From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4236E9370D for ; Thu, 5 Oct 2023 13:34:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 44DCF6B02BA; Thu, 5 Oct 2023 09:34:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3FD546B02BB; Thu, 5 Oct 2023 09:34:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2C5046B02BC; Thu, 5 Oct 2023 09:34:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 1A6E86B02BA for ; Thu, 5 Oct 2023 09:34:58 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id DB3BD8011E for ; Thu, 5 Oct 2023 13:34:57 +0000 (UTC) X-FDA: 81311503434.11.D9EBD1A Received: from vulcan.natalenko.name (vulcan.natalenko.name [104.207.131.136]) by imf13.hostedemail.com (Postfix) with ESMTP id E4F6320028 for ; Thu, 5 Oct 2023 13:34:54 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=natalenko.name header.s=dkim-20170712 header.b=havpDLvC; dmarc=pass (policy=reject) header.from=natalenko.name; spf=pass (imf13.hostedemail.com: domain of oleksandr@natalenko.name designates 104.207.131.136 as permitted sender) smtp.mailfrom=oleksandr@natalenko.name ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1696512895; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=G7OmVnDV4XM8M5IsSqI8Ix0o10uDr9wvy0myjlHH3sQ=; b=MZ9SmnSqOImdv+sYGbYIICLwD9duI92xYMQU8rhWISW7HIXI41mJ+ghmrYH8srsrdwQIVT le9k3zA7STJ1icVVocY1oltNWO22aOLjg2vRE8v81Go+lj6BZLhBKB9X0FwRtMGUPGwDm0 iEqwn//a3Sbv2taXG+Gxkdyr6Gy1TSw= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=natalenko.name header.s=dkim-20170712 header.b=havpDLvC; dmarc=pass (policy=reject) header.from=natalenko.name; spf=pass (imf13.hostedemail.com: domain of oleksandr@natalenko.name designates 104.207.131.136 as permitted sender) smtp.mailfrom=oleksandr@natalenko.name ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1696512895; a=rsa-sha256; cv=none; b=IEYFyraZXGUg2Gc9jTNZemUevXAFFpQ3+IV4NVHRi7o0dC680d5WQO1+oSkfsLPbR6MXxH +td5W2gb3NSjBsdt7fASZbA5nxI3M9CCAlNfEkmu4d+8AkNfdJ/jLYa+fLecHAZDW+pVIv h5s6kQHfhjzLYLm8Cd2giMvI5Jr1CCQ= Received: from spock.localnet (unknown [94.142.239.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by vulcan.natalenko.name (Postfix) with ESMTPSA id A4062152ED08; Thu, 5 Oct 2023 15:34:51 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=natalenko.name; s=dkim-20170712; t=1696512891; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=G7OmVnDV4XM8M5IsSqI8Ix0o10uDr9wvy0myjlHH3sQ=; b=havpDLvC8JWRtLhfFGMQj/UvPRh0H2e6jJMdt1Zz4hkVWvrV2SqusX3rt4TpbPHVlY9OAh 8ANmKHrpFZ4FGDEDT1mIdcmdLwWnsS66V2HQv44D0pdkjD+Iqc+i7OmshCMHTNSVrwekOE shIQriGGfhLeu/kTmHZVG6NVUU7SE4A= From: Oleksandr Natalenko To: Matthew Wilcox Cc: Thomas Zimmermann , Linux Regressions , linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, Christian =?ISO-8859-1?Q?K=F6nig?= , linaro-mm-sig@lists.linaro.org, linux-mm@kvack.org, Maxime Ripard , Bagas Sanjaya , Andrew Morton , Sumit Semwal , linux-media@vger.kernel.org Subject: Re: [REGRESSION] BUG: KFENCE: memory corruption in drm_gem_put_pages+0x186/0x250 Date: Thu, 05 Oct 2023 15:34:41 +0200 Message-ID: <9175204.CDJkKcVGEf@natalenko.name> In-Reply-To: References: <13360591.uLZWGnKmhe@natalenko.name> <22037450.EfDdHjke4D@natalenko.name> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3187816.5fSG56mABF"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-Rspamd-Queue-Id: E4F6320028 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: kucnpxmwz8dn96ozihmisi9rxxauysot X-HE-Tag: 1696512894-364243 X-HE-Meta: U2FsdGVkX1/gCjyJPli9mfPZ10ve2AwzG8MMfx3UqAzjqv3POOTgi3y0heHpyEDGZISJPseQc3GoTjV+hzxrws9ZPMZ29/nMwWb7v4hDNvpTgTUBbS+HIi14o2dHRASgm4ueBuOVTwwuNL26PB5niJSWMaURrHKQK+b98NRHFc+PXfH5AJMutofd1oM06lGBfqgKI6VhXb4KYUFsgpd3MFCC1xrzukGxGr5wFCEAqPwU9ewefNKKcSq3pTIR1EiXPmtoh54070tKJc4WrVK87urZdvmybwAjycgQ7YuDrtKuhagv9KzE9dFU46BN74s17q1HiQ8Q2AD7Y255JdFEUDZFgUcaJQX1yU6Dn2K+G1sMosrteKIj9ekb+HFDYjInAMQLeolD1GagcSAFyP4P2Wl7GXDrtsi7CE2SUQoMndtaLKxsHR4mSsqekOTW8IUDTo9YUz3OgL6Et9YtGl2OlOf0yq1dNuDOIGW2+hsPX5JsypOgHADxaRXb9ePfNrjul/NXbj13r0ARlU0AGiiCNCMvIf1DxAPp6r4Fx65vqivxaJtN0TJ1qgofuTNWdHabNDwOeVfP3OtQzn89n0aRgvzH4f+3K4U2kvJhfHZpBL1PTzB+KFSBOniI4fvwM6xQCX1SdKxzUMkfltsOFwlz42mIw9ZmpWSazhpWh1alhV+TJefCwZcKkUkcpAI37Aln2HpppJ/bwjSJCrMVdRS/c4bk/LkjthaZHZQhr2I+0q7+N+Q3rQcVEUnzM1eREfe+L1xJbhX+VF0gDRltwpitgCCp5OgZoXXJjqQ2vKfuOxmxSY2rS6ZoNcVAEzeUbIgYrkxMISc8q/1mSMAr+2P2jbuIqJr1Z1OCJQZu40xmgSTVOKwWBIexXoJH+UERTq7vtHn5iIV1ID0tx49gR5n0mw/56s9cv+YXH2wlDddMap1mDwl3MhGCjC7zH+E7aBPrIgyPYhilJP2GAr5rut5 mV0f0RiT Y9/tLV3rHGKoPq9ae1UBwONzCYACmMPquPyls9HFxj8a6iwjUZfn4soYARYDC2HQoWqSGrs8XtUqc5mN7iPjphYctdky6e35tObtH2SHQbtzLtRRf8nhkiWaNwCbF6NC2t05YYRXE/ek+MzctIw59I1yllc5Unb5uw+jiHvEJ0CzIjjdZU3eu/MBGi3XOkjJQBUYztXfjYfEF0r/VAHjqrQL2Ci1hr0SuDwe2TnmvEH5Gkh5dzDcnZ3vwIZmOHa1os1FU/ORtvyELS8oe/B2JJ0L8oy/MznEIOzmU7KmbcKTKryq0wWnMU8DBoJIVfvH57D886L4+bBJxdDlrav/odL3p/z8gOCvxpujTvd/oMPeUp1pDObO/R8GBaTMTWZWnw6Clfhwy7WaWcS3TzdBoRhr019v1z5i6KHH5wj5I1/e9lrUJcp18DO7S9hTWMgjnKKC0kUMlXOHvQqCgp0TaZRsIs8Hx71+DOIf7FgbrOnR2G3Zab2UxYGomTSroeuTmzZlBrdheJcALpJiFklfvy9xxHodb0QElTGL8bvlPhPX9860XimSrAAVAxeDfQyYsiftkBWMR4cWFn0iounTXwGOCdQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: --nextPart3187816.5fSG56mABF Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Oleksandr Natalenko To: Matthew Wilcox Date: Thu, 05 Oct 2023 15:34:41 +0200 Message-ID: <9175204.CDJkKcVGEf@natalenko.name> In-Reply-To: MIME-Version: 1.0 On =C4=8Dtvrtek 5. =C5=99=C3=ADjna 2023 15:05:27 CEST Matthew Wilcox wrote: > On Thu, Oct 05, 2023 at 02:30:55PM +0200, Oleksandr Natalenko wrote: > > No-no, sorry for possible confusion. Let me explain again: > >=20 > > 1. we had an issue with i915, which was introduced by 0b62af28f249, and= later was fixed by 863a8eb3f270 > > 2. now I've discovered another issue, which looks very similar to 1., b= ut in a VM with Cirrus VGA, and it happens even while having 863a8eb3f270 a= pplied > > 3. I've tried reverting 3291e09a4638, after which I cannot reproduce th= e issue with Cirrus VGA, but clearly there was no fix for it discussed > >=20 > > IOW, 863a8eb3f270 is the fix for 0b62af28f249, but not for 3291e09a4638= =2E It looks like 3291e09a4638 requires a separate fix. >=20 > Thank you! Sorry about the misunderstanding. Try this: >=20 > diff --git a/drivers/gpu/drm/drm_gem.c b/drivers/gpu/drm/drm_gem.c > index 6129b89bb366..44a948b80ee1 100644 > --- a/drivers/gpu/drm/drm_gem.c > +++ b/drivers/gpu/drm/drm_gem.c > @@ -540,7 +540,7 @@ struct page **drm_gem_get_pages(struct drm_gem_object= *obj) > struct page **pages; > struct folio *folio; > struct folio_batch fbatch; > - int i, j, npages; > + long i, j, npages; > =20 > if (WARN_ON(!obj->filp)) > return ERR_PTR(-EINVAL); > @@ -564,11 +564,13 @@ struct page **drm_gem_get_pages(struct drm_gem_obje= ct *obj) > =20 > i =3D 0; > while (i < npages) { > + long nr; > folio =3D shmem_read_folio_gfp(mapping, i, > mapping_gfp_mask(mapping)); > if (IS_ERR(folio)) > goto fail; > - for (j =3D 0; j < folio_nr_pages(folio); j++, i++) > + nr =3D min(npages - i, folio_nr_pages(folio)); > + for (j =3D 0; j < nr; j++, i++) > pages[i] =3D folio_file_page(folio, i); > =20 > /* Make sure shmem keeps __GFP_DMA32 allocated pages in the No issues after five reboots with this patch applied on top of v6.5.5. Reported-by: Oleksandr Natalenko Tested-by: Oleksandr Natalenko Link: https://lore.kernel.org/lkml/13360591.uLZWGnKmhe@natalenko.name/ =46ixes: 3291e09a4638 ("drm: convert drm_gem_put_pages() to use a folio_bat= ch") Cc: stable@vger.kernel.org # 6.5.x Thank you! =2D-=20 Oleksandr Natalenko (post-factum) --nextPart3187816.5fSG56mABF Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZUOOw5ESFLHZZtOKil/iNcg8M0sFAmUeu3EACgkQil/iNcg8 M0ukOxAAp/BVEyQy2PylnOYA9bNDAnOlxHaslswKSerCTxALAYhIo/Fs7a1/eOIf OosjDaawXSueUi47gxloa/ZdEi5RUtYZTBB8L2FK7QX9CdKwwHIWLfkMzW0AuIiY CVeP6MMsulrSD0Uu0IwaifAwP9G0AL9EE/a3dRbh29AJhqwmUmzHtxuqsJkg8/+e K3O7HedfPZg7bBHdyoNcpjDGdXQE/sZiCW8mSYJgM9kvoXEOsaB52TxGoiooF6Ti ETsLn2AQBabbt/XcTNMcLLf6hL56mmd7xA4LpGqkqftjTBVl9SjLKzrHu0fY4pMb eff23+Z1uRoHeEiSMpy75/JDN2emeYR5dsvpcFK/DcT4A3VLl9YyJ6iB9LBtLthk lMz1ftAOhBrULfLGMJQhub0PDxcRPuEgpwyu3IBqwuNAf9mlGH/SDMg/7Q7mX1Oe nVyhqhq9YHHe5ZgTkV8lTCMOPLwQAAIk2aRDmZQAhnhNtPpCaP6/FG6d9++y1hY/ WglEFusswiz2sjm86xWHnvaX1TB7+eMf7yh8rhYjcVxR86QFDoGnVkdXFap6Hp7c uPQ/EoUocvVxfIqYBQlWf2Lrg4BGszBG1LDxie6bLQKoQWilFN3Z1CO/vWOfvfx+ LJCyyZBPa6+M7ADFb1VLjQ/+sE9jimijlPcpm7degwY1X1+Ifck= =7qWv -----END PGP SIGNATURE----- --nextPart3187816.5fSG56mABF--