Re: WARNING in vkms_vblank_simulate
4 views
Skip to first unread message
syzbot
May 23, 2020, 3:36:04 AM5/23/20
to penguin...@i-love.sakura.ne.jp, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but build/boot failed:
syzkaller build failed: failed to run ["make" "target"]: exit status 2
export BUILDOS=linux
export NATIVEBUILDOS=linux
export HOSTOS=linux
export HOSTARCH=amd64
export TARGETOS=linux
export TARGETARCH=amd64
export TARGETVMARCH=amd64
export CC=gcc
export ADDCFLAGS=-O2 -pthread -Wall -Werror -Wparentheses -Wframe-larger-than=8192 -m64 -static
export NCORES=62
export EXE=
export NATIVEBUILDOS=linux
GOOS=linux GOARCH=amd64 go install ./syz-fuzzer
# github.com/google/syzkaller/sys/akaros/gen
sys/akaros/gen/amd64.go:23:55: undefined: Field
sys/akaros/gen/amd64.go:26:61: undefined: Field
sys/akaros/gen/amd64.go:29:48: undefined: Field
sys/akaros/gen/amd64.go:34:44: undefined: Field
sys/akaros/gen/amd64.go:39:59: undefined: Field
sys/akaros/gen/amd64.go:43:46: undefined: Field
sys/akaros/gen/amd64.go:48:46: undefined: Field
sys/akaros/gen/amd64.go:51:56: undefined: Field
sys/akaros/gen/amd64.go:56:43: undefined: Field
sys/akaros/gen/amd64.go:62:48: undefined: Field
sys/akaros/gen/amd64.go:62:48: too many errors
# github.com/google/syzkaller/sys/netbsd/gen
sys/netbsd/gen/amd64.go:42:50: undefined: Field
sys/netbsd/gen/amd64.go:45:7: undefined: Ref
sys/netbsd/gen/amd64.go:46:52: undefined: Field
sys/netbsd/gen/amd64.go:50:55: undefined: Field
sys/netbsd/gen/amd64.go:54:51: undefined: Ref
sys/netbsd/gen/amd64.go:55:62: undefined: Field
sys/netbsd/gen/amd64.go:58:58: undefined: Field
sys/netbsd/gen/amd64.go:63:52: undefined: Field
sys/netbsd/gen/amd64.go:67:58: undefined: Field
sys/netbsd/gen/amd64.go:71:60: undefined: Field
sys/netbsd/gen/amd64.go:71:60: too many errors
# github.com/google/syzkaller/sys/openbsd/gen
sys/openbsd/gen/amd64.go:49:47: undefined: Field
sys/openbsd/gen/amd64.go:53:7: undefined: Ref
sys/openbsd/gen/amd64.go:54:52: undefined: Field
sys/openbsd/gen/amd64.go:58:7: undefined: Ref
sys/openbsd/gen/amd64.go:59:53: undefined: Field
sys/openbsd/gen/amd64.go:63:7: undefined: Ref
sys/openbsd/gen/amd64.go:64:52: undefined: Field
sys/openbsd/gen/amd64.go:68:7: undefined: Ref
sys/openbsd/gen/amd64.go:69:43: undefined: Field
sys/openbsd/gen/amd64.go:72:44: undefined: Field
sys/openbsd/gen/amd64.go:72:44: too many errors
# github.com/google/syzkaller/sys/test/gen
sys/test/gen/32_fork_shmem.go:29:50: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:30:40: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:31:44: undefined: Ref
sys/test/gen/32_fork_shmem.go:31:53: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:32:47: undefined: Field
sys/test/gen/32_fork_shmem.go:34:3: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:35:58: undefined: Ref
sys/test/gen/32_fork_shmem.go:36:47: undefined: Field
sys/test/gen/32_fork_shmem.go:39:54: undefined: Field
sys/test/gen/32_fork_shmem.go:42:42: undefined: Field
sys/test/gen/32_fork_shmem.go:42:42: too many errors
# github.com/google/syzkaller/sys/freebsd/gen
sys/freebsd/gen/386.go:49:68: undefined: Field
sys/freebsd/gen/386.go:54:52: undefined: Field
sys/freebsd/gen/386.go:58:60: undefined: Field
sys/freebsd/gen/386.go:65:59: undefined: Field
sys/freebsd/gen/386.go:71:60: undefined: Field
sys/freebsd/gen/386.go:77:59: undefined: Field
sys/freebsd/gen/386.go:83:59: undefined: Field
sys/freebsd/gen/386.go:89:60: undefined: Field
sys/freebsd/gen/386.go:95:61: undefined: Field
sys/freebsd/gen/386.go:101:75: undefined: Field
sys/freebsd/gen/386.go:101:75: too many errors
# github.com/google/syzkaller/sys/windows/gen
sys/windows/gen/amd64.go:23:45: undefined: Field
sys/windows/gen/amd64.go:26:47: undefined: Field
sys/windows/gen/amd64.go:29:53: undefined: Field
sys/windows/gen/amd64.go:32:69: undefined: Field
sys/windows/gen/amd64.go:35:45: undefined: Field
sys/windows/gen/amd64.go:45:51: undefined: Field
sys/windows/gen/amd64.go:55:79: undefined: Field
sys/windows/gen/amd64.go:66:63: undefined: Field
sys/windows/gen/amd64.go:77:91: undefined: Field
sys/windows/gen/amd64.go:88:83: undefined: Field
sys/windows/gen/amd64.go:88:83: too many errors
# github.com/google/syzkaller/sys/fuchsia/gen
sys/fuchsia/gen/amd64.go:96:39: undefined: Field
sys/fuchsia/gen/amd64.go:99:39: undefined: Field
sys/fuchsia/gen/amd64.go:103:39: undefined: Field
sys/fuchsia/gen/amd64.go:108:39: undefined: Field
sys/fuchsia/gen/amd64.go:111:39: undefined: Field
sys/fuchsia/gen/amd64.go:114:7: undefined: Ref
sys/fuchsia/gen/amd64.go:115:35: undefined: Field
sys/fuchsia/gen/amd64.go:117:7: undefined: Ref
sys/fuchsia/gen/amd64.go:118:37: undefined: Field
sys/fuchsia/gen/amd64.go:121:7: undefined: Ref
sys/fuchsia/gen/amd64.go:121:7: too many errors
# github.com/google/syzkaller/sys/linux/gen
sys/linux/gen/386.go:296:50: undefined: Field
sys/linux/gen/386.go:301:7: undefined: Ref
sys/linux/gen/386.go:302:54: undefined: Field
sys/linux/gen/386.go:307:7: undefined: Ref
sys/linux/gen/386.go:308:55: undefined: Field
sys/linux/gen/386.go:313:7: undefined: Ref
sys/linux/gen/386.go:314:59: undefined: Field
sys/linux/gen/386.go:319:7: undefined: Ref
sys/linux/gen/386.go:320:55: undefined: Field
sys/linux/gen/386.go:325:7: undefined: Ref
sys/linux/gen/386.go:325:7: too many errors
Makefile:112: recipe for target 'target' failed
make: *** [target] Error 2
Tested on:
commit: [unknown
git tree: upstream
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
patch: https://syzkaller.appspot.com/x/patch.diff?x=11144e72100000
syzbot tried to test the proposed patch but build/boot failed:
syzkaller build failed: failed to run ["make" "target"]: exit status 2
export BUILDOS=linux
export NATIVEBUILDOS=linux
export HOSTOS=linux
export HOSTARCH=amd64
export TARGETOS=linux
export TARGETARCH=amd64
export TARGETVMARCH=amd64
export CC=gcc
export ADDCFLAGS=-O2 -pthread -Wall -Werror -Wparentheses -Wframe-larger-than=8192 -m64 -static
export NCORES=62
export EXE=
export NATIVEBUILDOS=linux
GOOS=linux GOARCH=amd64 go install ./syz-fuzzer
# github.com/google/syzkaller/sys/akaros/gen
sys/akaros/gen/amd64.go:23:55: undefined: Field
sys/akaros/gen/amd64.go:26:61: undefined: Field
sys/akaros/gen/amd64.go:29:48: undefined: Field
sys/akaros/gen/amd64.go:34:44: undefined: Field
sys/akaros/gen/amd64.go:39:59: undefined: Field
sys/akaros/gen/amd64.go:43:46: undefined: Field
sys/akaros/gen/amd64.go:48:46: undefined: Field
sys/akaros/gen/amd64.go:51:56: undefined: Field
sys/akaros/gen/amd64.go:56:43: undefined: Field
sys/akaros/gen/amd64.go:62:48: undefined: Field
sys/akaros/gen/amd64.go:62:48: too many errors
# github.com/google/syzkaller/sys/netbsd/gen
sys/netbsd/gen/amd64.go:42:50: undefined: Field
sys/netbsd/gen/amd64.go:45:7: undefined: Ref
sys/netbsd/gen/amd64.go:46:52: undefined: Field
sys/netbsd/gen/amd64.go:50:55: undefined: Field
sys/netbsd/gen/amd64.go:54:51: undefined: Ref
sys/netbsd/gen/amd64.go:55:62: undefined: Field
sys/netbsd/gen/amd64.go:58:58: undefined: Field
sys/netbsd/gen/amd64.go:63:52: undefined: Field
sys/netbsd/gen/amd64.go:67:58: undefined: Field
sys/netbsd/gen/amd64.go:71:60: undefined: Field
sys/netbsd/gen/amd64.go:71:60: too many errors
# github.com/google/syzkaller/sys/openbsd/gen
sys/openbsd/gen/amd64.go:49:47: undefined: Field
sys/openbsd/gen/amd64.go:53:7: undefined: Ref
sys/openbsd/gen/amd64.go:54:52: undefined: Field
sys/openbsd/gen/amd64.go:58:7: undefined: Ref
sys/openbsd/gen/amd64.go:59:53: undefined: Field
sys/openbsd/gen/amd64.go:63:7: undefined: Ref
sys/openbsd/gen/amd64.go:64:52: undefined: Field
sys/openbsd/gen/amd64.go:68:7: undefined: Ref
sys/openbsd/gen/amd64.go:69:43: undefined: Field
sys/openbsd/gen/amd64.go:72:44: undefined: Field
sys/openbsd/gen/amd64.go:72:44: too many errors
# github.com/google/syzkaller/sys/test/gen
sys/test/gen/32_fork_shmem.go:29:50: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:30:40: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:31:44: undefined: Ref
sys/test/gen/32_fork_shmem.go:31:53: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:32:47: undefined: Field
sys/test/gen/32_fork_shmem.go:34:3: unknown field 'Attrs' in struct literal of type prog.Syscall
sys/test/gen/32_fork_shmem.go:35:58: undefined: Ref
sys/test/gen/32_fork_shmem.go:36:47: undefined: Field
sys/test/gen/32_fork_shmem.go:39:54: undefined: Field
sys/test/gen/32_fork_shmem.go:42:42: undefined: Field
sys/test/gen/32_fork_shmem.go:42:42: too many errors
# github.com/google/syzkaller/sys/freebsd/gen
sys/freebsd/gen/386.go:49:68: undefined: Field
sys/freebsd/gen/386.go:54:52: undefined: Field
sys/freebsd/gen/386.go:58:60: undefined: Field
sys/freebsd/gen/386.go:65:59: undefined: Field
sys/freebsd/gen/386.go:71:60: undefined: Field
sys/freebsd/gen/386.go:77:59: undefined: Field
sys/freebsd/gen/386.go:83:59: undefined: Field
sys/freebsd/gen/386.go:89:60: undefined: Field
sys/freebsd/gen/386.go:95:61: undefined: Field
sys/freebsd/gen/386.go:101:75: undefined: Field
sys/freebsd/gen/386.go:101:75: too many errors
# github.com/google/syzkaller/sys/windows/gen
sys/windows/gen/amd64.go:23:45: undefined: Field
sys/windows/gen/amd64.go:26:47: undefined: Field
sys/windows/gen/amd64.go:29:53: undefined: Field
sys/windows/gen/amd64.go:32:69: undefined: Field
sys/windows/gen/amd64.go:35:45: undefined: Field
sys/windows/gen/amd64.go:45:51: undefined: Field
sys/windows/gen/amd64.go:55:79: undefined: Field
sys/windows/gen/amd64.go:66:63: undefined: Field
sys/windows/gen/amd64.go:77:91: undefined: Field
sys/windows/gen/amd64.go:88:83: undefined: Field
sys/windows/gen/amd64.go:88:83: too many errors
# github.com/google/syzkaller/sys/fuchsia/gen
sys/fuchsia/gen/amd64.go:96:39: undefined: Field
sys/fuchsia/gen/amd64.go:99:39: undefined: Field
sys/fuchsia/gen/amd64.go:103:39: undefined: Field
sys/fuchsia/gen/amd64.go:108:39: undefined: Field
sys/fuchsia/gen/amd64.go:111:39: undefined: Field
sys/fuchsia/gen/amd64.go:114:7: undefined: Ref
sys/fuchsia/gen/amd64.go:115:35: undefined: Field
sys/fuchsia/gen/amd64.go:117:7: undefined: Ref
sys/fuchsia/gen/amd64.go:118:37: undefined: Field
sys/fuchsia/gen/amd64.go:121:7: undefined: Ref
sys/fuchsia/gen/amd64.go:121:7: too many errors
# github.com/google/syzkaller/sys/linux/gen
sys/linux/gen/386.go:296:50: undefined: Field
sys/linux/gen/386.go:301:7: undefined: Ref
sys/linux/gen/386.go:302:54: undefined: Field
sys/linux/gen/386.go:307:7: undefined: Ref
sys/linux/gen/386.go:308:55: undefined: Field
sys/linux/gen/386.go:313:7: undefined: Ref
sys/linux/gen/386.go:314:59: undefined: Field
sys/linux/gen/386.go:319:7: undefined: Ref
sys/linux/gen/386.go:320:55: undefined: Field
sys/linux/gen/386.go:325:7: undefined: Ref
sys/linux/gen/386.go:325:7: too many errors
Makefile:112: recipe for target 'target' failed
make: *** [target] Error 2
Tested on:
commit: [unknown
git tree: upstream
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
patch: https://syzkaller.appspot.com/x/patch.diff?x=11144e72100000
Dmitry Vyukov
May 24, 2020, 7:43:23 AM5/24/20
to syzbot, Tetsuo Handa, syzkaller-bugs
I don't see how this can happen so far. Let's see if it's reproducible.
#syz test: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
master
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bug...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/0000000000004b6d7d05a64bcced%40google.com.
#syz test: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
master
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bug...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/0000000000004b6d7d05a64bcced%40google.com.
syzbot
May 24, 2020, 10:15:04 AM5/24/20
to dvy...@google.com, penguin...@i-love.sakura.ne.jp, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but build/boot failed:
syzkaller build failed: failed to run ["make" "target"]: exit status 2
export BUILDOS=linux
export NATIVEBUILDOS=linux
export HOSTOS=linux
export HOSTARCH=amd64
export TARGETOS=linux
export TARGETARCH=amd64
export TARGETVMARCH=amd64
export CC=gcc
export ADDCFLAGS=-O2 -pthread -Wall -Werror -Wparentheses -Wframe-larger-than=8192 -m64 -static
export NCORES=62
export EXE=
export NATIVEBUILDOS=linux
GOOS=linux GOARCH=amd64 go install ./syz-fuzzer
syzbot tried to test the proposed patch but build/boot failed:
syzkaller build failed: failed to run ["make" "target"]: exit status 2
export BUILDOS=linux
export NATIVEBUILDOS=linux
export HOSTOS=linux
export HOSTARCH=amd64
export TARGETOS=linux
export TARGETARCH=amd64
export TARGETVMARCH=amd64
export CC=gcc
export ADDCFLAGS=-O2 -pthread -Wall -Werror -Wparentheses -Wframe-larger-than=8192 -m64 -static
export NCORES=62
export EXE=
export NATIVEBUILDOS=linux
GOOS=linux GOARCH=amd64 go install ./syz-fuzzer
syzbot
May 25, 2020, 7:13:04 AM5/25/20
to penguin...@i-love.sakura.ne.jp, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but build/boot failed:
CC net/mac802154/mib.o
syzbot tried to test the proposed patch but build/boot failed:
CC net/netlabel/netlabel_calipso.o
CC net/6lowpan/nhc_hop.o
CC net/mac802154/iface.o
CC net/ieee802154/nl-mac.o
CC net/ieee802154/nl-phy.o
CC net/ieee802154/nl_policy.o
CC drivers/infiniband/core/ucma.o
CC drivers/infiniband/core/umem_odp.o
CC net/wireless/ap.o
CC net/wireless/mesh.o
CC drivers/md/dm-thin.o
CC drivers/hid/hid-ite.o
CC net/mac80211/scan.o
CC drivers/infiniband/sw/rxe/rxe_net.o
CC net/smc/smc_tx.o
CC net/rds/tcp.o
CC net/rds/tcp_connect.o
CC net/rds/tcp_listen.o
CC net/wireless/trace.o
CC net/wireless/ocb.o
CC net/wimax/op-state-get.o
CC net/6lowpan/nhc_ipv6.o
CC drivers/hid/hid-kensington.o
CC drivers/infiniband/sw/rxe/rxe_sysfs.o
CC net/ieee802154/6lowpan/reassembly.o
CC net/netfilter/xt_bpf.o
CC net/ceph/ceph_common.o
CC net/netfilter/xt_addrtype.o
CC drivers/hid/hid-keytouch.o
CC net/wireless/pmsr.o
CC drivers/infiniband/sw/rxe/rxe_hw_counters.o
CC net/mac80211/offchannel.o
CC net/6lowpan/nhc_mobility.o
CC net/mac80211/ht.o
CC net/mac802154/llsec.o
CC net/batman-adv/bat_iv_ogm.o
CC net/batman-adv/bat_v.o
CC net/caif/caif_usb.o
CC net/batman-adv/bat_algo.o
AR net/9p/built-in.a
CC net/wireless/debugfs.o
CC net/6lowpan/nhc_routing.o
AR drivers/staging/media/built-in.a
CC net/ieee802154/6lowpan/tx.o
CC net/rds/tcp_recv.o
CC drivers/staging/android/ion/ion.o
CC net/mac802154/util.o
CC drivers/hid/hid-kye.o
CC drivers/hid/hid-lcpower.o
CC net/wireless/wext-compat.o
CC net/ieee802154/core.o
CC drivers/hid/hid-lg.o
CC net/ceph/messenger.o
CC net/nfc/nci/core.o
CC net/ieee802154/header_ops.o
AR net/dns_resolver/built-in.a
CC net/psample/psample.o
CC net/6lowpan/nhc_ghc_ext_hop.o
CC net/6lowpan/nhc_udp.o
CC net/wimax/stack.o
CC net/wimax/debugfs.o
CC net/mac80211/agg-tx.o
CC net/mac80211/agg-rx.o
CC net/smc/smc_rx.o
CC net/batman-adv/bat_v_elp.o
CC drivers/hid/hid-lgff.o
AR net/caif/built-in.a
CC net/batman-adv/bat_v_ogm.o
CC net/wireless/wext-sme.o
CC net/batman-adv/bitarray.o
GEN net/wireless/shipped-certs.c
CC net/nfc/hci/core.o
CC net/nfc/hci/hcp.o
CC net/ceph/msgpool.o
CC net/batman-adv/bridge_loop_avoidance.o
CC net/nfc/hci/command.o
CC net/ceph/buffer.o
CC net/ceph/pagelist.o
CC net/ceph/mon_client.o
CC net/6lowpan/nhc_ghc_udp.o
CC net/netfilter/xt_cluster.o
CC drivers/md/dm-thin-metadata.o
CC net/ceph/decode.o
AR net/netlabel/built-in.a
CC net/wireless/wext-core.o
CC net/wireless/wext-proc.o
CC drivers/staging/android/ion/ion_heap.o
CC net/netfilter/xt_comment.o
CC net/rds/tcp_send.o
AR drivers/infiniband/sw/rxe/built-in.a
CC net/rds/tcp_stats.o
AR drivers/infiniband/sw/built-in.a
CC net/smc/smc_close.o
CC net/batman-adv/distributed-arp-table.o
CC net/ieee802154/sysfs.o
AR net/ieee802154/6lowpan/built-in.a
CC net/batman-adv/fragmentation.o
CC net/batman-adv/gateway_common.o
CC net/batman-adv/gateway_client.o
CC drivers/staging/android/ion/ion_system_heap.o
CC drivers/staging/android/ion/ion_page_pool.o
CC net/6lowpan/nhc_ghc_icmpv6.o
CC drivers/platform/chrome/chromeos_laptop.o
CC drivers/platform/chrome/chromeos_pstore.o
CC drivers/platform/x86/eeepc-laptop.o
CC drivers/platform/chrome/chromeos_tbmc.o
CC drivers/platform/chrome/cros_ec_typec.o
CC drivers/platform/chrome/cros_ec.o
CC net/ceph/cls_lock_client.o
CC net/tipc/net.o
CC net/nfc/hci/llc.o
CC net/mac80211/vht.o
CC net/mac80211/ibss.o
AR drivers/infiniband/core/built-in.a
CC net/mac80211/he.o
CC drivers/platform/chrome/cros_ec_proto.o
CC net/6lowpan/nhc_ghc_ext_dest.o
AR drivers/infiniband/built-in.a
CC net/batman-adv/hard-interface.o
CC net/mac802154/cfg.o
CC net/nfc/nci/data.o
CC drivers/platform/chrome/cros_ec_trace.o
CC drivers/platform/chrome/cros_kbd_led_backlight.o
CC drivers/platform/chrome/cros_ec_chardev.o
CC drivers/hid/hid-lg2ff.o
CC drivers/hid/hid-lg3ff.o
CC net/wireless/shipped-certs.o
CC net/netfilter/xt_connbytes.o
AR net/wimax/built-in.a
CC net/mac80211/iface.o
CC net/nfc/hci/llc_nop.o
CC net/nfc/hci/llc_shdlc.o
CC drivers/platform/chrome/cros_ec_lightbar.o
CC net/smc/smc_ism.o
AR net/psample/built-in.a
CC net/smc/smc_diag.o
CC drivers/staging/android/ion/ion_cma_heap.o
CC net/netfilter/xt_connlabel.o
CC drivers/platform/chrome/cros_ec_debugfs.o
CC net/ieee802154/nl802154.o
CC net/nfc/nci/rsp.o
CC net/nfc/nci/ntf.o
CC net/nfc/nci/lib.o
CC net/nfc/nci/hci.o
CC net/nfc/nci/spi.o
CC net/nfc/core.o
CC net/6lowpan/nhc_ghc_ext_route.o
CC net/6lowpan/nhc_ghc_ext_frag.o
CC net/ieee802154/trace.o
CC net/mac80211/rate.o
CC net/batman-adv/hash.o
AR net/rds/built-in.a
CC drivers/platform/x86/intel_menlow.o
CC net/tipc/netlink.o
CC net/nfc/netlink.o
CC drivers/mailbox/mailbox.o
CC drivers/mailbox/pcc.o
CC drivers/platform/chrome/cros_ec_sensorhub.o
CC drivers/hid/hid-lg4ff.o
CC net/mac80211/michael.o
CC net/mac80211/tkip.o
CC drivers/platform/chrome/cros_ec_sensorhub_ring.o
CC net/mac80211/aes_cmac.o
CC drivers/extcon/extcon.o
CC net/mac80211/aes_gmac.o
CC net/nfc/nci/uart.o
CC drivers/hid/hid-lg-g15.o
CC drivers/staging/android/ashmem.o
CC drivers/platform/x86/i2c-multi-instantiate.o
CC net/tipc/netlink_compat.o
CC drivers/extcon/devres.o
CC drivers/hid/hid-logitech-hidpp.o
AR drivers/staging/android/ion/built-in.a
CC drivers/hid/hid-logitech-dj.o
CC net/mac80211/fils_aead.o
CC net/ceph/osd_client.o
CC net/ife/ife.o
CC net/openvswitch/actions.o
CC drivers/md/dm-verity-fec.o
CC drivers/platform/chrome/cros_ec_sysfs.o
CC net/vmw_vsock/af_vsock.o
CC drivers/md/dm-verity-target.o
CC drivers/md/dm-cache-target.o
CC net/batman-adv/main.o
CC net/tipc/node.o
CC net/mac802154/trace.o
AR net/nfc/hci/built-in.a
CC net/batman-adv/multicast.o
CC net/vmw_vsock/af_vsock_tap.o
CC net/batman-adv/netlink.o
CC net/mac80211/cfg.o
CC net/netfilter/xt_connlimit.o
CC net/nfc/rawsock.o
CC net/nfc/af_nfc.o
CC drivers/hid/hid-magicmouse.o
AR net/6lowpan/built-in.a
CC net/nfc/llcp_core.o
CC net/nfc/llcp_commands.o
CC net/batman-adv/network-coding.o
CC net/nfc/llcp_sock.o
CC net/nfc/digital_core.o
CC drivers/platform/x86/pmc_atom.o
CC net/tipc/socket.o
CC net/tipc/eth_media.o
CC net/mac80211/ethtool.o
CC net/batman-adv/originator.o
CC net/batman-adv/routing.o
CC net/mac80211/rx.o
CC net/mac80211/spectmgmt.o
AR drivers/mailbox/built-in.a
CC net/ceph/osdmap.o
CC net/mac80211/key.o
CC net/nfc/digital_technology.o
CC net/mac80211/tx.o
AR drivers/perf/built-in.a
CC net/mac80211/util.o
CC drivers/hid/hid-microsoft.o
CC drivers/platform/chrome/cros_usbpd_notify.o
CC net/netfilter/xt_conntrack.o
AR drivers/staging/android/built-in.a
CC drivers/ras/ras.o
CC net/netfilter/xt_cpu.o
AR net/smc/built-in.a
AR drivers/staging/built-in.a
CC net/netfilter/xt_dccp.o
CC net/batman-adv/send.o
CC net/mpls/mpls_gso.o
CC net/batman-adv/soft-interface.o
CC drivers/hid/hid-monterey.o
AR net/nfc/nci/built-in.a
CC net/mac80211/wme.o
CC net/mac80211/chan.o
CC net/netfilter/xt_devgroup.o
CC net/vmw_vsock/vsock_addr.o
AR drivers/extcon/built-in.a
CC net/vmw_vsock/diag.o
CC drivers/md/dm-cache-metadata.o
CC drivers/md/dm-cache-policy.o
CC drivers/md/dm-cache-background-tracker.o
CC drivers/md/dm-cache-policy-smq.o
CC net/tipc/topsrv.o
AR net/ife/built-in.a
CC net/batman-adv/sysfs.o
CC net/nfc/digital_dep.o
CC net/vmw_vsock/virtio_transport.o
AR drivers/platform/x86/built-in.a
CC drivers/hid/hid-multitouch.o
CC net/mac80211/trace.o
CC net/mac80211/mlme.o
CC drivers/hid/hid-ntrig.o
CC net/mac80211/tdls.o
CC net/mac80211/airtime.o
CC net/mac80211/ocb.o
AR drivers/platform/chrome/built-in.a
AR net/mac802154/built-in.a
AR drivers/platform/built-in.a
CC net/mac80211/led.o
CC net/vmw_vsock/virtio_transport_common.o
CC net/vmw_vsock/vsock_loopback.o
CC net/openvswitch/datapath.o
CC net/mpls/af_mpls.o
CC drivers/ras/debugfs.o
CC net/openvswitch/dp_notify.o
CC drivers/md/dm-clone-target.o
CC net/batman-adv/tp_meter.o
CC drivers/md/dm-clone-metadata.o
CC net/netfilter/xt_dscp.o
CC net/nsh/nsh.o
CC drivers/hid/hid-ortek.o
CC net/netfilter/xt_ecn.o
CC net/hsr/hsr_main.o
CC net/ceph/crush/crush.o
CC net/hsr/hsr_framereg.o
CC net/ieee802154/socket.o
CC drivers/hid/hid-prodikeys.o
CC drivers/hid/hid-pl.o
CC net/batman-adv/translation-table.o
AR drivers/hwtracing/intel_th/built-in.a
CC net/batman-adv/tvlv.o
CC drivers/hid/hid-petalynx.o
CC drivers/md/dm-integrity.o
CC drivers/md/dm-zoned-target.o
CC drivers/md/dm-zoned-metadata.o
CC net/switchdev/switchdev.o
CC net/hsr/hsr_device.o
CC drivers/md/dm-zoned-reclaim.o
CC drivers/hid/hid-picolcd_core.o
CC drivers/md/dm-writecache.o
CC drivers/android/binder.o
CC drivers/hid/hid-picolcd_debugfs.o
CC net/ceph/crush/mapper.o
CC net/ceph/crush/hash.o
CC net/ceph/striper.o
AR drivers/ras/built-in.a
CC net/hsr/hsr_netlink.o
CC drivers/hid/hid-plantronics.o
CC net/hsr/hsr_slave.o
CC drivers/android/binder_alloc.o
CC drivers/hid/hid-primax.o
CC drivers/hid/hid-roccat.o
CC net/openvswitch/flow_netlink.o
CC net/openvswitch/flow.o
CC net/hsr/hsr_forward.o
AR net/nfc/built-in.a
CC net/hsr/hsr_debugfs.o
CC net/mac80211/debugfs_sta.o
CC net/mac80211/debugfs.o
CC drivers/hid/hid-roccat-common.o
CC net/tipc/group.o
CC net/netfilter/xt_esp.o
CC net/tipc/trace.o
CC net/tipc/ib_media.o
CC net/tipc/udp_media.o
CC net/tipc/sysctl.o
CC net/tipc/crypto.o
CC drivers/hid/hid-roccat-arvo.o
CC net/ceph/debugfs.o
CC net/mac80211/debugfs_netdev.o
AR net/nsh/built-in.a
CC net/mac80211/debugfs_key.o
CC net/mac80211/mesh.o
CC net/mac80211/mesh_pathtbl.o
CC net/mac80211/mesh_hwmp.o
CC net/mac80211/mesh_plink.o
CC net/openvswitch/flow_table.o
CC net/openvswitch/meter.o
CC net/mac80211/mesh_sync.o
CC drivers/hid/hid-roccat-isku.o
CC net/mac80211/mesh_ps.o
CC drivers/hid/hid-roccat-kone.o
CC net/mac80211/pm.o
CC drivers/hid/hid-roccat-koneplus.o
CC drivers/counter/counter.o
CC net/mac80211/rc80211_minstrel.o
CC net/mac80211/rc80211_minstrel_ht.o
CC net/l3mdev/l3mdev.o
CC net/tipc/diag.o
AR net/ieee802154/built-in.a
CC net/ncsi/ncsi-cmd.o
CC net/ncsi/ncsi-rsp.o
CC net/ncsi/ncsi-aen.o
CC net/ceph/auth.o
CC net/ceph/auth_none.o
CC drivers/hid/hid-roccat-konepure.o
AR net/hsr/built-in.a
CC net/mpls/mpls_iptunnel.o
CC net/ncsi/ncsi-manage.o
CC net/netfilter/xt_hashlimit.o
CC net/netfilter/xt_helper.o
CC net/openvswitch/vport.o
AR net/switchdev/built-in.a
CC drivers/hid/hid-roccat-kovaplus.o
CC net/openvswitch/vport-internal_dev.o
CC net/openvswitch/vport-netdev.o
CC net/openvswitch/conntrack.o
CC drivers/hid/hid-roccat-lua.o
AR net/vmw_vsock/built-in.a
CC drivers/hid/hid-roccat-pyra.o
CC net/mac80211/rc80211_minstrel_debugfs.o
CC net/xdp/xsk.o
CC net/xdp/xdp_umem.o
CC net/mac80211/rc80211_minstrel_ht_debugfs.o
CC drivers/hid/hid-roccat-ryos.o
CC net/ncsi/ncsi-netlink.o
CC drivers/hid/hid-roccat-savu.o
CC net/ceph/crypto.o
CC net/netfilter/xt_hl.o
CC net/openvswitch/vport-vxlan.o
CC net/openvswitch/vport-geneve.o
CC net/ceph/armor.o
CC net/socket.o
CC net/compat.o
CC net/sysctl_net.o
CC net/netfilter/xt_ipcomp.o
CC drivers/hid/hid-rmi.o
CC drivers/hid/hid-saitek.o
CC net/netfilter/xt_iprange.o
CC net/netfilter/xt_ipvs.o
CC net/xdp/xsk_queue.o
CC drivers/hid/hid-samsung.o
AR drivers/counter/built-in.a
AR net/l3mdev/built-in.a
CC net/netfilter/xt_l2tp.o
CC net/openvswitch/vport-gre.o
CC net/ceph/auth_x.o
CC drivers/hid/hid-sjoy.o
CC net/ceph/ceph_strings.o
CC drivers/hid/hid-sony.o
CC drivers/hid/hid-speedlink.o
CC drivers/hid/hid-sunplus.o
CC net/ceph/ceph_hash.o
CC net/ceph/pagevec.o
CC net/ceph/snapshot.o
CC net/xdp/xsk_diag.o
CC drivers/hid/hid-gaff.o
AR net/mpls/built-in.a
CC drivers/hid/hid-tmff.o
CC drivers/hid/hid-tivo.o
CC drivers/hid/hid-topseed.o
CC net/ceph/string_table.o
CC net/netfilter/xt_length.o
CC drivers/hid/hid-twinhan.o
CC drivers/hid/hid-uclogic-core.o
CC net/netfilter/xt_limit.o
CC drivers/hid/hid-uclogic-rdesc.o
CC drivers/hid/hid-uclogic-params.o
CC net/netfilter/xt_mac.o
CC drivers/hid/hid-led.o
CC net/netfilter/xt_multiport.o
CC drivers/hid/hid-zpff.o
CC drivers/hid/hid-zydacron.o
CC drivers/hid/wacom_wac.o
CC net/netfilter/xt_nfacct.o
CC drivers/hid/wacom_sys.o
CC net/netfilter/xt_osf.o
AR net/batman-adv/built-in.a
CC net/netfilter/xt_owner.o
CC drivers/hid/hid-waltop.o
CC drivers/hid/hid-wiimote-core.o
CC drivers/hid/hid-wiimote-debug.o
CC drivers/hid/hid-wiimote-modules.o
CC net/netfilter/xt_cgroup.o
CC net/netfilter/xt_pkttype.o
CC net/netfilter/xt_physdev.o
CC net/netfilter/xt_policy.o
CC net/netfilter/xt_quota.o
CC net/netfilter/xt_realm.o
CC net/netfilter/xt_rateest.o
CC net/netfilter/xt_sctp.o
CC net/netfilter/xt_recent.o
CC net/netfilter/xt_socket.o
CC net/netfilter/xt_state.o
CC net/netfilter/xt_statistic.o
CC net/netfilter/xt_tcpmss.o
CC net/netfilter/xt_string.o
CC net/netfilter/xt_u32.o
CC net/netfilter/xt_time.o
AR net/tipc/built-in.a
AR net/ceph/built-in.a
AR net/ncsi/built-in.a
AR net/xdp/built-in.a
AR drivers/md/built-in.a
AR net/netfilter/built-in.a
AR net/openvswitch/built-in.a
AR drivers/android/built-in.a
AR drivers/hid/built-in.a
AR drivers/built-in.a
AR net/mac80211/built-in.a
AR net/wireless/built-in.a
AR net/built-in.a
GEN .version
CHK include/generated/compile.h
LD vmlinux.o
MODPOST vmlinux.o
MODINFO modules.builtin.modinfo
GEN modules.builtin
BTF: .tmp_vmlinux.btf: pahole version v1.9 is too old, need at least v1.13
Failed to generate BTF for vmlinux
Try to disable CONFIG_DEBUG_INFO_BTF
Makefile:1113: recipe for target 'vmlinux' failed
make: *** [vmlinux] Error 1
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=1426a4d2100000
Tested on:
commit: 9cb1fd0e Linux 5.7-rc7
git tree: upstream
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
patch: https://syzkaller.appspot.com/x/patch.diff?x=126281e2100000
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syzbot
May 25, 2020, 10:25:06 AM5/25/20
to penguin...@i-love.sakura.ne.jp, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer still triggered crash:
WARNING in vkms_vblank_simulate
now=93531904774 interval=0 ret_overrun=216994
------------[ cut here ]------------
WARNING: CPU: 1 PID: 7841 at drivers/gpu/drm/vkms/vkms_crtc.c:27 vkms_vblank_simulate.cold+0x1a/0x28 drivers/gpu/drm/vkms/vkms_crtc.c:24
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7841 Comm: syz-executor.2 Not tainted 5.7.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
panic+0x2e3/0x75c kernel/panic.c:221
__warn.cold+0x2f/0x3e kernel/panic.c:582
report_bug+0x289/0x300 lib/bug.c:195
fixup_bug arch/x86/kernel/traps.c:175 [inline]
fixup_bug arch/x86/kernel/traps.c:170 [inline]
do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:vkms_vblank_simulate.cold+0x1a/0x28 drivers/gpu/drm/vkms/vkms_crtc.c:27
Code: 48 8b 45 d8 eb b6 e8 bd 11 99 fd e9 2f ff ff ff e8 03 14 5a fd 4c 89 e1 4c 89 fa 4c 89 ee 48 c7 c7 00 67 46 88 e8 42 fe 42 fd <0f> 0b e9 7f ee ff ff cc cc cc cc cc cc cc 55 48 89 e5 41 55 49 89
RSP: 0018:ffff8880aeb09dc0 EFLAGS: 00010086
RAX: 000000000000002d RBX: ffff888218d15830 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815eeb16 RDI: ffffed1015d613aa
RBP: ffff8880aeb09df0 R08: 000000000000002d R09: ffffed1015d666a9
R10: ffff8880aeb33547 R11: ffffed1015d666a8 R12: 0000000000034fa2
R13: 00000015c6ef9b06 R14: ffff888218d14ce0 R15: 0000000000000000
__run_hrtimer kernel/time/hrtimer.c:1520 [inline]
__hrtimer_run_queues+0x20f/0xf70 kernel/time/hrtimer.c:1584
hrtimer_interrupt+0x314/0x770 kernel/time/hrtimer.c:1646
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 [inline]
smp_apic_timer_interrupt+0x160/0x610 arch/x86/kernel/apic/apic.c:1138
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
</IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:759 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x90/0xe0 kernel/locking/spinlock.c:191
Code: 48 c7 c0 a0 c3 34 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 39 48 83 3d b7 c0 a8 01 00 74 24 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 d1 6c c4 f9 65 8b 05 c2 1b 76 78
RSP: 0018:ffff8880965bfab0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1269874 RBX: 0000000000000286 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: 0000000000000286
RBP: ffff8880965bfac0 R08: ffff8880958f0200 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888218d14338
R13: 0000000000000000 R14: ffff888218d14338 R15: ffff8880a3b11928
spin_unlock_irqrestore include/linux/spinlock.h:408 [inline]
drm_vblank_get+0x153/0x1e0 drivers/gpu/drm/drm_vblank.c:1101
drm_wait_vblank_ioctl+0x41a/0x1940 drivers/gpu/drm/drm_vblank.c:1722
drm_ioctl_kernel+0x244/0x300 drivers/gpu/drm/drm_ioctl.c:787
drm_ioctl+0x54e/0xa60 drivers/gpu/drm/drm_ioctl.c:887
vfs_ioctl fs/ioctl.c:47 [inline]
ksys_ioctl+0x123/0x180 fs/ioctl.c:771
__do_sys_ioctl fs/ioctl.c:780 [inline]
__se_sys_ioctl fs/ioctl.c:778 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:778
do_syscall_64+0xfa/0x7e0 arch/x86/entry/common.c:295
entry_SYSCALL_64_after_hwframe+0x49/0xb3
RIP: 0033:0x45a649
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fa97067ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a649
RDX: 0000000020000100 RSI: 00000000c018643a RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa97067b6d4
R13: 00000000004c2a1e R14: 00000000004d6af8 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..
Tested on:
commit: 9cb1fd0e Linux 5.7-rc7
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=13349baa100000
kernel config: https://syzkaller.appspot.com/x/.config?x=90ec85219d0280b2
syzbot has tested the proposed patch but the reproducer still triggered crash:
WARNING in vkms_vblank_simulate
now=93531904774 interval=0 ret_overrun=216994
------------[ cut here ]------------
WARNING: CPU: 1 PID: 7841 at drivers/gpu/drm/vkms/vkms_crtc.c:27 vkms_vblank_simulate.cold+0x1a/0x28 drivers/gpu/drm/vkms/vkms_crtc.c:24
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7841 Comm: syz-executor.2 Not tainted 5.7.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
panic+0x2e3/0x75c kernel/panic.c:221
__warn.cold+0x2f/0x3e kernel/panic.c:582
report_bug+0x289/0x300 lib/bug.c:195
fixup_bug arch/x86/kernel/traps.c:175 [inline]
fixup_bug arch/x86/kernel/traps.c:170 [inline]
do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:vkms_vblank_simulate.cold+0x1a/0x28 drivers/gpu/drm/vkms/vkms_crtc.c:27
Code: 48 8b 45 d8 eb b6 e8 bd 11 99 fd e9 2f ff ff ff e8 03 14 5a fd 4c 89 e1 4c 89 fa 4c 89 ee 48 c7 c7 00 67 46 88 e8 42 fe 42 fd <0f> 0b e9 7f ee ff ff cc cc cc cc cc cc cc 55 48 89 e5 41 55 49 89
RSP: 0018:ffff8880aeb09dc0 EFLAGS: 00010086
RAX: 000000000000002d RBX: ffff888218d15830 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815eeb16 RDI: ffffed1015d613aa
RBP: ffff8880aeb09df0 R08: 000000000000002d R09: ffffed1015d666a9
R10: ffff8880aeb33547 R11: ffffed1015d666a8 R12: 0000000000034fa2
R13: 00000015c6ef9b06 R14: ffff888218d14ce0 R15: 0000000000000000
__run_hrtimer kernel/time/hrtimer.c:1520 [inline]
__hrtimer_run_queues+0x20f/0xf70 kernel/time/hrtimer.c:1584
hrtimer_interrupt+0x314/0x770 kernel/time/hrtimer.c:1646
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 [inline]
smp_apic_timer_interrupt+0x160/0x610 arch/x86/kernel/apic/apic.c:1138
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
</IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:759 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x90/0xe0 kernel/locking/spinlock.c:191
Code: 48 c7 c0 a0 c3 34 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 39 48 83 3d b7 c0 a8 01 00 74 24 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 d1 6c c4 f9 65 8b 05 c2 1b 76 78
RSP: 0018:ffff8880965bfab0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1269874 RBX: 0000000000000286 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: 0000000000000286
RBP: ffff8880965bfac0 R08: ffff8880958f0200 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888218d14338
R13: 0000000000000000 R14: ffff888218d14338 R15: ffff8880a3b11928
spin_unlock_irqrestore include/linux/spinlock.h:408 [inline]
drm_vblank_get+0x153/0x1e0 drivers/gpu/drm/drm_vblank.c:1101
drm_wait_vblank_ioctl+0x41a/0x1940 drivers/gpu/drm/drm_vblank.c:1722
drm_ioctl_kernel+0x244/0x300 drivers/gpu/drm/drm_ioctl.c:787
drm_ioctl+0x54e/0xa60 drivers/gpu/drm/drm_ioctl.c:887
vfs_ioctl fs/ioctl.c:47 [inline]
ksys_ioctl+0x123/0x180 fs/ioctl.c:771
__do_sys_ioctl fs/ioctl.c:780 [inline]
__se_sys_ioctl fs/ioctl.c:778 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:778
do_syscall_64+0xfa/0x7e0 arch/x86/entry/common.c:295
entry_SYSCALL_64_after_hwframe+0x49/0xb3
RIP: 0033:0x45a649
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fa97067ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a649
RDX: 0000000020000100 RSI: 00000000c018643a RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa97067b6d4
R13: 00000000004c2a1e R14: 00000000004d6af8 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..
Tested on:
commit: 9cb1fd0e Linux 5.7-rc7
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=90ec85219d0280b2
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
patch: https://syzkaller.appspot.com/x/patch.diff?x=103a3e72100000
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syzbot
May 25, 2020, 8:34:05 PM5/25/20
to penguin...@i-love.sakura.ne.jp, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but build/boot failed:
syzbot tried to test the proposed patch but build/boot failed:
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/syzkaller/.cache/go-build"
GOENV="/syzkaller/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/syzkaller/jobs/linux/gopath"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/syzkaller/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/syzkaller/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build189373105=/tmp/go-build -gno-record-gcc-switches"
git status (err=<nil>)
HEAD detached at 1048481f
Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git restore <file>..." to discard changes in working directory)
modified: sys/akaros/gen/amd64.go
modified: sys/freebsd/gen/386.go
modified: sys/freebsd/gen/amd64.go
modified: sys/fuchsia/gen/amd64.go
modified: sys/fuchsia/gen/arm64.go
modified: sys/linux/gen/386.go
modified: sys/linux/gen/amd64.go
modified: sys/linux/gen/arm.go
modified: sys/linux/gen/arm64.go
modified: sys/linux/gen/ppc64le.go
modified: sys/netbsd/gen/amd64.go
modified: sys/openbsd/gen/amd64.go
modified: sys/test/gen/32_fork_shmem.go
modified: sys/test/gen/32_shmem.go
modified: sys/test/gen/64.go
modified: sys/test/gen/64_fork.go
modified: sys/trusty/gen/arm.go
modified: sys/windows/gen/amd64.go
Untracked files:
(use "git add <file>..." to include in what will be committed)
.descriptions
sys/linux/gen/mips64le.go
no changes added to commit (use "git add" and/or "git commit -a")
Tested on:
commit: [unknown
git tree: upstream
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
patch: https://syzkaller.appspot.com/x/patch.diff?x=12fed016100000
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syzbot
May 26, 2020, 12:05:04 AM5/26/20
to penguin...@i-love.sakura.ne.jp, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer still triggered crash:
WARNING in vkms_vblank_simulate
------------[ cut here ]------------
syzbot has tested the proposed patch but the reproducer still triggered crash:
WARNING in vkms_vblank_simulate
WARNING: CPU: 1 PID: 7837 at drivers/gpu/drm/vkms/vkms_crtc.c:27 vkms_vblank_simulate.cold+0x1a/0x30 drivers/gpu/drm/vkms/vkms_crtc.c:24
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7837 Comm: syz-executor.2 Not tainted 5.7.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
panic+0x2e3/0x75c kernel/panic.c:221
__warn.cold+0x2f/0x3e kernel/panic.c:582
report_bug+0x289/0x300 lib/bug.c:195
fixup_bug arch/x86/kernel/traps.c:175 [inline]
fixup_bug arch/x86/kernel/traps.c:170 [inline]
do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:vkms_vblank_simulate.cold+0x1a/0x30 drivers/gpu/drm/vkms/vkms_crtc.c:27
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
panic+0x2e3/0x75c kernel/panic.c:221
__warn.cold+0x2f/0x3e kernel/panic.c:582
report_bug+0x289/0x300 lib/bug.c:195
fixup_bug arch/x86/kernel/traps.c:175 [inline]
fixup_bug arch/x86/kernel/traps.c:170 [inline]
do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
Code: fd 48 8d bb 50 0b 00 00 e8 43 3e 4a fd 5b 5d c3 e8 cb 19 5a fd 4c 89 e1 4c 89 fa 4c 89 ee 48 c7 c7 60 67 46 88 e8 0a 04 43 fd <0f> 0b e9 07 ee ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
RSP: 0018:ffff8880aeb09dc0 EFLAGS: 00010086
RAX: 000000000000002f RBX: ffff888218d0d830 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815eeb16 RDI: ffffed1015d613aa
RBP: ffff8880aeb09df0 R08: 000000000000002f R09: ffffed1015d666a9
R10: ffff8880aeb33547 R11: ffffed1015d666a8 R12: 00000000010dfabf
R13: 00000014309da4f3 R14: ffff888218d0cce0 R15: 0000000000000000
__run_hrtimer kernel/time/hrtimer.c:1520 [inline]
__hrtimer_run_queues+0x20f/0xf70 kernel/time/hrtimer.c:1584
hrtimer_interrupt+0x314/0x770 kernel/time/hrtimer.c:1646
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 [inline]
smp_apic_timer_interrupt+0x160/0x610 arch/x86/kernel/apic/apic.c:1138
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
</IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:759 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x90/0xe0 kernel/locking/spinlock.c:191
Code: 48 c7 c0 a0 c3 34 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 39 48 83 3d b7 c0 a8 01 00 74 24 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 d1 6c c4 f9 65 8b 05 c2 1b 76 78
RSP: 0018:ffff888084c5fab0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
__hrtimer_run_queues+0x20f/0xf70 kernel/time/hrtimer.c:1584
hrtimer_interrupt+0x314/0x770 kernel/time/hrtimer.c:1646
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 [inline]
smp_apic_timer_interrupt+0x160/0x610 arch/x86/kernel/apic/apic.c:1138
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
</IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:759 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x90/0xe0 kernel/locking/spinlock.c:191
Code: 48 c7 c0 a0 c3 34 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 39 48 83 3d b7 c0 a8 01 00 74 24 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 d1 6c c4 f9 65 8b 05 c2 1b 76 78
RAX: 1ffffffff1269874 RBX: 0000000000000286 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: 0000000000000286
RBP: ffff888084c5fac0 R08: ffff8880a0240180 R09: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: 0000000000000286
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888218d0c338
R13: 0000000000000000 R14: ffff888218d0c338 R15: ffff888218cb5928
spin_unlock_irqrestore include/linux/spinlock.h:408 [inline]
drm_vblank_get+0x153/0x1e0 drivers/gpu/drm/drm_vblank.c:1101
drm_wait_vblank_ioctl+0x41a/0x1940 drivers/gpu/drm/drm_vblank.c:1722
drm_ioctl_kernel+0x244/0x300 drivers/gpu/drm/drm_ioctl.c:787
drm_ioctl+0x54e/0xa60 drivers/gpu/drm/drm_ioctl.c:887
vfs_ioctl fs/ioctl.c:47 [inline]
ksys_ioctl+0x123/0x180 fs/ioctl.c:771
__do_sys_ioctl fs/ioctl.c:780 [inline]
__se_sys_ioctl fs/ioctl.c:778 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:778
do_syscall_64+0xfa/0x7e0 arch/x86/entry/common.c:295
entry_SYSCALL_64_after_hwframe+0x49/0xb3
RIP: 0033:0x45a649
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f8a1edf6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
drm_vblank_get+0x153/0x1e0 drivers/gpu/drm/drm_vblank.c:1101
drm_wait_vblank_ioctl+0x41a/0x1940 drivers/gpu/drm/drm_vblank.c:1722
drm_ioctl_kernel+0x244/0x300 drivers/gpu/drm/drm_ioctl.c:787
drm_ioctl+0x54e/0xa60 drivers/gpu/drm/drm_ioctl.c:887
vfs_ioctl fs/ioctl.c:47 [inline]
ksys_ioctl+0x123/0x180 fs/ioctl.c:771
__do_sys_ioctl fs/ioctl.c:780 [inline]
__se_sys_ioctl fs/ioctl.c:778 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:778
do_syscall_64+0xfa/0x7e0 arch/x86/entry/common.c:295
entry_SYSCALL_64_after_hwframe+0x49/0xb3
RIP: 0033:0x45a649
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a649
RDX: 0000000020000100 RSI: 00000000c018643a RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8a1edf76d4
RDX: 0000000020000100 RSI: 00000000c018643a RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R13: 00000000004c2a1e R14: 00000000004d6af8 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..
Tested on:
commit: 9cb1fd0e Linux 5.7-rc7
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=124a0816100000
Kernel Offset: disabled
Rebooting in 86400 seconds..
Tested on:
commit: 9cb1fd0e Linux 5.7-rc7
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=90ec85219d0280b2
dashboard link: https://syzkaller.appspot.com/bug?extid=0871b14ca2e2fb64f6e3
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
patch: https://syzkaller.appspot.com/x/patch.diff?x=135f254a100000
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Reply all
Reply to author
Forward
0 new messages