bisecting fixing commit since b09c34517e1ac4018e3bb75ed5c8610a8a1f486b building syzkaller on 1880b4a9f394370a7d1fcb5c1cfca0fa1127b463 testing commit b09c34517e1ac4018e3bb75ed5c8610a8a1f486b with gcc (GCC) 8.4.1 20210217 kernel signature: 6fd98828ca630da930c13f9824ddb9d78561ab8fa889143c558c969f62e0d1de run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: crashed: kernel BUG in pfkey_send_acquire run #3: crashed: kernel BUG in pfkey_send_acquire run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK reproducer seems to be flaky testing current HEAD 255b58a2b3af0baa0ee11507390349217b8b73b0 testing commit 255b58a2b3af0baa0ee11507390349217b8b73b0 with gcc (GCC) 8.4.1 20210217 kernel signature: 408b407649c7276a8a4ff6d201cf04d4760d4018d6d246b15715777bd252524b all runs: OK # git bisect start 255b58a2b3af0baa0ee11507390349217b8b73b0 b09c34517e1ac4018e3bb75ed5c8610a8a1f486b Bisecting: 879 revisions left to test after this (roughly 10 steps) [593cd9d5c7f8ea6ae46d10a0805a33608b3c326f] ARM: dts: dra76x: m_can: fix order of clocks testing commit 593cd9d5c7f8ea6ae46d10a0805a33608b3c326f with gcc (GCC) 8.4.1 20210217 kernel signature: 972029ada54f7a2a9c4ebd78d3efe8fadaf84088014f669aa0f76cf744b4bd6a run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: crashed: kernel BUG in pfkey_send_acquire run #3: crashed: kernel BUG in pfkey_send_acquire run #4: crashed: kernel BUG in pfkey_send_acquire run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good 593cd9d5c7f8ea6ae46d10a0805a33608b3c326f Bisecting: 439 revisions left to test after this (roughly 9 steps) [85597c4369c9941dd38e47176ff8b540b2b583a3] xen/xenbus: Count pending messages for each watch testing commit 85597c4369c9941dd38e47176ff8b540b2b583a3 with gcc (GCC) 8.4.1 20210217 kernel signature: b7461bbbf0bdc8e178a01a9fe2d3c6ab935bc9da79ca97b25b02dd8dd4f89326 run #0: crashed: kernel BUG in pfkey_send_acquire run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good 85597c4369c9941dd38e47176ff8b540b2b583a3 Bisecting: 219 revisions left to test after this (roughly 8 steps) [d4ede0a453cb2658a72dfed7572415c5366cdf4d] esp: avoid unneeded kmap_atomic call testing commit d4ede0a453cb2658a72dfed7572415c5366cdf4d with gcc (GCC) 8.4.1 20210217 kernel signature: a2584714905c2f7ce6cb18aad6d19f948353ea81ec0b2e2e84fed0b1ad272d6d run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: crashed: kernel BUG in pfkey_send_acquire run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good d4ede0a453cb2658a72dfed7572415c5366cdf4d Bisecting: 109 revisions left to test after this (roughly 7 steps) [42ab7cd955034cb4f66e72f6bfd39a94d5aa2d5a] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] testing commit 42ab7cd955034cb4f66e72f6bfd39a94d5aa2d5a with gcc (GCC) 8.4.1 20210217 kernel signature: 7539dacef7df7295a8c5c0b2035598ac0b66d8b794f9d2c43c450b64194a9d1e run #0: crashed: kernel BUG in pfkey_send_acquire run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good 42ab7cd955034cb4f66e72f6bfd39a94d5aa2d5a Bisecting: 54 revisions left to test after this (roughly 6 steps) [7048a23f4c9ff99fdd2658255c5d979b8ba94e2e] USB: usblp: don't call usb_set_interface if there's a single alt testing commit 7048a23f4c9ff99fdd2658255c5d979b8ba94e2e with gcc (GCC) 8.4.1 20210217 kernel signature: d280c3f70e03af64503670a447887eaa83c15213c4559350efb82f763f02e6fe run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good 7048a23f4c9ff99fdd2658255c5d979b8ba94e2e Bisecting: 27 revisions left to test after this (roughly 5 steps) [54354bc5e2a599518c25769b56d76eabe94e67c9] Linux 4.19.175 testing commit 54354bc5e2a599518c25769b56d76eabe94e67c9 with gcc (GCC) 8.4.1 20210217 kernel signature: c07f801e51f0b0f29ab5cd50de1553e3fff43a93c46ee7518bd84f0ed62f42f9 run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good 54354bc5e2a599518c25769b56d76eabe94e67c9 Bisecting: 13 revisions left to test after this (roughly 4 steps) [b5c6efba2b0d35b0f8920d93c5510ea029d17976] SUNRPC: Move simple_get_bytes and simple_get_netobj into private header testing commit b5c6efba2b0d35b0f8920d93c5510ea029d17976 with gcc (GCC) 8.4.1 20210217 kernel signature: 44c278b64e8bc0236556b9002e65c8eea08348b6ed7431bf97ec45806efba82b all runs: OK # git bisect bad b5c6efba2b0d35b0f8920d93c5510ea029d17976 Bisecting: 6 revisions left to test after this (roughly 3 steps) [1d915c56268fa214c94ef764df8bf31d1bd5f25b] regulator: core: avoid regulator_resolve_supply() race condition testing commit 1d915c56268fa214c94ef764df8bf31d1bd5f25b with gcc (GCC) 8.4.1 20210217 kernel signature: a134c50589c6f4b922bad651718c2ba75a513253b0a9adce0034046b835d86ad all runs: OK # git bisect bad 1d915c56268fa214c94ef764df8bf31d1bd5f25b Bisecting: 3 revisions left to test after this (roughly 2 steps) [a19749a5fbd97f2147a8768813d084d584d9e045] fgraph: Initialize tracing_graph_pause at task creation testing commit a19749a5fbd97f2147a8768813d084d584d9e045 with gcc (GCC) 8.4.1 20210217 kernel signature: bc270f86ad459d058fb13df0459693205067e97e216cc0f664b1caae1f6a9602 run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good a19749a5fbd97f2147a8768813d084d584d9e045 Bisecting: 1 revision left to test after this (roughly 1 step) [4f12385298d474541a794f4c47980861299f20e7] remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load testing commit 4f12385298d474541a794f4c47980861299f20e7 with gcc (GCC) 8.4.1 20210217 kernel signature: bc270f86ad459d058fb13df0459693205067e97e216cc0f664b1caae1f6a9602 all runs: OK # git bisect bad 4f12385298d474541a794f4c47980861299f20e7 Bisecting: 0 revisions left to test after this (roughly 0 steps) [96bc573dc8894fffd8859b6796466164053c06c7] remoteproc: qcom_q6v5_mss: Validate modem blob firmware size before load testing commit 96bc573dc8894fffd8859b6796466164053c06c7 with gcc (GCC) 8.4.1 20210217 kernel signature: bc270f86ad459d058fb13df0459693205067e97e216cc0f664b1caae1f6a9602 run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: crashed: kernel BUG in pfkey_send_acquire run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good 96bc573dc8894fffd8859b6796466164053c06c7 4f12385298d474541a794f4c47980861299f20e7 is the first bad commit commit 4f12385298d474541a794f4c47980861299f20e7 Author: Sibi Sankar Date: Thu Jul 23 01:40:45 2020 +0530 remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load commit e013f455d95add874f310dc47c608e8c70692ae5 upstream The following mem abort is observed when the mba firmware size exceeds the allocated mba region. MBA firmware size is restricted to a maximum size of 1M and remaining memory region is used by modem debug policy firmware when available. Hence verify whether the MBA firmware size lies within the allocated memory region and is not greater than 1M before loading. Err Logs: Unable to handle kernel paging request at virtual address Mem abort info: ... Call trace: __memcpy+0x110/0x180 rproc_start+0x40/0x218 rproc_boot+0x5b4/0x608 state_store+0x54/0xf8 dev_attr_store+0x44/0x60 sysfs_kf_write+0x58/0x80 kernfs_fop_write+0x140/0x230 vfs_write+0xc4/0x208 ksys_write+0x74/0xf8 __arm64_sys_write+0x24/0x30 ... Reviewed-by: Bjorn Andersson Fixes: 051fb70fd4ea4 ("remoteproc: qcom: Driver for the self-authenticating Hexagon v5") Cc: stable@vger.kernel.org Signed-off-by: Sibi Sankar Link: https://lore.kernel.org/r/20200722201047.12975-2-sibis@codeaurora.org Signed-off-by: Bjorn Andersson [sudip: manual backport to old file path] Signed-off-by: Sudip Mukherjee Signed-off-by: Greg Kroah-Hartman drivers/remoteproc/qcom_q6v5_pil.c | 6 ++++++ 1 file changed, 6 insertions(+) culprit signature: bc270f86ad459d058fb13df0459693205067e97e216cc0f664b1caae1f6a9602 parent signature: bc270f86ad459d058fb13df0459693205067e97e216cc0f664b1caae1f6a9602 Reproducer flagged being flaky revisions tested: 13, total time: 4h26m29.466958339s (build: 1h47m48.21189747s, test: 2h33m28.312377392s) first good commit: 4f12385298d474541a794f4c47980861299f20e7 remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load recipients (to): ["bjorn.andersson@linaro.org" "gregkh@linuxfoundation.org" "sibis@codeaurora.org" "sudipm.mukherjee@gmail.com"] recipients (cc): []