bisecting cause commit starting from 763dede1b24886d327bfaed7cf59ee3c01c7913e building syzkaller on db9bcd4b9fd510dc1b4b2b2021180c8432844b9b testing commit 763dede1b24886d327bfaed7cf59ee3c01c7913e with gcc (GCC) 8.1.0 kernel signature: d6c43d2461d133b82a2547fc4b80f8cbc5eef0aa96d103841bb07ab22a69fd4d all runs: crashed: WARNING in af_alg_make_sg testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: 4f09a656e81331609baead879920c794032a86c56e52fd69d29977ea9bb5d551 all runs: OK # git bisect start 763dede1b24886d327bfaed7cf59ee3c01c7913e 7111951b8d4973bda27ff663f2cf18b663d15b48 Bisecting: 5767 revisions left to test after this (roughly 13 steps) [72f35423e8a6a2451c202f52cb8adb92b08592ec] Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 testing commit 72f35423e8a6a2451c202f52cb8adb92b08592ec with gcc (GCC) 8.1.0 kernel signature: afdb700477afc1f90f1bd37c313e2674608f1c3ccdd37f6341a7b2658e98fd54 all runs: OK # git bisect good 72f35423e8a6a2451c202f52cb8adb92b08592ec Bisecting: 2681 revisions left to test after this (roughly 12 steps) [848960e576dafc8ed54c691b2f70b92e1fdea9ba] Merge tag 'sound-5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit 848960e576dafc8ed54c691b2f70b92e1fdea9ba with gcc (GCC) 8.1.0 kernel signature: 3c22c9f5c8cfcb83c2b7b94d6cf0f65e61a4c63e434d797672b9d8dac5b0bec7 all runs: crashed: WARNING in af_alg_make_sg # git bisect bad 848960e576dafc8ed54c691b2f70b92e1fdea9ba Bisecting: 1539 revisions left to test after this (roughly 11 steps) [700d6ab987f3b5e28b13b5993e5a9a975c5604e2] Merge tag 'drm-intel-next-fixes-2020-03-27' of git://anongit.freedesktop.org/drm/drm-intel into drm-next testing commit 700d6ab987f3b5e28b13b5993e5a9a975c5604e2 with gcc (GCC) 8.1.0 kernel signature: 4efe5acac389bfb0014f3259cae09846034c56c237930378e068366acdd16a97 all runs: OK # git bisect good 700d6ab987f3b5e28b13b5993e5a9a975c5604e2 Bisecting: 853 revisions left to test after this (roughly 10 steps) [f14a9532ee30c68a56ff502c382860f674cc180c] Merge tag 'x86-urgent-2020-04-02' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit f14a9532ee30c68a56ff502c382860f674cc180c with gcc (GCC) 8.1.0 kernel signature: 1ab96a4db05762bd411be01ccb64edec401b048a64f7d3af500e03eba2dd7fa9 all runs: crashed: WARNING in af_alg_make_sg # git bisect bad f14a9532ee30c68a56ff502c382860f674cc180c Bisecting: 347 revisions left to test after this (roughly 9 steps) [d987ca1c6b7e22fbd30664111e85cec7aa66000d] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace testing commit d987ca1c6b7e22fbd30664111e85cec7aa66000d with gcc (GCC) 8.1.0 kernel signature: 9ceda9b391d6c7ea22d4960cc34c6bf81d2a73bb154fb98882b0249656a39432 all runs: OK # git bisect good d987ca1c6b7e22fbd30664111e85cec7aa66000d Bisecting: 163 revisions left to test after this (roughly 8 steps) [7be97138e7276c71cc9ad1752dcb502d28f4400d] Merge tag 'xfs-5.7-merge-8' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux testing commit 7be97138e7276c71cc9ad1752dcb502d28f4400d with gcc (GCC) 8.1.0 kernel signature: 1746d56f24cd0ab2661b8294581a08dcf9cb236288ada3af094cc3fb210d98b7 all runs: OK # git bisect good 7be97138e7276c71cc9ad1752dcb502d28f4400d Bisecting: 81 revisions left to test after this (roughly 6 steps) [b44437723cbcb5acd64ed25a4938b95fbb9bfccb] mm/vma: move VM_NO_KHUGEPAGED into generic header testing commit b44437723cbcb5acd64ed25a4938b95fbb9bfccb with gcc (GCC) 8.1.0 kernel signature: ac483b2b1f8f8ec7d1eb087e623794fb46607702bc517e90946f1583b15202eb all runs: OK # git bisect good b44437723cbcb5acd64ed25a4938b95fbb9bfccb Bisecting: 40 revisions left to test after this (roughly 5 steps) [5644e1fbbfe15ad06785502bbfe5751223e5841d] mm/vmscan.c: fix data races using kswapd_classzone_idx testing commit 5644e1fbbfe15ad06785502bbfe5751223e5841d with gcc (GCC) 8.1.0 kernel signature: e168a32a962100baca681dbabf00a8d0afb8ad4c8a4ba3d8c5ca9cbef6620869 all runs: crashed: WARNING in af_alg_make_sg # git bisect bad 5644e1fbbfe15ad06785502bbfe5751223e5841d Bisecting: 20 revisions left to test after this (roughly 4 steps) [86a76331d94c4cfa72fe1831dbe4b492f66fdb81] mm: clarify a confusing comment for remap_pfn_range() testing commit 86a76331d94c4cfa72fe1831dbe4b492f66fdb81 with gcc (GCC) 8.1.0 kernel signature: d7b4d33a3d7ad3624445bb8efeeb81e8b95b13f99041c4f6e154e9aa6ba91f0a all runs: crashed: WARNING in af_alg_make_sg # git bisect bad 86a76331d94c4cfa72fe1831dbe4b492f66fdb81 Bisecting: 9 revisions left to test after this (roughly 3 steps) [c9a0dad162014182867f81b28bb7a4b691d65595] powerpc/mm: use helper fault_signal_pending() testing commit c9a0dad162014182867f81b28bb7a4b691d65595 with gcc (GCC) 8.1.0 kernel signature: 8e9202ec54fc5dc88d9efc239148ea1cbcc6b68bdfe6472e6c455383c590abe7 all runs: OK # git bisect good c9a0dad162014182867f81b28bb7a4b691d65595 Bisecting: 4 revisions left to test after this (roughly 2 steps) [c270a7eedcf278304e05ebd2c96807487c97db61] mm: introduce FAULT_FLAG_INTERRUPTIBLE testing commit c270a7eedcf278304e05ebd2c96807487c97db61 with gcc (GCC) 8.1.0 kernel signature: 2a4c1bbd88b2bf064a482fce35aba02e71bfc39d247127686ded3ea08c2d4eb9 all runs: OK # git bisect good c270a7eedcf278304e05ebd2c96807487c97db61 Bisecting: 2 revisions left to test after this (roughly 1 step) [4426e945df588f2878affddf88a51259200f7e29] mm/gup: allow VM_FAULT_RETRY for multiple times testing commit 4426e945df588f2878affddf88a51259200f7e29 with gcc (GCC) 8.1.0 kernel signature: 45bee09bf48ceb16e0dfc315773fdaa0b87fef2d15e6cfd6de442d35621aef64 all runs: crashed: WARNING in af_alg_make_sg # git bisect bad 4426e945df588f2878affddf88a51259200f7e29 Bisecting: 0 revisions left to test after this (roughly 0 steps) [4064b982706375025628094e51d11cf1a958a5d3] mm: allow VM_FAULT_RETRY for multiple times testing commit 4064b982706375025628094e51d11cf1a958a5d3 with gcc (GCC) 8.1.0 kernel signature: 2893d01aa4915accb52c9d0b6782fecb56d3c0972f23395c94bb2dac9849554d all runs: OK # git bisect good 4064b982706375025628094e51d11cf1a958a5d3 4426e945df588f2878affddf88a51259200f7e29 is the first bad commit commit 4426e945df588f2878affddf88a51259200f7e29 Author: Peter Xu Date: Wed Apr 1 21:08:49 2020 -0700 mm/gup: allow VM_FAULT_RETRY for multiple times This is the gup counterpart of the change that allows the VM_FAULT_RETRY to happen for more than once. One thing to mention is that we must check the fatal signal here before retry because the GUP can be interrupted by that, otherwise we can loop forever. Signed-off-by: Peter Xu Signed-off-by: Andrew Morton Tested-by: Brian Geffon Cc: Andrea Arcangeli Cc: Bobby Powers Cc: David Hildenbrand Cc: Denis Plotnikov Cc: "Dr . David Alan Gilbert" Cc: Hugh Dickins Cc: Jerome Glisse Cc: Johannes Weiner Cc: "Kirill A . Shutemov" Cc: Martin Cracauer Cc: Marty McFadden Cc: Matthew Wilcox Cc: Maya Gokhale Cc: Mel Gorman Cc: Mike Kravetz Cc: Mike Rapoport Cc: Pavel Emelyanov Link: http://lkml.kernel.org/r/20200220195357.16371-1-peterx@redhat.com Signed-off-by: Linus Torvalds mm/gup.c | 27 +++++++++++++++++++++------ mm/hugetlb.c | 6 ++++-- 2 files changed, 25 insertions(+), 8 deletions(-) culprit signature: 45bee09bf48ceb16e0dfc315773fdaa0b87fef2d15e6cfd6de442d35621aef64 parent signature: 2893d01aa4915accb52c9d0b6782fecb56d3c0972f23395c94bb2dac9849554d revisions tested: 15, total time: 3h23m51.019847577s (build: 1h29m42.33669178s, test: 1h52m59.341874446s) first bad commit: 4426e945df588f2878affddf88a51259200f7e29 mm/gup: allow VM_FAULT_RETRY for multiple times cc: ["akpm@linux-foundation.org" "bgeffon@google.com" "peterx@redhat.com" "torvalds@linux-foundation.org"] crash: WARNING in af_alg_make_sg ------------[ cut here ]------------ WARNING: CPU: 0 PID: 8628 at crypto/af_alg.c:404 sg_assign_page include/linux/scatterlist.h:95 [inline] WARNING: CPU: 0 PID: 8628 at crypto/af_alg.c:404 sg_set_page include/linux/scatterlist.h:119 [inline] WARNING: CPU: 0 PID: 8628 at crypto/af_alg.c:404 af_alg_make_sg+0x2d5/0x470 crypto/af_alg.c:412 Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 8628 Comm: syz-executor.2 Not tainted 5.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x128/0x182 lib/dump_stack.c:118 panic+0x22a/0x4e3 kernel/panic.c:221 __warn.cold.10+0x25/0x26 kernel/panic.c:582 report_bug+0x1ad/0x270 lib/bug.c:195 fixup_bug arch/x86/kernel/traps.c:175 [inline] do_error_trap+0x123/0x210 arch/x86/kernel/traps.c:267 do_invalid_op+0x31/0x40 arch/x86/kernel/traps.c:286 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027 RIP: 0010:af_alg_make_sg+0x2d5/0x470 crypto/af_alg.c:404 Code: 8b b4 24 88 00 00 00 65 48 33 34 25 28 00 00 00 0f 85 a5 01 00 00 48 81 c4 90 00 00 00 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 0b <0f> 0b be ea ff ff ff eb b8 89 74 24 18 4c 89 4c 24 10 48 89 4c 24 RSP: 0018:ffffc90004a97978 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88809c49aa20 RCX: 0000000000000000 RDX: 1ffff92000952f39 RSI: 0000000000000000 RDI: ffff88809df28c58 RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1013be50a1 R10: ffffed1013be50a0 R11: 1ffff92000952f1c R12: 0000000000010000 R13: dffffc0000000000 R14: 1ffff92000952f35 R15: ffff88809c49a800 hash_sendmsg+0x3a2/0x980 crypto/algif_hash.c:94 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg+0xac/0xe0 net/socket.c:672 ____sys_sendmsg+0x554/0x760 net/socket.c:2362 ___sys_sendmsg+0xe4/0x160 net/socket.c:2416 __sys_sendmsg+0xce/0x170 net/socket.c:2449 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x231/0xba0 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 Kernel Offset: disabled Rebooting in 86400 seconds..