[syzbot] general protection fault in try_grab_compound_head
34 views
Skip to first unread message
syzbot
Jul 3, 2021, 11:41:16āÆAM7/3/21
to ak...@linux-foundation.org, linux-...@vger.kernel.org, linu...@kvack.org, syzkall...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3dbdb38e Merge branch 'for-5.14' of git://git.kernel.org/p..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16758ac4300000
kernel config: https://syzkaller.appspot.com/x/.config?x=a1fcf15a09815757
dashboard link: https://syzkaller.appspot.com/bug?extid=a3fcd59df1b372066f5a
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11a856c4300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1582c9d8300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a3fcd5...@syzkaller.appspotmail.com
general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
CPU: 0 PID: 8484 Comm: syz-executor116 Tainted: G W 5.13.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:page_zonenum include/linux/mm.h:1121 [inline]
RIP: 0010:is_zone_movable_page include/linux/mm.h:1140 [inline]
RIP: 0010:is_pinnable_page include/linux/mm.h:1556 [inline]
RIP: 0010:try_grab_compound_head mm/gup.c:126 [inline]
RIP: 0010:try_grab_compound_head+0x686/0x8f0 mm/gup.c:113
Code: e9 16 fe ff ff e8 0a fe cc ff 0f 0b 45 31 e4 e9 07 fe ff ff e8 fb fd cc ff 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 44 02 00 00 48 8b 2b bf 03 00 00 00 49 bc 00 00
RSP: 0018:ffffc900017df7e8 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff81a88c35 RDI: 0000000000000003
RBP: 0000000000010000 R08: 0000000000000000 R09: 0000000000000003
R10: ffffffff81a8862b R11: 000000000000003f R12: 0000000000040000
R13: ffff88803ac03ff8 R14: 0000000000000000 R15: dffffc0000000000
FS: 00000000005a5300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000084 CR3: 0000000021f85000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
follow_hugetlb_page+0x7bf/0x12c0 mm/hugetlb.c:5248
__get_user_pages+0x5d8/0x1490 mm/gup.c:1137
__get_user_pages_locked mm/gup.c:1352 [inline]
__gup_longterm_locked+0x216/0xfa0 mm/gup.c:1745
pin_user_pages+0x84/0xc0 mm/gup.c:2900
io_sqe_buffer_register+0x24e/0x1350 fs/io_uring.c:8381
io_sqe_buffers_register+0x29c/0x620 fs/io_uring.c:8508
__io_uring_register fs/io_uring.c:10129 [inline]
__do_sys_io_uring_register+0x1049/0x2880 fs/io_uring.c:10254
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x43ef49
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffea3542188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000043ef49
RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000402f30 R08: 0000000010000000 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402fc0
R13: 0000000000000000 R14: 00000000004ac018 R15: 0000000000400488
Modules linked in:
---[ end trace e3fc885187db8a03 ]---
RIP: 0010:page_zonenum include/linux/mm.h:1121 [inline]
RIP: 0010:is_zone_movable_page include/linux/mm.h:1140 [inline]
RIP: 0010:is_pinnable_page include/linux/mm.h:1556 [inline]
RIP: 0010:try_grab_compound_head mm/gup.c:126 [inline]
RIP: 0010:try_grab_compound_head+0x686/0x8f0 mm/gup.c:113
Code: e9 16 fe ff ff e8 0a fe cc ff 0f 0b 45 31 e4 e9 07 fe ff ff e8 fb fd cc ff 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 44 02 00 00 48 8b 2b bf 03 00 00 00 49 bc 00 00
RSP: 0018:ffffc900017df7e8 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff81a88c35 RDI: 0000000000000003
RBP: 0000000000010000 R08: 0000000000000000 R09: 0000000000000003
R10: ffffffff81a8862b R11: 000000000000003f R12: 0000000000040000
R13: ffff88803ac03ff8 R14: 0000000000000000 R15: dffffc0000000000
FS: 00000000005a5300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000084 CR3: 0000000021f85000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 3dbdb38e Merge branch 'for-5.14' of git://git.kernel.org/p..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16758ac4300000
kernel config: https://syzkaller.appspot.com/x/.config?x=a1fcf15a09815757
dashboard link: https://syzkaller.appspot.com/bug?extid=a3fcd59df1b372066f5a
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11a856c4300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1582c9d8300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a3fcd5...@syzkaller.appspotmail.com
general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
CPU: 0 PID: 8484 Comm: syz-executor116 Tainted: G W 5.13.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:page_zonenum include/linux/mm.h:1121 [inline]
RIP: 0010:is_zone_movable_page include/linux/mm.h:1140 [inline]
RIP: 0010:is_pinnable_page include/linux/mm.h:1556 [inline]
RIP: 0010:try_grab_compound_head mm/gup.c:126 [inline]
RIP: 0010:try_grab_compound_head+0x686/0x8f0 mm/gup.c:113
Code: e9 16 fe ff ff e8 0a fe cc ff 0f 0b 45 31 e4 e9 07 fe ff ff e8 fb fd cc ff 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 44 02 00 00 48 8b 2b bf 03 00 00 00 49 bc 00 00
RSP: 0018:ffffc900017df7e8 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff81a88c35 RDI: 0000000000000003
RBP: 0000000000010000 R08: 0000000000000000 R09: 0000000000000003
R10: ffffffff81a8862b R11: 000000000000003f R12: 0000000000040000
R13: ffff88803ac03ff8 R14: 0000000000000000 R15: dffffc0000000000
FS: 00000000005a5300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000084 CR3: 0000000021f85000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
follow_hugetlb_page+0x7bf/0x12c0 mm/hugetlb.c:5248
__get_user_pages+0x5d8/0x1490 mm/gup.c:1137
__get_user_pages_locked mm/gup.c:1352 [inline]
__gup_longterm_locked+0x216/0xfa0 mm/gup.c:1745
pin_user_pages+0x84/0xc0 mm/gup.c:2900
io_sqe_buffer_register+0x24e/0x1350 fs/io_uring.c:8381
io_sqe_buffers_register+0x29c/0x620 fs/io_uring.c:8508
__io_uring_register fs/io_uring.c:10129 [inline]
__do_sys_io_uring_register+0x1049/0x2880 fs/io_uring.c:10254
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x43ef49
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffea3542188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000043ef49
RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000402f30 R08: 0000000010000000 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402fc0
R13: 0000000000000000 R14: 00000000004ac018 R15: 0000000000400488
Modules linked in:
---[ end trace e3fc885187db8a03 ]---
RIP: 0010:page_zonenum include/linux/mm.h:1121 [inline]
RIP: 0010:is_zone_movable_page include/linux/mm.h:1140 [inline]
RIP: 0010:is_pinnable_page include/linux/mm.h:1556 [inline]
RIP: 0010:try_grab_compound_head mm/gup.c:126 [inline]
RIP: 0010:try_grab_compound_head+0x686/0x8f0 mm/gup.c:113
Code: e9 16 fe ff ff e8 0a fe cc ff 0f 0b 45 31 e4 e9 07 fe ff ff e8 fb fd cc ff 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 44 02 00 00 48 8b 2b bf 03 00 00 00 49 bc 00 00
RSP: 0018:ffffc900017df7e8 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff81a88c35 RDI: 0000000000000003
RBP: 0000000000010000 R08: 0000000000000000 R09: 0000000000000003
R10: ffffffff81a8862b R11: 000000000000003f R12: 0000000000040000
R13: ffff88803ac03ff8 R14: 0000000000000000 R15: dffffc0000000000
FS: 00000000005a5300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000084 CR3: 0000000021f85000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Jul 3, 2021, 4:24:07āÆPM7/3/21
to ak...@linux-foundation.org, b...@alien8.de, h...@zytor.com, jmat...@google.com, jo...@8bytes.org, k...@vger.kernel.org, linux-...@vger.kernel.org, linu...@kvack.org, mark.r...@arm.com, masa...@kernel.org, mi...@redhat.com, pbon...@redhat.com, pet...@infradead.org, rafael.j...@intel.com, ros...@goodmis.org, sea...@google.com, sedat...@gmail.com, syzkall...@googlegroups.com, tg...@linutronix.de, vi...@massaru.org, vkuz...@redhat.com, wanp...@tencent.com, wi...@kernel.org, x...@kernel.org
syzbot has bisected this issue to:
commit 997acaf6b4b59c6a9c259740312a69ea549cc684
Author: Mark Rutland <mark.r...@arm.com>
Date: Mon Jan 11 15:37:07 2021 +0000
lockdep: report broken irq restoration
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=16fbcec4300000
start commit: 3dbdb38e Merge branch 'for-5.14' of git://git.kernel.org/p..
git tree: upstream
final oops: https://syzkaller.appspot.com/x/report.txt?x=15fbcec4300000
console output: https://syzkaller.appspot.com/x/log.txt?x=11fbcec4300000
Fixes: 997acaf6b4b5 ("lockdep: report broken irq restoration")
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit 997acaf6b4b59c6a9c259740312a69ea549cc684
Author: Mark Rutland <mark.r...@arm.com>
Date: Mon Jan 11 15:37:07 2021 +0000
lockdep: report broken irq restoration
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=16fbcec4300000
start commit: 3dbdb38e Merge branch 'for-5.14' of git://git.kernel.org/p..
git tree: upstream
final oops: https://syzkaller.appspot.com/x/report.txt?x=15fbcec4300000
console output: https://syzkaller.appspot.com/x/log.txt?x=11fbcec4300000
kernel config: https://syzkaller.appspot.com/x/.config?x=a1fcf15a09815757
dashboard link: https://syzkaller.appspot.com/bug?extid=a3fcd59df1b372066f5a
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11a856c4300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1582c9d8300000
Reported-by: syzbot+a3fcd5...@syzkaller.appspotmail.com
dashboard link: https://syzkaller.appspot.com/bug?extid=a3fcd59df1b372066f5a
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11a856c4300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1582c9d8300000
Fixes: 997acaf6b4b5 ("lockdep: report broken irq restoration")
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot
Jul 3, 2021, 6:03:12āÆPM7/3/21
to ay...@disroot.org, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
registered new interface driver bcm203x
[ 13.301034][ T1] usbcore: registered new interface driver bpa10x
[ 13.308017][ T1] usbcore: registered new interface driver bfusb
[ 13.314849][ T1] usbcore: registered new interface driver btusb
[ 13.322003][ T1] usbcore: registered new interface driver ath3k
[ 13.328931][ T1] CAPI 2.0 started up with major 68 (middleware)
[ 13.335287][ T1] Modular ISDN core version 1.1.29
[ 13.340991][ T1] NET: Registered PF_ISDN protocol family
[ 13.346943][ T1] DSP module 2.0
[ 13.350527][ T1] mISDN_dsp: DSP clocks every 80 samples. This equals 1 jiffies.
[ 13.370691][ T1] mISDN: Layer-1-over-IP driver Rev. 2.00
[ 13.377317][ T1] 0 virtual devices registered
[ 13.382446][ T1] usbcore: registered new interface driver HFC-S_USB
[ 13.389303][ T1] intel_pstate: CPU model not supported
[ 13.395099][ T1] VUB300 Driver rom wait states = 1C irqpoll timeout = 0400
[ 13.396209][ T1] usbcore: registered new interface driver vub300
[ 13.410329][ T1] usbcore: registered new interface driver ushc
[ 13.421894][ T1] iscsi: registered transport (iser)
[ 13.428981][ T1] SoftiWARP attached
[ 13.433140][ T1] Driver 'framebuffer' was unable to register with bus_type 'coreboot' because the bus was not initialized.
[ 13.444821][ T1] Driver 'memconsole' was unable to register with bus_type 'coreboot' because the bus was not initialized.
[ 13.456458][ T1] Driver 'vpd' was unable to register with bus_type 'coreboot' because the bus was not initialized.
[ 13.475021][ T1] hid: raw HID events driver (C) Jiri Kosina
[ 13.522124][ T1] usbcore: registered new interface driver usbhid
[ 13.529333][ T1] usbhid: USB HID core driver
[ 13.535897][ T1] usbcore: registered new interface driver es2_ap_driver
[ 13.544240][ T1] comedi: version 0.7.76 - http://www.comedi.org
[ 13.551160][ T1] usbcore: registered new interface driver dt9812
[ 13.557922][ T1] usbcore: registered new interface driver ni6501
[ 13.564770][ T1] usbcore: registered new interface driver usbdux
[ 13.571958][ T1] usbcore: registered new interface driver usbduxfast
[ 13.579084][ T1] usbcore: registered new interface driver usbduxsigma
[ 13.586364][ T1] usbcore: registered new interface driver vmk80xx
[ 13.593436][ T1] usbcore: registered new interface driver prism2_usb
[ 13.600646][ T1] usbcore: registered new interface driver r8712u
[ 13.607706][ T1] ashmem: initialized
[ 13.611893][ T1] greybus: registered new driver hid
[ 13.617539][ T1] greybus: registered new driver gbphy
[ 13.623204][ T1] gb_gbphy: registered new driver usb
[ 13.628767][ T1] asus_wmi: ASUS WMI generic driver loaded
[ 13.692019][ T1] usbcore: registered new interface driver snd-usb-audio
[ 13.700225][ T1] usbcore: registered new interface driver snd-ua101
[ 13.707332][ T1] usbcore: registered new interface driver snd-usb-usx2y
[ 13.716376][ T1] usbcore: registered new interface driver snd-usb-us122l
[ 13.724750][ T1] usbcore: registered new interface driver snd-usb-caiaq
[ 13.732802][ T1] usbcore: registered new interface driver snd-usb-6fire
[ 13.740136][ T1] usbcore: registered new interface driver snd-usb-hiface
[ 13.747557][ T1] usbcore: registered new interface driver snd-bcd2000
[ 13.754692][ T1] usbcore: registered new interface driver snd_usb_pod
[ 13.761860][ T1] usbcore: registered new interface driver snd_usb_podhd
[ 13.769207][ T1] usbcore: registered new interface driver snd_usb_toneport
[ 13.776810][ T1] usbcore: registered new interface driver snd_usb_variax
[ 13.784465][ T1] drop_monitor: Initializing network drop monitor service
[ 13.792116][ T1] NET: Registered PF_LLC protocol family
[ 13.797781][ T1] GACT probability on
[ 13.802092][ T1] Mirror/redirect action on
[ 13.806727][ T1] Simple TC action Loaded
[ 13.813065][ T1] netem: version 1.3
[ 13.817280][ T1] u32 classifier
[ 13.820851][ T1] Performance counters on
[ 13.825506][ T1] input device check on
[ 13.830012][ T1] Actions configured
[ 13.835731][ T1] nf_conntrack_irc: failed to register helpers
[ 13.841962][ T1] nf_conntrack_sane: failed to register helpers
[ 13.866685][ T1] nf_conntrack_sip: failed to register helpers
[ 13.876100][ T1] xt_time: kernel timezone is -0000
[ 13.881442][ T1] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[ 13.888658][ T1] IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
[ 13.897076][ T1] IPVS: ipvs loaded.
[ 13.901034][ T1] IPVS: [rr] scheduler registered.
[ 13.906127][ T1] IPVS: [wrr] scheduler registered.
[ 13.911423][ T1] IPVS: [lc] scheduler registered.
[ 13.918713][ T1] IPVS: [wlc] scheduler registered.
[ 13.924150][ T1] IPVS: [fo] scheduler registered.
[ 13.929535][ T1] IPVS: [ovf] scheduler registered.
[ 13.934971][ T1] IPVS: [lblc] scheduler registered.
[ 13.940345][ T1] IPVS: [lblcr] scheduler registered.
[ 13.946113][ T1] IPVS: [dh] scheduler registered.
[ 13.951450][ T1] IPVS: [sh] scheduler registered.
[ 13.956554][ T1] IPVS: [mh] scheduler registered.
[ 13.961776][ T1] IPVS: [sed] scheduler registered.
[ 13.966970][ T1] IPVS: [nq] scheduler registered.
[ 13.972128][ T1] IPVS: [twos] scheduler registered.
[ 13.977413][ T1] IPVS: [sip] pe registered.
[ 13.982247][ T1] ipip: IPv4 and MPLS over IPv4 tunneling driver
[ 13.990341][ T1] gre: GRE over IPv4 demultiplexor driver
[ 13.996079][ T1] ip_gre: GRE over IPv4 tunneling driver
[ 14.007441][ T1] IPv4 over IPsec tunneling driver
[ 14.015447][ T1] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[ 14.023003][ T1] Initializing XFRM netlink socket
[ 14.028328][ T1] IPsec XFRM device driver
[ 14.034211][ T1] NET: Registered PF_INET6 protocol family
[ 14.047579][ T1] Segment Routing with IPv6
[ 14.052320][ T1] RPL Segment Routing with IPv6
[ 14.057729][ T1] mip6: Mobile IPv6
[ 14.064421][ T1] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
[ 14.074529][ T1] ip6_gre: GRE over IPv6 tunneling driver
[ 14.081776][ T1] NET: Registered PF_PACKET protocol family
[ 14.087728][ T1] NET: Registered PF_KEY protocol family
[ 14.093721][ T1] Bridge firewalling registered
[ 14.099410][ T1] NET: Registered PF_X25 protocol family
[ 14.105230][ T1] X25: Linux Version 0.2
[ 14.133761][ T1] NET: Registered PF_NETROM protocol family
[ 14.168585][ T1] NET: Registered PF_ROSE protocol family
[ 14.174438][ T1] NET: Registered PF_AX25 protocol family
[ 14.180325][ T1] can: controller area network core
[ 14.185833][ T1] NET: Registered PF_CAN protocol family
[ 14.191679][ T1] can: raw protocol
[ 14.195746][ T1] can: broadcast manager protocol
[ 14.200909][ T1] can: netlink gateway - max_hops=1
[ 14.206533][ T1] can: SAE J1939
[ 14.210192][ T1] can: isotp protocol
[ 14.214465][ T1] Bluetooth: RFCOMM TTY layer initialized
[ 14.220224][ T1] Bluetooth: RFCOMM socket layer initialized
[ 14.226354][ T1] Bluetooth: RFCOMM ver 1.11
[ 14.231194][ T1] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[ 14.237356][ T1] Bluetooth: BNEP filters: protocol multicast
[ 14.243456][ T1] Bluetooth: BNEP socket layer initialized
[ 14.249476][ T1] Bluetooth: CMTP (CAPI Emulation) ver 1.0
[ 14.255308][ T1] Bluetooth: CMTP socket layer initialized
[ 14.261110][ T1] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[ 14.267876][ T1] Bluetooth: HIDP socket layer initialized
[ 14.276501][ T1] NET: Registered PF_RXRPC protocol family
[ 14.283300][ T1] Key type rxrpc registered
[ 14.287887][ T1] Key type rxrpc_s registered
[ 14.293690][ T1] NET: Registered PF_KCM protocol family
[ 14.300055][ T1] lec:lane_module_init: lec.c: initialized
[ 14.305962][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 14.311933][ T1] l2tp_core: L2TP core driver, V2.0
[ 14.317242][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 14.323054][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 14.329726][ T1] l2tp_netlink: L2TP netlink interface
[ 14.335282][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 14.342081][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 14.349835][ T1] NET: Registered PF_PHONET protocol family
[ 14.356149][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 14.371855][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 14.377808][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 14.386292][ T1] sctp: Hash tables configured (bind 32/56)
[ 14.393689][ T1] NET: Registered PF_RDS protocol family
[ 14.400076][ T1] Registered RDS/infiniband transport
[ 14.406158][ T1] Registered RDS/tcp transport
[ 14.411182][ T1] tipc: Activated (version 2.0.0)
[ 14.417189][ T1] NET: Registered PF_TIPC protocol family
[ 14.423474][ T1] tipc: Started in single node mode
[ 14.429372][ T1] NET: Registered PF_SMC protocol family
[ 14.435548][ T1] 9pnet: Installing 9P2000 support
[ 14.441098][ T1] NET: Registered PF_CAIF protocol family
[ 14.450312][ T1] NET: Registered PF_IEEE802154 protocol family
[ 14.457075][ T1] Key type dns_resolver registered
[ 14.462489][ T1] Key type ceph registered
[ 14.467660][ T1] libceph: loaded (mon/osd proto 15/24)
[ 14.475054][ T1] batman_adv: B.A.T.M.A.N. advanced 2021.2 (compatibility version 15) loaded
[ 14.484029][ T1] openvswitch: Open vSwitch switching datapath
[ 14.492177][ T1] NET: Registered PF_VSOCK protocol family
[ 14.498964][ T1] mpls_gso: MPLS GSO support
[ 14.512270][ T1] IPI shorthand broadcast: enabled
[ 14.517477][ T1] AVX2 version of gcm_enc/dec engaged.
[ 14.523381][ T1] AES CTR mode by8 optimization enabled
[ 14.533884][ T1] sched_clock: Marking stable (14511732174, 22069766)->(14541586247, -7784307)
[ 14.544108][ T1] registered taskstats version 1
[ 14.554669][ T1] Loading compiled-in X.509 certificates
[ 14.561638][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 14.574376][ T1] zswap: loaded using pool lzo/zbud
[ 14.580561][ T1] debug_vm_pgtable: [debug_vm_pgtable ]: Validating architecture page table helpers
[ 14.591200][ T1] Key type ._fscrypt registered
[ 14.596046][ T1] Key type .fscrypt registered
[ 14.600841][ T1] Key type fscrypt-provisioning registered
[ 14.610082][ T1] kAFS: Red Hat AFS client v0.1 registering.
[ 14.617048][ T1] FS-Cache: Netfs 'afs' registered for caching
[ 14.630833][ T1] Btrfs loaded, crc32c=crc32c-intel, assert=on, zoned=yes
[ 14.638826][ T1] Key type big_key registered
[ 14.645569][ T1] Key type encrypted registered
[ 14.650785][ T1] AppArmor: AppArmor sha1 policy hashing enabled
[ 14.657316][ T1] ima: No TPM chip found, activating TPM-bypass!
[ 14.663799][ T1] Loading compiled-in module X.509 certificates
[ 14.670910][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 14.681990][ T1] ima: Allocated hash algorithm: sha256
[ 14.687795][ T1] ima: No architecture policies found
[ 14.693368][ T1] evm: Initialising EVM extended attributes:
[ 14.699473][ T1] evm: security.selinux (disabled)
[ 14.704785][ T1] evm: security.SMACK64 (disabled)
[ 14.709911][ T1] evm: security.SMACK64EXEC (disabled)
[ 14.715360][ T1] evm: security.SMACK64TRANSMUTE (disabled)
[ 14.721357][ T1] evm: security.SMACK64MMAP (disabled)
[ 14.726789][ T1] evm: security.apparmor
[ 14.731215][ T1] evm: security.ima
[ 14.734997][ T1] evm: security.capability
[ 14.739409][ T1] evm: HMAC attrs: 0x1
[ 14.744287][ T1] PM: Magic number: 13:797:903
[ 14.749667][ T1] block nbd3: hash matches
[ 14.754327][ T1] acpi PNP0501:03: hash matches
[ 14.760550][ T1] printk: console [netcon0] enabled
[ 14.765756][ T1] netconsole: network logging started
[ 14.771386][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 14.778508][ T1] rdma_rxe: loaded
[ 14.782495][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 14.793001][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 14.800639][ T1] ALSA device list:
[ 14.801006][ T7] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 14.804470][ T1] #0: Dummy 1
[ 14.813943][ T7] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 14.826535][ T1] #1: Loopback 1
[ 14.830278][ T1] #2: Virtual MIDI Card 1
[ 14.836549][ T1] md: Waiting for all devices to be available before autodetect
[ 14.844265][ T1] md: If you don't use raid, use raid=noautodetect
[ 14.851176][ T1] md: Autodetecting RAID arrays.
[ 14.856102][ T1] md: autorun ...
[ 14.859859][ T1] md: ... autorun DONE.
[ 14.866201][ T1] VFS: Cannot open root device "sda1" or unknown-block(0,0): error -6
[ 14.874666][ T1] Please append a correct "root=" boot option; here are the available partitions:
[ 14.884077][ T1] 0100 4096 ram0
[ 14.884088][ T1] (driver?)
[ 14.892222][ T1] 0101 4096 ram1
[ 14.892233][ T1] (driver?)
[ 14.900102][ T1] 0102 4096 ram2
[ 14.900114][ T1] (driver?)
[ 14.907869][ T1] 0103 4096 ram3
[ 14.907880][ T1] (driver?)
[ 14.915882][ T1] 0104 4096 ram4
[ 14.915892][ T1] (driver?)
[ 14.923683][ T1] 0105 4096 ram5
[ 14.923694][ T1] (driver?)
[ 14.931473][ T1] 0106 4096 ram6
[ 14.931484][ T1] (driver?)
[ 14.939430][ T1] 0107 4096 ram7
[ 14.939440][ T1] (driver?)
[ 14.947215][ T1] 0108 4096 ram8
[ 14.947225][ T1] (driver?)
[ 14.955009][ T1] 0109 4096 ram9
[ 14.955019][ T1] (driver?)
[ 14.962767][ T1] 010a 4096 ram10
[ 14.962776][ T1] (driver?)
[ 14.970861][ T1] 010b 4096 ram11
[ 14.970871][ T1] (driver?)
[ 14.978894][ T1] 010c 4096 ram12
[ 14.978904][ T1] (driver?)
[ 14.986747][ T1] 010d 4096 ram13
[ 14.986760][ T1] (driver?)
[ 14.994958][ T1] 010e 4096 ram14
[ 14.994969][ T1] (driver?)
[ 15.002824][ T1] 010f 4096 ram15
[ 15.002834][ T1] (driver?)
[ 15.010716][ T1] 1f00 128 mtdblock0
[ 15.010727][ T1] (driver?)
[ 15.019274][ T1] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
[ 15.028449][ T1] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 5.13.0-syzkaller #0
[ 15.037456][ T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.048036][ T1] Call Trace:
[ 15.051425][ T1] dump_stack_lvl+0xcd/0x134
[ 15.056094][ T1] panic+0x306/0x73d
[ 15.059971][ T1] ? __warn_printk+0xf3/0xf3
[ 15.064544][ T1] mount_block_root+0x3f8/0x4dd
[ 15.069571][ T1] ? init_rootfs+0x59/0x59
[ 15.073984][ T1] ? memcpy+0x39/0x60
[ 15.078137][ T1] mount_root+0x1af/0x1f5
[ 15.082478][ T1] ? mount_block_root+0x4dd/0x4dd
[ 15.087490][ T1] ? memcpy+0x39/0x60
[ 15.091457][ T1] prepare_namespace+0x1ff/0x234
[ 15.096468][ T1] kernel_init_freeable+0x729/0x741
[ 15.101737][ T1] ? rest_init+0x3d0/0x3d0
[ 15.106231][ T1] kernel_init+0x1a/0x1d0
[ 15.110644][ T1] ? rest_init+0x3d0/0x3d0
[ 15.115058][ T1] ret_from_fork+0x1f/0x30
[ 15.121209][ T1] Kernel Offset: disabled
[ 15.125537][ T1] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=14013b94300000
Tested on:
commit: 303392fd Merge tag 'leds-5.14-rc1' of git://git.kernel.org..
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=265d6a583cb859d4
dashboard link: https://syzkaller.appspot.com/bug?extid=a3fcd59df1b372066f5a
compiler:
patch: https://syzkaller.appspot.com/x/patch.diff?x=16b966e4300000
syzbot tried to test the proposed patch but the build/boot failed:
registered new interface driver bcm203x
[ 13.301034][ T1] usbcore: registered new interface driver bpa10x
[ 13.308017][ T1] usbcore: registered new interface driver bfusb
[ 13.314849][ T1] usbcore: registered new interface driver btusb
[ 13.322003][ T1] usbcore: registered new interface driver ath3k
[ 13.328931][ T1] CAPI 2.0 started up with major 68 (middleware)
[ 13.335287][ T1] Modular ISDN core version 1.1.29
[ 13.340991][ T1] NET: Registered PF_ISDN protocol family
[ 13.346943][ T1] DSP module 2.0
[ 13.350527][ T1] mISDN_dsp: DSP clocks every 80 samples. This equals 1 jiffies.
[ 13.370691][ T1] mISDN: Layer-1-over-IP driver Rev. 2.00
[ 13.377317][ T1] 0 virtual devices registered
[ 13.382446][ T1] usbcore: registered new interface driver HFC-S_USB
[ 13.389303][ T1] intel_pstate: CPU model not supported
[ 13.395099][ T1] VUB300 Driver rom wait states = 1C irqpoll timeout = 0400
[ 13.396209][ T1] usbcore: registered new interface driver vub300
[ 13.410329][ T1] usbcore: registered new interface driver ushc
[ 13.421894][ T1] iscsi: registered transport (iser)
[ 13.428981][ T1] SoftiWARP attached
[ 13.433140][ T1] Driver 'framebuffer' was unable to register with bus_type 'coreboot' because the bus was not initialized.
[ 13.444821][ T1] Driver 'memconsole' was unable to register with bus_type 'coreboot' because the bus was not initialized.
[ 13.456458][ T1] Driver 'vpd' was unable to register with bus_type 'coreboot' because the bus was not initialized.
[ 13.475021][ T1] hid: raw HID events driver (C) Jiri Kosina
[ 13.522124][ T1] usbcore: registered new interface driver usbhid
[ 13.529333][ T1] usbhid: USB HID core driver
[ 13.535897][ T1] usbcore: registered new interface driver es2_ap_driver
[ 13.544240][ T1] comedi: version 0.7.76 - http://www.comedi.org
[ 13.551160][ T1] usbcore: registered new interface driver dt9812
[ 13.557922][ T1] usbcore: registered new interface driver ni6501
[ 13.564770][ T1] usbcore: registered new interface driver usbdux
[ 13.571958][ T1] usbcore: registered new interface driver usbduxfast
[ 13.579084][ T1] usbcore: registered new interface driver usbduxsigma
[ 13.586364][ T1] usbcore: registered new interface driver vmk80xx
[ 13.593436][ T1] usbcore: registered new interface driver prism2_usb
[ 13.600646][ T1] usbcore: registered new interface driver r8712u
[ 13.607706][ T1] ashmem: initialized
[ 13.611893][ T1] greybus: registered new driver hid
[ 13.617539][ T1] greybus: registered new driver gbphy
[ 13.623204][ T1] gb_gbphy: registered new driver usb
[ 13.628767][ T1] asus_wmi: ASUS WMI generic driver loaded
[ 13.692019][ T1] usbcore: registered new interface driver snd-usb-audio
[ 13.700225][ T1] usbcore: registered new interface driver snd-ua101
[ 13.707332][ T1] usbcore: registered new interface driver snd-usb-usx2y
[ 13.716376][ T1] usbcore: registered new interface driver snd-usb-us122l
[ 13.724750][ T1] usbcore: registered new interface driver snd-usb-caiaq
[ 13.732802][ T1] usbcore: registered new interface driver snd-usb-6fire
[ 13.740136][ T1] usbcore: registered new interface driver snd-usb-hiface
[ 13.747557][ T1] usbcore: registered new interface driver snd-bcd2000
[ 13.754692][ T1] usbcore: registered new interface driver snd_usb_pod
[ 13.761860][ T1] usbcore: registered new interface driver snd_usb_podhd
[ 13.769207][ T1] usbcore: registered new interface driver snd_usb_toneport
[ 13.776810][ T1] usbcore: registered new interface driver snd_usb_variax
[ 13.784465][ T1] drop_monitor: Initializing network drop monitor service
[ 13.792116][ T1] NET: Registered PF_LLC protocol family
[ 13.797781][ T1] GACT probability on
[ 13.802092][ T1] Mirror/redirect action on
[ 13.806727][ T1] Simple TC action Loaded
[ 13.813065][ T1] netem: version 1.3
[ 13.817280][ T1] u32 classifier
[ 13.820851][ T1] Performance counters on
[ 13.825506][ T1] input device check on
[ 13.830012][ T1] Actions configured
[ 13.835731][ T1] nf_conntrack_irc: failed to register helpers
[ 13.841962][ T1] nf_conntrack_sane: failed to register helpers
[ 13.866685][ T1] nf_conntrack_sip: failed to register helpers
[ 13.876100][ T1] xt_time: kernel timezone is -0000
[ 13.881442][ T1] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[ 13.888658][ T1] IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
[ 13.897076][ T1] IPVS: ipvs loaded.
[ 13.901034][ T1] IPVS: [rr] scheduler registered.
[ 13.906127][ T1] IPVS: [wrr] scheduler registered.
[ 13.911423][ T1] IPVS: [lc] scheduler registered.
[ 13.918713][ T1] IPVS: [wlc] scheduler registered.
[ 13.924150][ T1] IPVS: [fo] scheduler registered.
[ 13.929535][ T1] IPVS: [ovf] scheduler registered.
[ 13.934971][ T1] IPVS: [lblc] scheduler registered.
[ 13.940345][ T1] IPVS: [lblcr] scheduler registered.
[ 13.946113][ T1] IPVS: [dh] scheduler registered.
[ 13.951450][ T1] IPVS: [sh] scheduler registered.
[ 13.956554][ T1] IPVS: [mh] scheduler registered.
[ 13.961776][ T1] IPVS: [sed] scheduler registered.
[ 13.966970][ T1] IPVS: [nq] scheduler registered.
[ 13.972128][ T1] IPVS: [twos] scheduler registered.
[ 13.977413][ T1] IPVS: [sip] pe registered.
[ 13.982247][ T1] ipip: IPv4 and MPLS over IPv4 tunneling driver
[ 13.990341][ T1] gre: GRE over IPv4 demultiplexor driver
[ 13.996079][ T1] ip_gre: GRE over IPv4 tunneling driver
[ 14.007441][ T1] IPv4 over IPsec tunneling driver
[ 14.015447][ T1] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[ 14.023003][ T1] Initializing XFRM netlink socket
[ 14.028328][ T1] IPsec XFRM device driver
[ 14.034211][ T1] NET: Registered PF_INET6 protocol family
[ 14.047579][ T1] Segment Routing with IPv6
[ 14.052320][ T1] RPL Segment Routing with IPv6
[ 14.057729][ T1] mip6: Mobile IPv6
[ 14.064421][ T1] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
[ 14.074529][ T1] ip6_gre: GRE over IPv6 tunneling driver
[ 14.081776][ T1] NET: Registered PF_PACKET protocol family
[ 14.087728][ T1] NET: Registered PF_KEY protocol family
[ 14.093721][ T1] Bridge firewalling registered
[ 14.099410][ T1] NET: Registered PF_X25 protocol family
[ 14.105230][ T1] X25: Linux Version 0.2
[ 14.133761][ T1] NET: Registered PF_NETROM protocol family
[ 14.168585][ T1] NET: Registered PF_ROSE protocol family
[ 14.174438][ T1] NET: Registered PF_AX25 protocol family
[ 14.180325][ T1] can: controller area network core
[ 14.185833][ T1] NET: Registered PF_CAN protocol family
[ 14.191679][ T1] can: raw protocol
[ 14.195746][ T1] can: broadcast manager protocol
[ 14.200909][ T1] can: netlink gateway - max_hops=1
[ 14.206533][ T1] can: SAE J1939
[ 14.210192][ T1] can: isotp protocol
[ 14.214465][ T1] Bluetooth: RFCOMM TTY layer initialized
[ 14.220224][ T1] Bluetooth: RFCOMM socket layer initialized
[ 14.226354][ T1] Bluetooth: RFCOMM ver 1.11
[ 14.231194][ T1] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[ 14.237356][ T1] Bluetooth: BNEP filters: protocol multicast
[ 14.243456][ T1] Bluetooth: BNEP socket layer initialized
[ 14.249476][ T1] Bluetooth: CMTP (CAPI Emulation) ver 1.0
[ 14.255308][ T1] Bluetooth: CMTP socket layer initialized
[ 14.261110][ T1] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[ 14.267876][ T1] Bluetooth: HIDP socket layer initialized
[ 14.276501][ T1] NET: Registered PF_RXRPC protocol family
[ 14.283300][ T1] Key type rxrpc registered
[ 14.287887][ T1] Key type rxrpc_s registered
[ 14.293690][ T1] NET: Registered PF_KCM protocol family
[ 14.300055][ T1] lec:lane_module_init: lec.c: initialized
[ 14.305962][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 14.311933][ T1] l2tp_core: L2TP core driver, V2.0
[ 14.317242][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 14.323054][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 14.329726][ T1] l2tp_netlink: L2TP netlink interface
[ 14.335282][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 14.342081][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 14.349835][ T1] NET: Registered PF_PHONET protocol family
[ 14.356149][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 14.371855][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 14.377808][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 14.386292][ T1] sctp: Hash tables configured (bind 32/56)
[ 14.393689][ T1] NET: Registered PF_RDS protocol family
[ 14.400076][ T1] Registered RDS/infiniband transport
[ 14.406158][ T1] Registered RDS/tcp transport
[ 14.411182][ T1] tipc: Activated (version 2.0.0)
[ 14.417189][ T1] NET: Registered PF_TIPC protocol family
[ 14.423474][ T1] tipc: Started in single node mode
[ 14.429372][ T1] NET: Registered PF_SMC protocol family
[ 14.435548][ T1] 9pnet: Installing 9P2000 support
[ 14.441098][ T1] NET: Registered PF_CAIF protocol family
[ 14.450312][ T1] NET: Registered PF_IEEE802154 protocol family
[ 14.457075][ T1] Key type dns_resolver registered
[ 14.462489][ T1] Key type ceph registered
[ 14.467660][ T1] libceph: loaded (mon/osd proto 15/24)
[ 14.475054][ T1] batman_adv: B.A.T.M.A.N. advanced 2021.2 (compatibility version 15) loaded
[ 14.484029][ T1] openvswitch: Open vSwitch switching datapath
[ 14.492177][ T1] NET: Registered PF_VSOCK protocol family
[ 14.498964][ T1] mpls_gso: MPLS GSO support
[ 14.512270][ T1] IPI shorthand broadcast: enabled
[ 14.517477][ T1] AVX2 version of gcm_enc/dec engaged.
[ 14.523381][ T1] AES CTR mode by8 optimization enabled
[ 14.533884][ T1] sched_clock: Marking stable (14511732174, 22069766)->(14541586247, -7784307)
[ 14.544108][ T1] registered taskstats version 1
[ 14.554669][ T1] Loading compiled-in X.509 certificates
[ 14.561638][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 14.574376][ T1] zswap: loaded using pool lzo/zbud
[ 14.580561][ T1] debug_vm_pgtable: [debug_vm_pgtable ]: Validating architecture page table helpers
[ 14.591200][ T1] Key type ._fscrypt registered
[ 14.596046][ T1] Key type .fscrypt registered
[ 14.600841][ T1] Key type fscrypt-provisioning registered
[ 14.610082][ T1] kAFS: Red Hat AFS client v0.1 registering.
[ 14.617048][ T1] FS-Cache: Netfs 'afs' registered for caching
[ 14.630833][ T1] Btrfs loaded, crc32c=crc32c-intel, assert=on, zoned=yes
[ 14.638826][ T1] Key type big_key registered
[ 14.645569][ T1] Key type encrypted registered
[ 14.650785][ T1] AppArmor: AppArmor sha1 policy hashing enabled
[ 14.657316][ T1] ima: No TPM chip found, activating TPM-bypass!
[ 14.663799][ T1] Loading compiled-in module X.509 certificates
[ 14.670910][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 14.681990][ T1] ima: Allocated hash algorithm: sha256
[ 14.687795][ T1] ima: No architecture policies found
[ 14.693368][ T1] evm: Initialising EVM extended attributes:
[ 14.699473][ T1] evm: security.selinux (disabled)
[ 14.704785][ T1] evm: security.SMACK64 (disabled)
[ 14.709911][ T1] evm: security.SMACK64EXEC (disabled)
[ 14.715360][ T1] evm: security.SMACK64TRANSMUTE (disabled)
[ 14.721357][ T1] evm: security.SMACK64MMAP (disabled)
[ 14.726789][ T1] evm: security.apparmor
[ 14.731215][ T1] evm: security.ima
[ 14.734997][ T1] evm: security.capability
[ 14.739409][ T1] evm: HMAC attrs: 0x1
[ 14.744287][ T1] PM: Magic number: 13:797:903
[ 14.749667][ T1] block nbd3: hash matches
[ 14.754327][ T1] acpi PNP0501:03: hash matches
[ 14.760550][ T1] printk: console [netcon0] enabled
[ 14.765756][ T1] netconsole: network logging started
[ 14.771386][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 14.778508][ T1] rdma_rxe: loaded
[ 14.782495][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 14.793001][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 14.800639][ T1] ALSA device list:
[ 14.801006][ T7] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 14.804470][ T1] #0: Dummy 1
[ 14.813943][ T7] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 14.826535][ T1] #1: Loopback 1
[ 14.830278][ T1] #2: Virtual MIDI Card 1
[ 14.836549][ T1] md: Waiting for all devices to be available before autodetect
[ 14.844265][ T1] md: If you don't use raid, use raid=noautodetect
[ 14.851176][ T1] md: Autodetecting RAID arrays.
[ 14.856102][ T1] md: autorun ...
[ 14.859859][ T1] md: ... autorun DONE.
[ 14.866201][ T1] VFS: Cannot open root device "sda1" or unknown-block(0,0): error -6
[ 14.874666][ T1] Please append a correct "root=" boot option; here are the available partitions:
[ 14.884077][ T1] 0100 4096 ram0
[ 14.884088][ T1] (driver?)
[ 14.892222][ T1] 0101 4096 ram1
[ 14.892233][ T1] (driver?)
[ 14.900102][ T1] 0102 4096 ram2
[ 14.900114][ T1] (driver?)
[ 14.907869][ T1] 0103 4096 ram3
[ 14.907880][ T1] (driver?)
[ 14.915882][ T1] 0104 4096 ram4
[ 14.915892][ T1] (driver?)
[ 14.923683][ T1] 0105 4096 ram5
[ 14.923694][ T1] (driver?)
[ 14.931473][ T1] 0106 4096 ram6
[ 14.931484][ T1] (driver?)
[ 14.939430][ T1] 0107 4096 ram7
[ 14.939440][ T1] (driver?)
[ 14.947215][ T1] 0108 4096 ram8
[ 14.947225][ T1] (driver?)
[ 14.955009][ T1] 0109 4096 ram9
[ 14.955019][ T1] (driver?)
[ 14.962767][ T1] 010a 4096 ram10
[ 14.962776][ T1] (driver?)
[ 14.970861][ T1] 010b 4096 ram11
[ 14.970871][ T1] (driver?)
[ 14.978894][ T1] 010c 4096 ram12
[ 14.978904][ T1] (driver?)
[ 14.986747][ T1] 010d 4096 ram13
[ 14.986760][ T1] (driver?)
[ 14.994958][ T1] 010e 4096 ram14
[ 14.994969][ T1] (driver?)
[ 15.002824][ T1] 010f 4096 ram15
[ 15.002834][ T1] (driver?)
[ 15.010716][ T1] 1f00 128 mtdblock0
[ 15.010727][ T1] (driver?)
[ 15.019274][ T1] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
[ 15.028449][ T1] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 5.13.0-syzkaller #0
[ 15.037456][ T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.048036][ T1] Call Trace:
[ 15.051425][ T1] dump_stack_lvl+0xcd/0x134
[ 15.056094][ T1] panic+0x306/0x73d
[ 15.059971][ T1] ? __warn_printk+0xf3/0xf3
[ 15.064544][ T1] mount_block_root+0x3f8/0x4dd
[ 15.069571][ T1] ? init_rootfs+0x59/0x59
[ 15.073984][ T1] ? memcpy+0x39/0x60
[ 15.078137][ T1] mount_root+0x1af/0x1f5
[ 15.082478][ T1] ? mount_block_root+0x4dd/0x4dd
[ 15.087490][ T1] ? memcpy+0x39/0x60
[ 15.091457][ T1] prepare_namespace+0x1ff/0x234
[ 15.096468][ T1] kernel_init_freeable+0x729/0x741
[ 15.101737][ T1] ? rest_init+0x3d0/0x3d0
[ 15.106231][ T1] kernel_init+0x1a/0x1d0
[ 15.110644][ T1] ? rest_init+0x3d0/0x3d0
[ 15.115058][ T1] ret_from_fork+0x1f/0x30
[ 15.121209][ T1] Kernel Offset: disabled
[ 15.125537][ T1] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=14013b94300000
Tested on:
commit: 303392fd Merge tag 'leds-5.14-rc1' of git://git.kernel.org..
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=265d6a583cb859d4
dashboard link: https://syzkaller.appspot.com/bug?extid=a3fcd59df1b372066f5a
compiler:
patch: https://syzkaller.appspot.com/x/patch.diff?x=16b966e4300000
Thomas Gleixner
Jul 8, 2021, 9:03:47āÆAM7/8/21
to syzbot, ak...@linux-foundation.org, b...@alien8.de, h...@zytor.com, jmat...@google.com, jo...@8bytes.org, k...@vger.kernel.org, linux-...@vger.kernel.org, linu...@kvack.org, mark.r...@arm.com, masa...@kernel.org, mi...@redhat.com, pbon...@redhat.com, pet...@infradead.org, rafael.j...@intel.com, ros...@goodmis.org, sea...@google.com, sedat...@gmail.com, syzkall...@googlegroups.com, vi...@massaru.org, vkuz...@redhat.com, wanp...@tencent.com, wi...@kernel.org, x...@kernel.org
On Sat, Jul 03 2021 at 13:24, syzbot wrote:
> syzbot has bisected this issue to:
>
> commit 997acaf6b4b59c6a9c259740312a69ea549cc684
> Author: Mark Rutland <mark.r...@arm.com>
> Date: Mon Jan 11 15:37:07 2021 +0000
>
> lockdep: report broken irq restoration
That's the commit which makes the underlying problem visible:
> syzbot has bisected this issue to:
>
> commit 997acaf6b4b59c6a9c259740312a69ea549cc684
> Author: Mark Rutland <mark.r...@arm.com>
> Date: Mon Jan 11 15:37:07 2021 +0000
>
> lockdep: report broken irq restoration
raw_local_irq_restore() called with IRQs enabled
and is triggered by this call chain:
kvm_wait arch/x86/kernel/kvm.c:860 [inline]
kvm_wait+0xc3/0xe0 arch/x86/kernel/kvm.c:837
pv_wait arch/x86/include/asm/paravirt.h:564 [inline]
pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:470 [inline]
__pv_queued_spin_lock_slowpath+0x8b8/0xb40 kernel/locking/qspinlock.c:508
pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:554 [inline]
queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
queued_spin_lock include/asm-generic/qspinlock.h:85 [inline]
do_raw_spin_lock+0x200/0x2b0 kernel/locking/spinlock_debug.c:113
spin_lock include/linux/spinlock.h:354 [inline]
alloc_huge_page+0x2b0/0xda0 mm/hugetlb.c:2318
hugetlb_no_page mm/hugetlb.c:4323 [inline]
hugetlb_fault+0xc35/0x1cd0 mm/hugetlb.c:4523
follow_hugetlb_page+0x317/0xda0 mm/hugetlb.c:4836
__get_user_pages+0x3fa/0xe30 mm/gup.c:1041
__get_user_pages_locked mm/gup.c:1256 [inline]
__gup_longterm_locked+0x15f/0xc80 mm/gup.c:1667
io_sqe_buffer_register fs/io_uring.c:8462 [inline]
__io_uring_register fs/io_uring.c:9901 [inline]
__do_sys_io_uring_register+0xeb1/0x3350 fs/io_uring.c:10000
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Thanks,
tglx
Sean Christopherson
Jul 12, 2021, 5:29:06āÆPM7/12/21
to Thomas Gleixner, syzbot, ak...@linux-foundation.org, b...@alien8.de, h...@zytor.com, jmat...@google.com, jo...@8bytes.org, k...@vger.kernel.org, linux-...@vger.kernel.org, linu...@kvack.org, mark.r...@arm.com, masa...@kernel.org, mi...@redhat.com, pbon...@redhat.com, pet...@infradead.org, rafael.j...@intel.com, ros...@goodmis.org, sedat...@gmail.com, syzkall...@googlegroups.com, vi...@massaru.org, vkuz...@redhat.com, wanp...@tencent.com, wi...@kernel.org, x...@kernel.org
On Thu, Jul 08, 2021, Thomas Gleixner wrote:
> On Sat, Jul 03 2021 at 13:24, syzbot wrote:
> > syzbot has bisected this issue to:
> >
> > commit 997acaf6b4b59c6a9c259740312a69ea549cc684
> > Author: Mark Rutland <mark.r...@arm.com>
> > Date: Mon Jan 11 15:37:07 2021 +0000
> >
> > lockdep: report broken irq restoration
>
> That's the commit which makes the underlying problem visible:
>
> raw_local_irq_restore() called with IRQs enabled
>
> and is triggered by this call chain:
>
> kvm_wait arch/x86/kernel/kvm.c:860 [inline]
> kvm_wait+0xc3/0xe0 arch/x86/kernel/kvm.c:837
And the bug in kvm_wait() was fixed by commit f4e61f0c9add ("x86/kvm: Fix broken
> On Sat, Jul 03 2021 at 13:24, syzbot wrote:
> > syzbot has bisected this issue to:
> >
> > commit 997acaf6b4b59c6a9c259740312a69ea549cc684
> > Author: Mark Rutland <mark.r...@arm.com>
> > Date: Mon Jan 11 15:37:07 2021 +0000
> >
> > lockdep: report broken irq restoration
>
> That's the commit which makes the underlying problem visible:
>
> raw_local_irq_restore() called with IRQs enabled
>
> and is triggered by this call chain:
>
> kvm_wait arch/x86/kernel/kvm.c:860 [inline]
> kvm_wait+0xc3/0xe0 arch/x86/kernel/kvm.c:837
irq restoration in kvm_wait"). The bisection is bad, syzbot happened into the
kvm_wait() WARN and got distracted. The original #GP looks stable, if someone
from mm land has bandwidth.
Joao Martins
Jul 12, 2021, 9:09:28āÆPM7/12/21
to Sean Christopherson, Mike Kravetz, syzbot, ak...@linux-foundation.org, b...@alien8.de, h...@zytor.com, jmat...@google.com, jo...@8bytes.org, k...@vger.kernel.org, linux-...@vger.kernel.org, linu...@kvack.org, mark.r...@arm.com, masa...@kernel.org, mi...@redhat.com, pbon...@redhat.com, pet...@infradead.org, rafael.j...@intel.com, ros...@goodmis.org, sedat...@gmail.com, syzkall...@googlegroups.com, vi...@massaru.org, vkuz...@redhat.com, wanp...@tencent.com, wi...@kernel.org, x...@kernel.org, Thomas Gleixner
recording").
I have this fix below and should formally submit tomorrow after more testing.
My apologies for the trouble.
Joao
------>8------
Subject: mm/hugetlb: fix refs calculation from unaligned @vaddr
commit 82e5d378b0e47 ("mm/hugetlb: refactor subpage recording")
refactored the count of subpages but missed an edge case when @vaddr is
less than a PAGE_SIZE close to vma->vm_end. It would errousnly set @refs
to 0 and record_subpages_vmas() wouldn't set the pages array element to
its value, consequently causing the reported #GP by syzbot.
Fix it by aligning down @vaddr in @refs calculation.
Reported-by: syzbot+a3fcd5...@syzkaller.appspotmail.com
Fixes: 82e5d378b0e47 ("mm/hugetlb: refactor subpage recording")
Signed-off-by: Joao Martins <joao.m....@oracle.com>
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index a86a58ef132d..cbc448c1a3c8 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -4949,8 +4949,9 @@ long follow_hugetlb_page(struct mm_struct *mm, struct vm_area_struct
*vma,
continue;
}
- refs = min3(pages_per_huge_page(h) - pfn_offset,
- (vma->vm_end - vaddr) >> PAGE_SHIFT, remainder);
+ /* [vaddr .. vm_end] may not be aligned to PAGE_SIZE */
+ refs = min3(pages_per_huge_page(h) - pfn_offset, remainder,
+ (vma->vm_end - ALIGN_DOWN(vaddr, PAGE_SIZE)) >> PAGE_SHIFT);
if (pages || vmas)
record_subpages_vmas(mem_map_offset(page, pfn_offset),
Reply all
Reply to author
Forward
0 new messages