Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp728364ybx; Wed, 6 Nov 2019 07:34:04 -0800 (PST) X-Google-Smtp-Source: APXvYqwO/ekR4DanC/mmEUnDrCGrT2jZpmWSRxmVE7mGmnOSU2No49XHGuAznjyZZYHCxjC5w9zJ X-Received: by 2002:a50:cd53:: with SMTP id d19mr3320142edj.197.1573054444746; Wed, 06 Nov 2019 07:34:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573054444; cv=none; d=google.com; s=arc-20160816; b=UAYq+U2MUz3NBlTFhEAo8zEPqZviTHGs69NDhGYAQ/ZQUFNnPo5nQ5ndXyZGTcgLO5 S+Vt0yRQMtsBTeXDsVu+S56s7DSQe0Yw6DuSdbFLQObhfqvsQObweT84EfET7ek+ZKB+ pNQDkSyRq9Ato5NMYj3jITRN6BY51Vp7RAoN6Mk5396zdVyX6jNNgB7zq923WbDUr4JU kdQpEQt9VjdLCULr1bVxOcDONn6J4t+zn3r+pBVdek5Q1r/2TXd3r3Vch3tph8CjxEtd i8XTlQSfYIeS7g3gsxtpSFMLC+sZUX6mQrNyFxv3h7YbmnYas5uSk7C3RDf1MCV+5sJj KAtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=ZfcZe9oAWNS5cY+zOKEHcifoIj+GXmX62KAGJO2tELE=; b=JVbKO0gMHByYX7tPIhLZa5sffDdEAJqE+FWVV2eYiOkk9iorgvp/Jc1aPO1alyTjTz fXoxseP/hS2dULyXJdnV1SPeepOABaMAQlH68AWmjZaKKbZequk/gmpBaBhATQnGJGFO DQYDQ7BW/c3c7zQUX6eviSv/Zd0Ij5KXEWuo7pKRlSgH5FKJCChg2LqrByudhXrdmEtN hgQ8wtATJrZTAj0xSnU8FaeDh8zbzY64cMEsD02CsUeamNHuz42XAcjg9C1O6iNNnzoh MYD4hDWjeyEbX/y8zS9fEettt0AhrRyruMHnUqa3ONtnbQCPg9P41WaZcWIQcr885KX4 dlSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ffwll.ch header.s=google header.b=ksjGv+rD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f36si12540567ede.159.2019.11.06.07.33.40; Wed, 06 Nov 2019 07:34:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@ffwll.ch header.s=google header.b=ksjGv+rD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727321AbfKFPbg (ORCPT + 99 others); Wed, 6 Nov 2019 10:31:36 -0500 Received: from mail-ot1-f65.google.com ([209.85.210.65]:41914 "EHLO mail-ot1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726926AbfKFPbg (ORCPT ); Wed, 6 Nov 2019 10:31:36 -0500 Received: by mail-ot1-f65.google.com with SMTP id 94so21135090oty.8 for ; Wed, 06 Nov 2019 07:31:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ffwll.ch; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZfcZe9oAWNS5cY+zOKEHcifoIj+GXmX62KAGJO2tELE=; b=ksjGv+rDVrfFKq4SrfX25KHYUoZD40eY/vdrA1L1rRwKvhWwyM/U8/0JTcSouughJ2 ShNHkRzqbWvGVvZJRJImFTkTpOhBDsvVSyZYEHXjAxs0Z9Ye62gnr6g17tOHWJ979lRD fQVdCoTe2+R8x57FHmFv0U/56bzLXn6zpcrTQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZfcZe9oAWNS5cY+zOKEHcifoIj+GXmX62KAGJO2tELE=; b=XxJ1VppoOt8AW633CplXr2kSyd9lFmQbpWAAUX2VjS1fpyJhB+v2TM5u+Dhnu4Jl8N ZSmvkBNwOVz1JPgIAJ3MUN9ZtAA/O4Tz+qUUAu1EauHwB0RKfzvvwBSBhL0XtMdy6GfQ RZKwhPTG+zK187gp33qbHdypwfQdKUya5a4QgD10M2GBjdbwx64WSQjgX0IN0U4zpZkR lt+L5bT8kWr5rmWV4F5aSGoTwxH9wgtmgPtmdVO4hzfDiAxU4zc8TnH0TiM4OmT/pA7n 2ta6LXcimaEvbiE6+QXv+JJpgI6BcP1SEmhZqMpQiTbdHzD4iAOej31sAuEt5EMeYxEx NTug== X-Gm-Message-State: APjAAAWacWXutrz66kLyWNJlgUBSnA10vuRHhtN34LE0eltAMycB4Y0c osUQQuNCm5h4p+bsESMSNiLwTs0VKr174vnRmm/U4g== X-Received: by 2002:a9d:6343:: with SMTP id y3mr2195352otk.106.1573053846999; Wed, 06 Nov 2019 07:24:06 -0800 (PST) MIME-Version: 1.0 References: <000000000000b2de3a0594d8b4ca@google.com> <00000000000012ff570596af15cc@google.com> In-Reply-To: <00000000000012ff570596af15cc@google.com> From: Daniel Vetter Date: Wed, 6 Nov 2019 16:23:55 +0100 Message-ID: Subject: Re: WARNING in drm_mode_createblob_ioctl To: syzbot Cc: Dave Airlie , Andrew Morton , dri-devel , Dmitry Vyukov , Kees Cook , Linux Kernel Mailing List , Maarten Lankhorst , Maxime Ripard , Sean Paul , Stephen Rothwell , syzkaller-bugs , Al Viro Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Nov 6, 2019 at 4:20 PM syzbot wrote: > > syzbot has bisected this bug to: > > commit 9e5a64c71b2f70ba530f8156046dd7dfb8a7a0ba > Author: Kees Cook > Date: Mon Nov 4 22:57:23 2019 +0000 > > uaccess: disallow > INT_MAX copy sizes Ah cool, this explains it. fwiw I never managed to get the WARNING in the backtrace to lign up with any code. No idea what's been going on. I'll type a patch to paper over this. -Daniel > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=125fe6dce00000 > start commit: 51309b9d Add linux-next specific files for 20191105 > git tree: linux-next > final crash: https://syzkaller.appspot.com/x/report.txt?x=115fe6dce00000 > console output: https://syzkaller.appspot.com/x/log.txt?x=165fe6dce00000 > kernel config: https://syzkaller.appspot.com/x/.config?x=a9b1a641c1f1fc52 > dashboard link: https://syzkaller.appspot.com/bug?extid=fb77e97ebf0612ee6914 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1212dc3ae00000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=145f604ae00000 > > Reported-by: syzbot+fb77e97ebf0612ee6914@syzkaller.appspotmail.com > Fixes: 9e5a64c71b2f ("uaccess: disallow > INT_MAX copy sizes") > > For information about bisection process see: https://goo.gl/tpsmEJ#bisection -- Daniel Vetter Software Engineer, Intel Corporation +41 (0) 79 365 57 48 - http://blog.ffwll.ch