ci starts bisection 2023-07-08 10:59:02.285630417 +0000 UTC m=+44709.474516971 bisecting cause commit starting from 3674fbf0451df0395f9fa18df3122927006a3829 building syzkaller on 7b33cf8fc1db47587d63fdba731651da20226503 ensuring issue is reproducible on original commit 3674fbf0451df0395f9fa18df3122927006a3829 testing commit 3674fbf0451df0395f9fa18df3122927006a3829 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e1104bf25fd3aa1d4e36c573a124a4a5d817a43d027e018a5cd10f6c3d767d3b run #0: crashed: general protection fault, probably for non-canonical addrSeaBIOS (version NUM.NUM.NUM-google) run #1: crashed: general protection fault, probably for non-canonical addrSeaBIOS (version NUM.NUM.NUM-google) run #2: crashed: WARNING: locking bug in hrtimer_interrupt run #3: crashed: WARNING: locking bug in hrtimer_interrupt run #4: crashed: WARNING: bad unlock balance in console_flush_all run #5: crashed: WARNING: bad unlock balance in console_flush_all run #6: crashed: INFO: trying to register non-static key in set_root run #7: crashed: INFO: trying to register non-static key in set_root run #8: crashed: general protection fault in blk_mq_complete_request run #9: crashed: general protection fault in blk_mq_complete_request run #10: crashed: general protection fault in timerqueue_del run #11: crashed: general protection fault in timerqueue_del run #12: crashed: general protection fault in filemap_fault run #13: crashed: general protection fault in filemap_fault run #14: crashed: INFO: trying to register non-static key in do_group_exit run #15: crashed: INFO: trying to register non-static key in do_group_exit run #16: crashed: general protection fault in vma_prepare run #17: crashed: general protection fault in vma_prepare run #18: crashed: general protection fault in tomoyo_check_acl run #19: crashed: general protection fault in tomoyo_check_acl run #20: crashed: BUG: stack guard page was hit in security_file_open run #21: crashed: BUG: stack guard page was hit in security_file_open run #22: crashed: general protection fault in mas_replace run #23: crashed: general protection fault in mas_replace run #24: crashed: WARNING: locking bug in psi_group_change run #25: crashed: WARNING: locking bug in psi_group_change run #26: crashed: general protection fault in __es_insert_extent run #27: crashed: general protection fault in __es_insert_extent run #28: crashed: general protection fault in irq_chip_ack_parent run #29: crashed: general protection fault in irq_chip_ack_parent run #30: crashed: general protection fault in atime_needs_update run #31: crashed: general protection fault in atime_needs_update run #32: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #33: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #34: crashed: general protection fault in __rhashtable_lookup run #35: crashed: general protection fault in __rhashtable_lookup run #36: crashed: INFO: trying to register non-static key in psi_account_irqtime run #37: crashed: INFO: trying to register non-static key in psi_account_irqtime run #38: crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted run #39: crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted representative crash: general protection fault, probably for non-canonical addrSeaBIOS (version NUM.NUM.NUM-google), types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 3674fbf0451df0395f9fa18df3122927006a3829 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 failed building 3674fbf0451df0395f9fa18df3122927006a3829: ./include/linux/thread_info.h:244:4: error: call to '__bad_copy_from' declared with attribute error: copy source size is too small testing release v6.3 testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6fc5bf1a56382375de1ca6760e2b98fe54527a70271ab924dfd326087212e9d5 all runs: OK # git bisect start 3674fbf0451df0395f9fa18df3122927006a3829 457391b0380335d5e9a5babdec90ac53928b23b4 Bisecting: 8777 revisions left to test after this (roughly 13 steps) [fc2e58b8b7c94b8fe23977775550de00472f6a74] Merge tag 'spi-v6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi testing commit fc2e58b8b7c94b8fe23977775550de00472f6a74 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9a918954290cf70280f3d872896021cf5edef06812ae0a88f7f1928830c66135 all runs: OK # git bisect good fc2e58b8b7c94b8fe23977775550de00472f6a74 Bisecting: 4413 revisions left to test after this (roughly 12 steps) [da9619a30e73b59605ed998bf7bc4359f5c0029a] dmapool: link blocks across pages testing commit da9619a30e73b59605ed998bf7bc4359f5c0029a gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b6dc98410e35e1d6a3599e5aa9b0d385b00629766cb26cd95860ac8dc5e746fb all runs: OK # git bisect good da9619a30e73b59605ed998bf7bc4359f5c0029a Bisecting: 2207 revisions left to test after this (roughly 11 steps) [c8a5d5ea3ba6a18958f8d76430e4cd68eea33943] nouveau: fix client work fence deletion race testing commit c8a5d5ea3ba6a18958f8d76430e4cd68eea33943 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ac373349fb70d3dec79ca537ee7a53d035799b09782edf76ccc0987a6b4fbcfc all runs: OK # git bisect good c8a5d5ea3ba6a18958f8d76430e4cd68eea33943 Bisecting: 1103 revisions left to test after this (roughly 10 steps) [d33ed97dcab3efd7baebfb68cd19ff12f6211448] wifi: mac80211: fix documentation config reference testing commit d33ed97dcab3efd7baebfb68cd19ff12f6211448 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1345d6796d2aa03ad782f8126b098d5935822204b454ca66af514bc0ad9a4d09 all runs: OK # git bisect good d33ed97dcab3efd7baebfb68cd19ff12f6211448 Bisecting: 621 revisions left to test after this (roughly 9 steps) [25a9c8a4431c364f97f75558cb346d2ad3f53fbb] netlink: Add __sock_i_ino() for __netlink_diag_dump(). testing commit 25a9c8a4431c364f97f75558cb346d2ad3f53fbb gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c50572ac8e630cb6f6a078e38853ecf7dc735c1270cd0b96fbe6e61178640cd7 all runs: OK # git bisect good 25a9c8a4431c364f97f75558cb346d2ad3f53fbb Bisecting: 295 revisions left to test after this (roughly 8 steps) [08eeccb2491a3198f4adcba63adeace6e2499ea3] Merge tag 'linux-can-next-for-6.5-20230622' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next testing commit 08eeccb2491a3198f4adcba63adeace6e2499ea3 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1212e4e5583e1cccd1ff6b4d8aeaa039ca56f9370b8f5a71c1184ec2ee292713 run #0: crashed: general protection fault in call_timer_fn run #1: crashed: general protection fault in call_timer_fn run #2: crashed: INFO: trying to register non-static key in add_wait_queue run #3: crashed: INFO: trying to register non-static key in add_wait_queue run #4: crashed: general protection fault in psi_account_irqtime run #5: crashed: general protection fault in psi_account_irqtime run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in task_work_run run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in task_work_run run #8: crashed: general protection fault in corrupted run #9: crashed: general protection fault in corrupted run #10: crashed: kernel panic: corrupted stack end in hash_sendmsg run #11: crashed: kernel panic: corrupted stack end in hash_sendmsg run #12: crashed: general protection fault in mmap_region run #13: crashed: general protection fault in mmap_region run #14: crashed: general protection fault in make_vfsuid run #15: crashed: general protection fault in make_vfsuid run #16: crashed: VFS: Close: file count is zero (use-after-free) run #17: crashed: VFS: Close: file count is zero (use-after-free) run #18: crashed: general protection fault in update_curr run #19: crashed: general protection fault in update_curr representative crash: general protection fault in call_timer_fn, types: [UNKNOWN] # git bisect bad 08eeccb2491a3198f4adcba63adeace6e2499ea3 Bisecting: 166 revisions left to test after this (roughly 7 steps) [5f2cf757f9c56255470c23a2a4a5574a34edad4b] net/mlx5: Remove unused ecpu field from struct mlx5_sf_table testing commit 5f2cf757f9c56255470c23a2a4a5574a34edad4b gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1e7649640e42f6c48d458e1ce5eab8f8a191a62a07c3c3382092843f955432a4 all runs: OK # git bisect good 5f2cf757f9c56255470c23a2a4a5574a34edad4b Bisecting: 83 revisions left to test after this (roughly 6 steps) [ca4fa87435370747cac535cecfd08672bb679487] selftests: tc-testing: add one test for flushing explicitly created chain testing commit ca4fa87435370747cac535cecfd08672bb679487 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: bdbcba9ba7ae64e44cfc1ae2d14fa66df313405ea187dd101f1ba6c711258add run #0: crashed: INFO: trying to register non-static key in psi_account_irqtime run #1: crashed: INFO: trying to register non-static key in psi_account_irqtime run #2: crashed: general protection fault in tomoyo_check_acl run #3: crashed: general protection fault in tomoyo_check_acl run #4: crashed: general protection fault in integrity_inode_get run #5: crashed: general protection fault in integrity_inode_get run #6: crashed: general protection fault in blk_cgroup_bio_start run #7: crashed: general protection fault in blk_cgroup_bio_start run #8: crashed: WARNING: locking bug in psi_group_change run #9: crashed: WARNING: locking bug in psi_group_change run #10: crashed: BUG: unable to handle kernel paging request in wait_consider_task run #11: crashed: BUG: unable to handle kernel paging request in wait_consider_task run #12: crashed: general protection fault in enqueue_entity run #13: crashed: general protection fault in enqueue_entity run #14: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #15: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #16: OK run #17: crashed: kernel panic: corrupted stack end in corrupted run #18: crashed: kernel panic: corrupted stack end in corrupted representative crash: INFO: trying to register non-static key in psi_account_irqtime, types: [UNKNOWN] # git bisect bad ca4fa87435370747cac535cecfd08672bb679487 Bisecting: 41 revisions left to test after this (roughly 5 steps) [f61d2d5cf142436cd1a02ddc78425e91116b8b0d] sfc: fix uninitialized variable use testing commit f61d2d5cf142436cd1a02ddc78425e91116b8b0d gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 98efd15178796285c93adb53bc0e822f6004f5914c5f7d07c6129bdeca7c7794 run #0: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #1: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #2: crashed: general protection fault in inode_permission run #3: crashed: general protection fault in inode_permission run #4: crashed: BUG: unable to handle kernel paging request in corrupted run #5: crashed: BUG: unable to handle kernel paging request in corrupted run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in rcu_core run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in rcu_core run #8: crashed: BUG: stack guard page was hit in corrupted run #9: crashed: BUG: stack guard page was hit in corrupted run #10: crashed: possible deadlock in hrtimer_interrupt run #11: crashed: possible deadlock in hrtimer_interrupt run #12: crashed: general protection fault in cpuacct_account_field run #13: crashed: general protection fault in cpuacct_account_field run #14: crashed: BUG: unable to handle kernel paging request in format_decode run #15: crashed: BUG: unable to handle kernel paging request in format_decode run #16: crashed: general protection fault in corrupted run #17: crashed: general protection fault in corrupted run #18: OK representative crash: BUG: unable to handle kernel paging request in crypto_sha3_final, types: [UNKNOWN] # git bisect bad f61d2d5cf142436cd1a02ddc78425e91116b8b0d Bisecting: 20 revisions left to test after this (roughly 4 steps) [a05d070a6164bd0578991e42181a52b9c7cf630c] ptp: Clarify ptp_clock_info .adjphase expects an internal servo to be used testing commit a05d070a6164bd0578991e42181a52b9c7cf630c gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 12957f13c95e24bc84005aabac0db732c952abb9c298cd2a64b262aa45fab790 all runs: OK # git bisect good a05d070a6164bd0578991e42181a52b9c7cf630c Bisecting: 10 revisions left to test after this (roughly 3 steps) [462a3daad679406eed5d31b6bed8a19c236e1352] net: phy: mediatek: fix compile-test dependencies testing commit 462a3daad679406eed5d31b6bed8a19c236e1352 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 81c698939f7cbc7d8b32f54948c65a8a968c9004fd9700ea3d68a12bb65d02ba all runs: OK # git bisect good 462a3daad679406eed5d31b6bed8a19c236e1352 Bisecting: 5 revisions left to test after this (roughly 3 steps) [f0d952646bcf186d6d1bea6ec89f96b7e57f3b83] netlabel: Reorder fields in 'struct netlbl_domaddr6_map' testing commit f0d952646bcf186d6d1bea6ec89f96b7e57f3b83 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e82da79edb006ee7dc4c30d9a42adc2c2dfb4aeb2d9c189b45b6904127fa72bd run #0: crashed: general protection fault in validate_mm run #1: crashed: general protection fault in validate_mm run #2: crashed: INFO: trying to register non-static key in corrupted run #3: crashed: INFO: trying to register non-static key in corrupted run #4: crashed: general protection fault in __nf_conntrack_find_get run #5: crashed: general protection fault in __nf_conntrack_find_get run #6: crashed: general protection fault in jbd2_journal_get_write_access run #7: crashed: general protection fault in jbd2_journal_get_write_access run #8: crashed: general protection fault in find_match run #9: crashed: general protection fault in find_match run #10: crashed: BUG: unable to handle kernel paging request in wait_consider_task run #11: crashed: BUG: unable to handle kernel paging request in wait_consider_task run #12: crashed: general protection fault in update_curr run #13: crashed: general protection fault in update_curr run #14: crashed: general protection fault,SeaBIOS (version NUM.NUM.NUM-google) run #15: crashed: general protection fault,SeaBIOS (version NUM.NUM.NUM-google) run #16: crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted run #17: crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted run #18: crashed: general protection fault in put_prev_entity run #19: crashed: general protection fault in put_prev_entity representative crash: general protection fault in validate_mm, types: [UNKNOWN] # git bisect bad f0d952646bcf186d6d1bea6ec89f96b7e57f3b83 Bisecting: 2 revisions left to test after this (roughly 1 step) [857922b16bb893d26d5ecd83acf9f20cb28eaea2] net: fec: allow to build without PAGE_POOL_STATS testing commit 857922b16bb893d26d5ecd83acf9f20cb28eaea2 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7015ba3c85dfcb7aa00a4757c89c9cfb8e2623e08781caf23bbc333a0c1f77fc run #0: crashed: possible deadlock in console_flush_all run #1: crashed: possible deadlock in console_flush_all run #2: crashed: general protection fault in vma_prepare run #3: crashed: general protection fault in vma_prepare run #4: crashed: general protection fault in aa_label_sk_perm run #5: crashed: general protection fault in aa_label_sk_perm run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in __hrtimer_run_queues run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in __hrtimer_run_queues run #8: crashed: INFO: trying to register non-static key in unmap_page_range run #9: crashed: INFO: trying to register non-static key in unmap_page_range run #10: crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted run #11: crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted run #12: crashed: general protection fault in tomoyo_check_acl run #13: crashed: general protection fault in tomoyo_check_acl run #14: crashed: BUG: stack guard page was hit in ext4_end_io_rsv_work run #15: crashed: BUG: stack guard page was hit in ext4_end_io_rsv_work run #16: crashed: INFO: trying to register non-static key in vma_prepare run #17: crashed: INFO: trying to register non-static key in vma_prepare run #18: OK representative crash: general protection fault in vma_prepare, types: [UNKNOWN] # git bisect bad 857922b16bb893d26d5ecd83acf9f20cb28eaea2 Bisecting: 0 revisions left to test after this (roughly 0 steps) [b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4] crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE) testing commit b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9d54b2b0ba068ae9f47d1b19e055f6bba0a998b6aa8b08836551df77e582403b run #0: crashed: general protection fault in __handle_mm_fault run #1: crashed: general protection fault in __handle_mm_fault run #2: crashed: WARNING in corrupted run #3: crashed: WARNING in corrupted run #4: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #5: crashed: BUG: unable to handle kernel paging request in crypto_sha3_final run #6: crashed: general protection fault in corrupted run #7: crashed: general protection fault in corrupted run #8: crashed: PANIC: double fault in __stack_depot_save run #9: crashed: PANIC: double fault in __stack_depot_save run #10: crashed: BUG: unable to handle kernel paging request in unwind_next_frame run #11: crashed: BUG: unable to handle kernel paging request in unwind_next_frame run #12: crashed: general protection fault in ext4_finish_bio run #13: crashed: general protection fault in ext4_finish_bio run #14: crashed: general protection fault in unmap_vmas run #15: crashed: general protection fault in unmap_vmas run #16: crashed: WARNING: refcount bug in corrupted run #17: crashed: WARNING: refcount bug in corrupted run #18: OK representative crash: general protection fault in __handle_mm_fault, types: [UNKNOWN] # git bisect bad b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4 b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4 is the first bad commit commit b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4 Author: David Howells Date: Fri Jun 16 12:10:32 2023 +0100 crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE) If an AF_ALG socket bound to a hashing algorithm is sent a zero-length message with MSG_MORE set and then recvmsg() is called without first sending another message without MSG_MORE set to end the operation, an oops will occur because the crypto context and result doesn't now get set up in advance because hash_sendmsg() now defers that as long as possible in the hope that it can use crypto_ahash_digest() - and then because the message is zero-length, it the data wrangling loop is skipped. Fix this by handling zero-length sends at the top of the hash_sendmsg() function. If we're not continuing the previous sendmsg(), then just ignore the send (hash_recvmsg() will invent something when called); if we are continuing, then we finalise the request at this point if MSG_MORE is not set to get any error here, otherwise the send is of no effect and can be ignored. Whilst we're at it, remove the code to create a kvmalloc'd scatterlist if we get more than ALG_MAX_PAGES - this shouldn't happen. Fixes: c662b043cdca ("crypto: af_alg/hash: Support MSG_SPLICE_PAGES") Reported-by: syzbot+13a08c0bf4d212766c3c@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/000000000000b928f705fdeb873a@google.com/ Reported-by: syzbot+14234ccf6d0ef629ec1a@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/000000000000c047db05fdeb8790@google.com/ Reported-by: syzbot+4e2e47f32607d0f72d43@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/000000000000bcca3205fdeb87fb@google.com/ Reported-by: syzbot+472626bb5e7c59fb768f@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/000000000000b55d8805fdeb8385@google.com/ Signed-off-by: David Howells Reported-and-tested-by: syzbot+6efc50cc1f8d718d6cb7@syzkaller.appspotmail.com cc: Jens Axboe cc: Matthew Wilcox Acked-by: Herbert Xu Link: https://lore.kernel.org/r/427646.1686913832@warthog.procyon.org.uk Signed-off-by: Jakub Kicinski crypto/algif_hash.c | 38 +++++++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 13 deletions(-) culprit signature: 9d54b2b0ba068ae9f47d1b19e055f6bba0a998b6aa8b08836551df77e582403b parent signature: 81c698939f7cbc7d8b32f54948c65a8a968c9004fd9700ea3d68a12bb65d02ba revisions tested: 16, total time: 6h53m14.043092803s (build: 4h41m36.175883203s, test: 2h5m27.295821822s) first bad commit: b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4 crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE) recipients (to): ["dhowells@redhat.com" "herbert@gondor.apana.org.au" "kuba@kernel.org" "syzbot+6efc50cc1f8d718d6cb7@syzkaller.appspotmail.com"] recipients (cc): [] crash: general protection fault in __handle_mm_fault general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] CPU: 1 PID: 5462 Comm: dhcpcd-run-hook Not tainted 6.4.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 RIP: 0010:__lock_acquire+0xe01/0x5f30 kernel/locking/lockdep.c:4956 Code: 00 00 3b 05 21 30 4f 0e 0f 87 7a 09 00 00 41 be 01 00 00 00 e9 84 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 9e 33 00 00 49 81 3c 24 20 c8 02 8f 0f 84 cd f2 RSP: 0018:ffffc90004bdf6f8 EFLAGS: 00010006 RAX: dffffc0000000000 RBX: 1ffff9200097bf10 RCX: 0000000000000000 RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000018 RBP: ffff8880222b9dc0 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000018 R13: 0000000000000000 R14: 0000000000000018 R15: 0000000000000000 FS: 00007f314f283380(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055682f433000 CR3: 00000000289e0000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: lock_acquire kernel/locking/lockdep.c:5705 [inline] lock_acquire+0x1b1/0x520 kernel/locking/lockdep.c:5670 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:350 [inline] do_anonymous_page mm/memory.c:4106 [inline] do_pte_missing mm/memory.c:3646 [inline] handle_pte_fault mm/memory.c:4948 [inline] __handle_mm_fault+0x2150/0x3220 mm/memory.c:5090 handle_mm_fault+0x231/0x900 mm/memory.c:5244 faultin_page mm/gup.c:925 [inline] __get_user_pages+0x42b/0xc20 mm/gup.c:1147 __get_user_pages_locked mm/gup.c:1381 [inline] get_user_pages_remote+0x1ef/0x6f0 mm/gup.c:2230 get_arg_page+0xcf/0x320 fs/exec.c:222 copy_string_kernel+0xf1/0x180 fs/exec.c:639 do_execveat_common+0x405/0x800 fs/exec.c:1936 do_execve fs/exec.c:2036 [inline] __do_sys_execve fs/exec.c:2112 [inline] __se_sys_execve fs/exec.c:2107 [inline] __x64_sys_execve+0x8e/0xc0 fs/exec.c:2107 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f314f3bdef7 Code: ba 0f 00 5b 5d 41 5c 41 5d 41 5e 41 5f e9 63 d8 fb ff 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 90 b8 3b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 01 3f 0f 00 f7 d8 64 89 01 48 RSP: 002b:00007fffbe7a6238 EFLAGS: 00000246 ORIG_RAX: 000000000000003b RAX: ffffffffffffffda RBX: 000055682f432f58 RCX: 00007f314f3bdef7 RDX: 000055682f432f78 RSI: 000055682f432f58 RDI: 000055682f433000 RBP: 000055682f433000 R08: 000055682f433005 R09: 00007fffbe7aae94 R10: 0000000000000008 R11: 0000000000000246 R12: 000055682f432f78 R13: 00007f314f56b904 R14: 000055682f432f78 R15: 0000000000000000 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__lock_acquire+0xe01/0x5f30 kernel/locking/lockdep.c:4956 Code: 00 00 3b 05 21 30 4f 0e 0f 87 7a 09 00 00 41 be 01 00 00 00 e9 84 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 9e 33 00 00 49 81 3c 24 20 c8 02 8f 0f 84 cd f2 RSP: 0018:ffffc90004bdf6f8 EFLAGS: 00010006 RAX: dffffc0000000000 RBX: 1ffff9200097bf10 RCX: 0000000000000000 RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000018 RBP: ffff8880222b9dc0 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000018 R13: 0000000000000000 R14: 0000000000000018 R15: 0000000000000000 FS: 00007f314f283380(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055682f433000 CR3: 00000000289e0000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 00 00 add %al,(%rax) 2: 3b 05 21 30 4f 0e cmp 0xe4f3021(%rip),%eax # 0xe4f3029 8: 0f 87 7a 09 00 00 ja 0x988 e: 41 be 01 00 00 00 mov $0x1,%r14d 14: e9 84 00 00 00 jmpq 0x9d 19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 20: fc ff df 23: 4c 89 e2 mov %r12,%rdx 26: 48 c1 ea 03 shr $0x3,%rdx * 2a: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) <-- trapping instruction 2e: 0f 85 9e 33 00 00 jne 0x33d2 34: 49 81 3c 24 20 c8 02 cmpq $0xffffffff8f02c820,(%r12) 3b: 8f 3c: 0f .byte 0xf 3d: 84 cd test %cl,%ch 3f: f2 repnz