bisecting cause commit starting from 7999516e20bd9bb5d1f7351cbd05ca529a3a8d60 building syzkaller on 6972b10616d785401dea17cec890cca8916424a7 testing commit 7999516e20bd9bb5d1f7351cbd05ca529a3a8d60 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 0c2fad58b50c392b7bc757f932524f7d94fa2d214b825c030f16a61506257c97 all runs: crashed: general protection fault in udmabuf_create testing release v5.13 testing commit 62fb9874f5da54fdb243003b386128037319b219 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 1cb5111c0f95c1fc7e3896d55db5b53fbce5858f143c657e735c92f7019c7d10 all runs: OK # git bisect start 7999516e20bd9bb5d1f7351cbd05ca529a3a8d60 62fb9874f5da54fdb243003b386128037319b219 Bisecting: 10350 revisions left to test after this (roughly 13 steps) [eed0218e8cae9fcd186c30e9fcf5fe46a87e056e] Merge tag 'char-misc-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc testing commit eed0218e8cae9fcd186c30e9fcf5fe46a87e056e compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 4f18277294734d288381b591665fd9388a47218615a37e3c5c6427256b91ebbb run #0: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #1: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #2: boot failed: possible deadlock in fs_reclaim_acquire run #3: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #4: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) run #5: boot failed: possible deadlock in fs_reclaim_acquire run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) run #7: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #8: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #9: boot failed: BUG: sleeping function called from invalid context in stack_depot_save # git bisect skip eed0218e8cae9fcd186c30e9fcf5fe46a87e056e Bisecting: 10350 revisions left to test after this (roughly 13 steps) [6489d3b00398f02457eea566d4a99698c68cc89f] fpga: fpga-mgr: wrap the fpga_remove() op testing commit 6489d3b00398f02457eea566d4a99698c68cc89f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: d9f5ef2aa2e4ee219a16a8500a3c819c1de6b9d85797a969770a042a68195305 run #0: basic kernel testing failed: possible deadlock in fs_reclaim_acquire run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 6489d3b00398f02457eea566d4a99698c68cc89f Bisecting: 3781 revisions left to test after this (roughly 12 steps) [e45647adce1b28b41dff10c44e46acf67ce0e843] Merge remote-tracking branch 'rdma/for-next' testing commit e45647adce1b28b41dff10c44e46acf67ce0e843 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: f1bc8611f34e35a880812f8e2704ddae64c2a033a5bd6d5732edf81f89b76388 all runs: OK # git bisect good e45647adce1b28b41dff10c44e46acf67ce0e843 Bisecting: 1823 revisions left to test after this (roughly 11 steps) [dddd6cc2c9ba29dd0d18ad808b9e7d4d3c50e7d6] Merge remote-tracking branch 'sound-asoc/for-next' testing commit dddd6cc2c9ba29dd0d18ad808b9e7d4d3c50e7d6 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: dc43ae2f11092b948c9726e1ceff712cf31750296ef72aa2b2a086f6fdc2b8ca all runs: crashed: general protection fault in udmabuf_create # git bisect bad dddd6cc2c9ba29dd0d18ad808b9e7d4d3c50e7d6 Bisecting: 1080 revisions left to test after this (roughly 10 steps) [f754863d27e09d26786fa6c5e06603c9bec4be34] Merge remote-tracking branch 'crypto/master' testing commit f754863d27e09d26786fa6c5e06603c9bec4be34 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 267cc9dd54832b27d8da2347576235d750a5e24d69fb3b7117511def9ecae476 all runs: OK # git bisect good f754863d27e09d26786fa6c5e06603c9bec4be34 Bisecting: 441 revisions left to test after this (roughly 9 steps) [04d505de7f82c8f2daa6139b460b05dc01e354e0] Merge tag 'amd-drm-next-5.15-2021-07-29' of https://gitlab.freedesktop.org/agd5f/linux into drm-next testing commit 04d505de7f82c8f2daa6139b460b05dc01e354e0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: b3dfe1d87adb99fd5bb3c2743d16bfd75876ed83a07f0d12f69c44a2af40bf94 all runs: crashed: general protection fault in udmabuf_create # git bisect bad 04d505de7f82c8f2daa6139b460b05dc01e354e0 Bisecting: 319 revisions left to test after this (roughly 8 steps) [015f2ebb93767d40c442e749642fffaf10316d78] drm: rcar-du: Shutdown the display on system shutdown testing commit 015f2ebb93767d40c442e749642fffaf10316d78 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: d96c2398ae3276c41854f1e04e279ffcdca9cf68b4beb14cbae71fd44b00239a all runs: crashed: general protection fault in udmabuf_create # git bisect bad 015f2ebb93767d40c442e749642fffaf10316d78 Bisecting: 159 revisions left to test after this (roughly 7 steps) [97c9bfe3f6605d41eb8f1206e6e0f62b31ba15d6] drm/aperture: Pass DRM driver structure instead of driver name testing commit 97c9bfe3f6605d41eb8f1206e6e0f62b31ba15d6 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 6e8100e76e89750ae8940511ea08e328ebb0414a07687277217b44bc56d61c49 all runs: crashed: general protection fault in udmabuf_create # git bisect bad 97c9bfe3f6605d41eb8f1206e6e0f62b31ba15d6 Bisecting: 78 revisions left to test after this (roughly 6 steps) [bacbab58f09dcf7c9a52b9f11388b3e25b9daa5f] drm: Mention the power state requirement on side-channel operations testing commit bacbab58f09dcf7c9a52b9f11388b3e25b9daa5f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 304d29173941f21628953c79c48348729d1fa76de520a35a2635c88d48fca8b0 all runs: crashed: general protection fault in udmabuf_create # git bisect bad bacbab58f09dcf7c9a52b9f11388b3e25b9daa5f Bisecting: 37 revisions left to test after this (roughly 5 steps) [bfd616ff9a2602ec66414438c3f9871a49fa1e16] Merge tag 'tags/topic/i915-ttm-2021-06-11' into drm-misc-next testing commit bfd616ff9a2602ec66414438c3f9871a49fa1e16 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 27185d0e8aa1786928e8e09222230a9341abdea9347c4560df435f56bce0351b all runs: crashed: general protection fault in udmabuf_create # git bisect bad bfd616ff9a2602ec66414438c3f9871a49fa1e16 Bisecting: 20 revisions left to test after this (roughly 4 steps) [74c06c282ae63560fcf4073d1564f054d96285ec] drm/panel: panel-simple: Allow panel-simple be a DP AUX endpoint device testing commit 74c06c282ae63560fcf4073d1564f054d96285ec compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 36008897e9b5342d0bb75b1bfd1e09306078cf38dca379c0feea3a62f9e8104c all runs: crashed: general protection fault in udmabuf_create # git bisect bad 74c06c282ae63560fcf4073d1564f054d96285ec Bisecting: 9 revisions left to test after this (roughly 3 steps) [16c243e99d335e1ef3059871897119affc98b493] udmabuf: Add support for mapping hugepages (v4) testing commit 16c243e99d335e1ef3059871897119affc98b493 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: a43eb235a9f5414588bc114dae36d768d3118cb8ae2b815044f5a47161e9d161 all runs: crashed: general protection fault in udmabuf_create # git bisect bad 16c243e99d335e1ef3059871897119affc98b493 Bisecting: 5 revisions left to test after this (roughly 3 steps) [3b51c2bb6f5f3f8a88fe9f4ab62e38496b2d200b] drm/i915/dpcd_bl: Cache some backlight capabilities in intel_panel.backlight testing commit 3b51c2bb6f5f3f8a88fe9f4ab62e38496b2d200b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 39217f67fe9e6a0c0748dfc25e72f21cc6ba8745d67e9bac1b9d36468751e341 all runs: OK # git bisect good 3b51c2bb6f5f3f8a88fe9f4ab62e38496b2d200b Bisecting: 2 revisions left to test after this (roughly 2 steps) [837f93247634b12e5eebb3d707405b701a4f3479] drm/i915/dpcd_bl: Print return codes for VESA backlight failures testing commit 837f93247634b12e5eebb3d707405b701a4f3479 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 39217f67fe9e6a0c0748dfc25e72f21cc6ba8745d67e9bac1b9d36468751e341 all runs: OK # git bisect good 837f93247634b12e5eebb3d707405b701a4f3479 Bisecting: 0 revisions left to test after this (roughly 1 step) [6eca310e8924ab98c73b81dfd39e7dd553ceddfd] drm/nouveau/kms/nv50-: Add basic DPCD backlight support for nouveau testing commit 6eca310e8924ab98c73b81dfd39e7dd553ceddfd compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.1 kernel signature: 57676d7bf07e2a003c93885caf12ccc9dccd0e7d15277e3932b1a86bdec13ec0 all runs: OK # git bisect good 6eca310e8924ab98c73b81dfd39e7dd553ceddfd 16c243e99d335e1ef3059871897119affc98b493 is the first bad commit commit 16c243e99d335e1ef3059871897119affc98b493 Author: Vivek Kasireddy Date: Wed Jun 9 11:29:15 2021 -0700 udmabuf: Add support for mapping hugepages (v4) If the VMM's (Qemu) memory backend is backed up by memfd + Hugepages (hugetlbfs and not THP), we have to first find the hugepage(s) where the Guest allocations are located and then extract the regular 4k sized subpages from them. v2: Ensure that the subpage and hugepage offsets are calculated correctly when the range of subpage allocations cuts across multiple hugepages. v3: Instead of repeatedly looking up the hugepage for each subpage, only do it when the subpage allocation crosses over into a different hugepage. (suggested by Gerd and DW) v4: Fix the following warning identified by checkpatch: CHECK:OPEN_ENDED_LINE: Lines should not end with a '(' Cc: Gerd Hoffmann Signed-off-by: Vivek Kasireddy Signed-off-by: Dongwon Kim Link: http://patchwork.freedesktop.org/patch/msgid/20210609182915.592743-1-vivek.kasireddy@intel.com [ kraxel: one more checkpatch format tweak ] Signed-off-by: Gerd Hoffmann drivers/dma-buf/udmabuf.c | 50 ++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 43 insertions(+), 7 deletions(-) culprit signature: a43eb235a9f5414588bc114dae36d768d3118cb8ae2b815044f5a47161e9d161 parent signature: 57676d7bf07e2a003c93885caf12ccc9dccd0e7d15277e3932b1a86bdec13ec0 revisions tested: 17, total time: 3h37m33.237835237s (build: 1h53m38.813633723s, test: 1h42m8.810370839s) first bad commit: 16c243e99d335e1ef3059871897119affc98b493 udmabuf: Add support for mapping hugepages (v4) recipients (to): ["dongwon.kim@intel.com" "kraxel@redhat.com" "vivek.kasireddy@intel.com"] recipients (cc): [] crash: general protection fault in udmabuf_create general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 10165 Comm: syz-executor.2 Not tainted 5.13.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:compound_head include/linux/page-flags.h:184 [inline] RIP: 0010:get_page include/linux/mm.h:1204 [inline] RIP: 0010:udmabuf_create+0x4e8/0x1260 drivers/dma-buf/udmabuf.c:231 Code: 00 00 48 c1 e8 03 48 89 84 24 88 00 00 00 e9 e2 00 00 00 4c 89 e2 48 c1 e2 06 4c 8d 74 15 00 49 8d 7e 08 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 0f 85 3b 0a 00 00 49 8b 46 08 be 04 00 00 00 48 8d RSP: 0018:ffffc9000ad2fc88 EFLAGS: 00010202 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffc9000ad2fb00 RDX: 0000000000000000 RSI: ffffffff88ab0440 RDI: 0000000000000008 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000078087 R12: 0000000000000000 R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888020d4d180 FS: 00007fc4a5663700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000051a430 CR3: 000000002b977000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: udmabuf_ioctl_create drivers/dma-buf/udmabuf.c:300 [inline] udmabuf_ioctl+0x126/0x230 drivers/dma-buf/udmabuf.c:331 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:1069 [inline] __se_sys_ioctl fs/ioctl.c:1055 [inline] __x64_sys_ioctl+0x11f/0x190 fs/ioctl.c:1055 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665e9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fc4a5663188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 RDX: 0000000020000180 RSI: 0000000040187542 RDI: 0000000000000003 RBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 R13: 00007ffcda8ba31f R14: 00007fc4a5663300 R15: 0000000000022000 Modules linked in: ---[ end trace 3d24e7d5947f3792 ]--- RIP: 0010:compound_head include/linux/page-flags.h:184 [inline] RIP: 0010:get_page include/linux/mm.h:1204 [inline] RIP: 0010:udmabuf_create+0x4e8/0x1260 drivers/dma-buf/udmabuf.c:231 Code: 00 00 48 c1 e8 03 48 89 84 24 88 00 00 00 e9 e2 00 00 00 4c 89 e2 48 c1 e2 06 4c 8d 74 15 00 49 8d 7e 08 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 0f 85 3b 0a 00 00 49 8b 46 08 be 04 00 00 00 48 8d RSP: 0018:ffffc9000ad2fc88 EFLAGS: 00010202 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffc9000ad2fb00 RDX: 0000000000000000 RSI: ffffffff88ab0440 RDI: 0000000000000008 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000078087 R12: 0000000000000000 R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888020d4d180 FS: 00007fc4a5663700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f66a068f000 CR3: 000000002b977000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400