From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A6850C433ED for ; Tue, 13 Apr 2021 17:20:26 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 30A80613B6 for ; Tue, 13 Apr 2021 17:20:26 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 30A80613B6 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id B3BE76B006E; Tue, 13 Apr 2021 13:20:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id AEAF46B0070; Tue, 13 Apr 2021 13:20:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 98BDE6B0071; Tue, 13 Apr 2021 13:20:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0028.hostedemail.com [216.40.44.28]) by kanga.kvack.org (Postfix) with ESMTP id 7DE896B006E for ; Tue, 13 Apr 2021 13:20:25 -0400 (EDT) Received: from smtpin01.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 159E822A719 for ; Tue, 13 Apr 2021 17:20:25 +0000 (UTC) X-FDA: 78028007610.01.76F514E Received: from mail-qk1-f176.google.com (mail-qk1-f176.google.com [209.85.222.176]) by imf12.hostedemail.com (Postfix) with ESMTP id 575ADFB for ; Tue, 13 Apr 2021 17:20:19 +0000 (UTC) Received: by mail-qk1-f176.google.com with SMTP id d15so5652738qkc.9 for ; Tue, 13 Apr 2021 10:20:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=OxU0Eujrm9GQyvXdIjhuiVVTC0s99PIjeEwmRYVaK0M=; b=TvQ0AiMsfQyBkVrkMDo18tZSvp8ItDKLX9tIp24gJJi9NrydOSekkMLSPHzrYhWjkV kXfwlD8SA8kKV/fBmZHnkDl7WgoA2uz4kz0fJ7rWdXXQ69IkfLAnlDT/vm7Ptw/lexEa iDybKWcdRXGnOCWSfkGPqZ4dkCHaoRuNzrxQ3wkNmL7avVA1jv66QGIuJhTalp9yccWi NABnGz+dNplEJ3EybgzfEkASRU8pZxjuDuM6zwCBX4Yf/H0dXOQrFGg1UjfcT/g2x+fp Gr8+YicXBTWxLVD1DR4OjHi8EUuWZpJeAkBPbQKhcUAPTTHmILuIgSiCpcB9SfHGysPL ZPAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=OxU0Eujrm9GQyvXdIjhuiVVTC0s99PIjeEwmRYVaK0M=; b=WLxKl0H6Ba3D0ok0C6ybJMCAv0Oh6D5aHY7bHxjpY1tavDUdY4DsNJeQwcHXDEY2Gk 30rbDh3EgqicFwbwVc/r+EOQvV5SHVMPJuhMOTHXBVs9VW6P1yjJ94WnCmpyAUo42hrz J7GbOnYOZx/wrANO75DRNybI8pQo8W5QrcYBJEAf4zX+xlg0ez+gXOW5Kk7fxg8aNux6 W58qu8toNaqdP23o/FWj0slE4xGlbQxrR5w4OhHzolb0uLHYxkXA1fO++CA7EGtWCdEu SebsdsUodABfaCodMWhrUAMGOSYdS67U5P3c/C2JqDpGHAQUkMKK6ms8N6IhkDO0VJ/b sdTw== X-Gm-Message-State: AOAM5325L8vnrfL08fgQmgmQ4hhWAc5ZPNv4vHQKRqyFNDIGOk4EiHoq MeWZJrN5b/A0T5dE5VBDMwBE/0z6NryE2ssmrd5+Fg== X-Google-Smtp-Source: ABdhPJzZbF9SOsSr1JV8btp47Zzg36R3JvHSGAwCv47evxt2VeGK3yqlQo147eL5mHjg5iEX+jdnHlDqSzZOV8YjVsc= X-Received: by 2002:a05:620a:243:: with SMTP id q3mr14170127qkn.501.1618334423663; Tue, 13 Apr 2021 10:20:23 -0700 (PDT) MIME-Version: 1.0 References: <000000000000ca9a6005bec29ebe@google.com> <2db3c803-6a94-9345-261a-a2bb74370c02@redhat.com> <20210331042922.GE2065@kadam> <20210401121933.GA2710221@ziepe.ca> In-Reply-To: <20210401121933.GA2710221@ziepe.ca> From: Dmitry Vyukov Date: Tue, 13 Apr 2021 19:20:12 +0200 Message-ID: Subject: Re: [syzbot] WARNING in unsafe_follow_pfn To: Jason Gunthorpe Cc: Dan Carpenter , Paolo Bonzini , syzbot , Andrew Morton , Borislav Petkov , Daniel Vetter , daniel.vetter@intel.com, "H. Peter Anvin" , Jim Mattson , James Morris , Joerg Roedel , KVM list , LKML , Linux Media Mailing List , Linux-MM , linux-security-module , m.szyprowski@samsung.com, Mauro Carvalho Chehab , Ingo Molnar , Sean Christopherson , "Serge E. Hallyn" , syzkaller-bugs , Tomasz Figa , Thomas Gleixner , Vitaly Kuznetsov , Wanpeng Li , "the arch/x86 maintainers" Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 575ADFB X-Stat-Signature: 3e4tgyn93a4zsgmoi8hnaahwzm74588n X-Rspamd-Server: rspam02 Received-SPF: none (google.com>: No applicable sender policy available) receiver=imf12; identity=mailfrom; envelope-from=""; helo=mail-qk1-f176.google.com; client-ip=209.85.222.176 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1618334419-513816 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Apr 1, 2021 at 2:19 PM Jason Gunthorpe wrote: > > On Wed, Mar 31, 2021 at 07:29:22AM +0300, Dan Carpenter wrote: > > On Tue, Mar 30, 2021 at 07:04:30PM +0200, Paolo Bonzini wrote: > > > On 30/03/21 17:26, syzbot wrote: > > > > Hello, > > > > > > > > syzbot found the following issue on: > > > > > > > > HEAD commit: 93129492 Add linux-next specific files for 20210326 > > > > git tree: linux-next > > > > console output: https://syzkaller.appspot.com/x/log.txt?x=169ab21ad00000 > > > > kernel config: https://syzkaller.appspot.com/x/.config?x=6f2f73285ea94c45 > > > > dashboard link: https://syzkaller.appspot.com/bug?extid=015dd7cdbbbc2c180c65 > > > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=119b8d06d00000 > > > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=112e978ad00000 > > > > > > > > The issue was bisected to: > > > > > > > > commit d40b9fdee6dc819d8fc35f70c345cbe0394cde4c > > > > Author: Daniel Vetter > > > > Date: Tue Mar 16 15:33:01 2021 +0000 > > > > > > > > mm: Add unsafe_follow_pfn > > > > > > > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=122d2016d00000 > > > > final oops: https://syzkaller.appspot.com/x/report.txt?x=112d2016d00000 > > > > console output: https://syzkaller.appspot.com/x/log.txt?x=162d2016d00000 > > > > > > > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > > > > Reported-by: syzbot+015dd7cdbbbc2c180c65@syzkaller.appspotmail.com > > > > Fixes: d40b9fdee6dc ("mm: Add unsafe_follow_pfn") > > > > > > This is basically intentional because get_vaddr_frames is broken, isn't it? > > > I think it needs to be ignored in syzkaller. > > > > What? > > > > The bisect is wrong (because it's blaming the commit which added the > > warning instead of the commit which added the buggy caller) but the > > warning is correct. > > > > Plus users are going to be seeing this as well. According to the commit > > message for 69bacee7f9ad ("mm: Add unsafe_follow_pfn") "Unfortunately > > there's some users where this is not fixable (like v4l userptr of iomem > > mappings)". It sort of seems crazy to dump this giant splat and then > > tell users to ignore it forever because it can't be fixed... 0_0 > > I think the discussion conclusion was that this interface should not > be used by userspace anymore, it is obsolete by some new interface? > > It should be protected by some kconfig and the kconfig should be > turned off for syzkaller runs. If this is not a kernel bug, then it must not use WARN_ON[_ONCE]. It makes the kernel untestable for both automated systems and humans: https://lwn.net/Articles/769365/ Greg Kroah-Hartman raised the problem of core kernel API code that will use WARN_ON_ONCE() to complain about bad usage; that will not generate the desired result if WARN_ON_ONCE() is configured to crash the machine. He was told that the code should just call pr_warn() instead, and that the called function should return an error in such situations. It was generally agreed that any WARN_ON() or WARN_ON_ONCE() calls that can be triggered from user space need to be fixed. https://lore.kernel.org/netdev/20210413085522.2caee809@gandalf.local.home/ From: Steven Rostedt I agree. WARN_ON(_ONCE) should be reserved for anomalies that should not happen ever. Anything that the user could trigger, should not trigger a WARN_ON. A WARN_ON is perfectly fine for detecting an accounting error inside the kernel. I have them scattered all over my code, but they should never be hit, even if something in user space tries to hit it. (with an exception of an interface I want to deprecate, where I want to know if it's still being used ;-) Of course, that wouldn't help bots testing the code. And I haven't done that in years) Any anomaly that can be triggered by user space doing something it should not be doing really needs a pr_warn(). And if it's a kernel bug reachable from user-space, then I think this code should be removed entirely, not just on all testing systems. Or otherwise if we are not removing it for some reason, then it needs to be fixed.