Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hi Tejun, I have not seem the crash since then. Please mail the patch. On Fri, Apr 22, 2016 at 8:55 PM, Dmitry Vyukov wrote: > On Thu, Apr 21, 2016 at 7:06 PM, Tejun Heo wrote: >> Hello, >> >> (cc'ing Ilya, Jan and Jens) >> >> On Thu, Apr 21, 2016 at

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hi Tejun, I have not seem the crash since then. Please mail the patch. On Fri, Apr 22, 2016 at 8:55 PM, Dmitry Vyukov wrote: > On Thu, Apr 21, 2016 at 7:06 PM, Tejun Heo wrote: >> Hello, >> >> (cc'ing Ilya, Jan and Jens) >> >> On Thu, Apr 21, 2016 at 12:00:38PM +0200, Dmitry Vyukov wrote: >>>

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Thu, Apr 21, 2016 at 7:06 PM, Tejun Heo wrote: > Hello, > > (cc'ing Ilya, Jan and Jens) > > On Thu, Apr 21, 2016 at 12:00:38PM +0200, Dmitry Vyukov wrote: >> On Thu, Apr 21, 2016 at 11:45 AM, Andrey Ryabinin >> wrote: >> > 2016-04-21 11:35 GMT+03:00

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Thu, Apr 21, 2016 at 7:06 PM, Tejun Heo wrote: > Hello, > > (cc'ing Ilya, Jan and Jens) > > On Thu, Apr 21, 2016 at 12:00:38PM +0200, Dmitry Vyukov wrote: >> On Thu, Apr 21, 2016 at 11:45 AM, Andrey Ryabinin >> wrote: >> > 2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : >> >> >> >>

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hello, (cc'ing Ilya, Jan and Jens) On Thu, Apr 21, 2016 at 12:00:38PM +0200, Dmitry Vyukov wrote: > On Thu, Apr 21, 2016 at 11:45 AM, Andrey Ryabinin > wrote: > > 2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : > >> > >> 818884dd: 48 8b 03

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hello, (cc'ing Ilya, Jan and Jens) On Thu, Apr 21, 2016 at 12:00:38PM +0200, Dmitry Vyukov wrote: > On Thu, Apr 21, 2016 at 11:45 AM, Andrey Ryabinin > wrote: > > 2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : > >> > >> 818884dd: 48 8b 03mov(%rbx),%rax > >> > >> So

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hello, On Thu, Apr 21, 2016 at 10:25:12AM +0200, Dmitry Vyukov wrote: > I use this script for symbolization: > https://github.com/google/sanitizers/blob/master/address-sanitizer/tools/kasan_symbolize.py > It invokes addr2line to provide file:line info, adds inline frames, > strips ? frames (are

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hello, On Thu, Apr 21, 2016 at 10:25:12AM +0200, Dmitry Vyukov wrote: > I use this script for symbolization: > https://github.com/google/sanitizers/blob/master/address-sanitizer/tools/kasan_symbolize.py > It invokes addr2line to provide file:line info, adds inline frames, > strips ? frames (are

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Thu, Apr 21, 2016 at 11:45 AM, Andrey Ryabinin wrote: > 2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : >> >> 818884dd: 48 8b 03mov(%rbx),%rax >> >> So whatever load ">bdi->wb" produces is a NULL deref. (is it wb >> that

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Thu, Apr 21, 2016 at 11:45 AM, Andrey Ryabinin wrote: > 2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : >> >> 818884dd: 48 8b 03mov(%rbx),%rax >> >> So whatever load ">bdi->wb" produces is a NULL deref. (is it wb >> that is NULL?) > > Yes it's NULL wb, because

Re: fs: GPF in locked_inode_to_wb_and_lock_list

2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : > > 818884dd: 48 8b 03mov(%rbx),%rax > > So whatever load ">bdi->wb" produces is a NULL deref. (is it wb > that is NULL?) Yes it's NULL wb, because there is only one load: mov(%rbx),%rax

Re: fs: GPF in locked_inode_to_wb_and_lock_list

2016-04-21 11:35 GMT+03:00 Dmitry Vyukov : > > 818884dd: 48 8b 03mov(%rbx),%rax > > So whatever load ">bdi->wb" produces is a NULL deref. (is it wb > that is NULL?) Yes it's NULL wb, because there is only one load: mov(%rbx),%rax=> rax =

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Thu, Apr 21, 2016 at 11:10 AM, Andrey Ryabinin wrote: > 2016-04-21 11:25 GMT+03:00 Dmitry Vyukov : >> On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: >>> Hello, Dmitry. >>> >>> On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Thu, Apr 21, 2016 at 11:10 AM, Andrey Ryabinin wrote: > 2016-04-21 11:25 GMT+03:00 Dmitry Vyukov : >> On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: >>> Hello, Dmitry. >>> >>> On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: >>> general protection fault: [#1] SMP

Re: fs: GPF in locked_inode_to_wb_and_lock_list

2016-04-21 11:25 GMT+03:00 Dmitry Vyukov : > On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: >> Hello, Dmitry. >> >> On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: >> >>> general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN >> ...

Re: fs: GPF in locked_inode_to_wb_and_lock_list

2016-04-21 11:25 GMT+03:00 Dmitry Vyukov : > On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: >> Hello, Dmitry. >> >> On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: >> >>> general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN >> ... >>> RIP: 0010:[] [] >>>

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: > Hello, Dmitry. > > On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: > >> general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN > ... >> RIP: 0010:[] [] >> locked_inode_to_wb_and_lock_list+0xa2/0x750 >>

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: > Hello, Dmitry. > > On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: > >> general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN > ... >> RIP: 0010:[] [] >> locked_inode_to_wb_and_lock_list+0xa2/0x750 >> RSP:

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: > Hello, Dmitry. > > On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: > >> general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN > ... >> RIP: 0010:[] [] >> locked_inode_to_wb_and_lock_list+0xa2/0x750 >>

Re: fs: GPF in locked_inode_to_wb_and_lock_list

On Wed, Apr 20, 2016 at 11:14 PM, Tejun Heo wrote: > Hello, Dmitry. > > On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: > >> general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN > ... >> RIP: 0010:[] [] >> locked_inode_to_wb_and_lock_list+0xa2/0x750 >> RSP:

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hello, Dmitry. On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: > general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN ... > RIP: 0010:[] [] > locked_inode_to_wb_and_lock_list+0xa2/0x750 > RSP: 0018:88006cdaf7d0 EFLAGS: 00010246 > RAX: RBX:

Re: fs: GPF in locked_inode_to_wb_and_lock_list

Hello, Dmitry. On Mon, Apr 18, 2016 at 11:44:11AM +0200, Dmitry Vyukov wrote: > general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN ... > RIP: 0010:[] [] > locked_inode_to_wb_and_lock_list+0xa2/0x750 > RSP: 0018:88006cdaf7d0 EFLAGS: 00010246 > RAX: RBX:

fs: GPF in locked_inode_to_wb_and_lock_list

Hello, I've hit the following GPF while running syzkaller fuzzer on commit 806fdcce017dc98c4dbf8ed001750a0d7d2bb0af (Apr 14): general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN Modules linked in: CPU: 3 PID: 32 Comm: kworker/u10:1 Not tainted 4.6.0-rc3+ #349 Hardware name: QEMU

fs: GPF in locked_inode_to_wb_and_lock_list

Hello, I've hit the following GPF while running syzkaller fuzzer on commit 806fdcce017dc98c4dbf8ed001750a0d7d2bb0af (Apr 14): general protection fault: [#1] SMP DEBUG_PAGEALLOC KASAN Modules linked in: CPU: 3 PID: 32 Comm: kworker/u10:1 Not tainted 4.6.0-rc3+ #349 Hardware name: QEMU