c0effb5877f6b0344e2@syzkaller.appspotmail.com > Fixes: 6d469a20 ("Merge tag 'v4.12-rc1' into patchwork") > > -- > You received this message because you are subscribed to the Google Groups= "syzkaller-bugs" group. > To unsubscribe from this group and stop receiving emails from it, send an= email to syzkaller-bugs+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgi= d/syzkaller-bugs/000000000000462a4105848c8e12%40google.com. > For more options, visit https://groups.google.com/d/optout. I believe this bug is caused by vivid_vid_cap_s_selection() calling kfree(dev->bitmap_cap). This makes little sense, as dev->bitmap_cap seems to be allocated using vzalloc(). --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg