From: syzbot <syzbot+2e93e6fb36e6fdc56574@syzkaller.appspotmail.com>
To: eadavis@qq.com, linux-kernel@vger.kernel.org,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [dri?] divide error in drm_mode_debug_printmodeline
Date: Fri, 17 Nov 2023 21:13:04 -0800 [thread overview]
Message-ID: <000000000000cb628c060a664eb0@google.com> (raw)
In-Reply-To: <tencent_72961A37384AFC744F774366863D91364409@qq.com>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
divide error in drm_mode_debug_printmodeline
mode: ffff888140bc9490, ht: 1344, vt: 806, c: 65000, vsc: 0, den: 1083264, num: 65000, drm_mode_vrefresh
mode: ffff88807c374000, ht: 128, vt: 32768, c: 128, vsc: 1024, den: 4294967296, num: 128, drm_mode_vrefresh
divide error: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5448 Comm: syz-executor.0 Not tainted 6.6.0-rc7-syzkaller-00142-g888cf78c29e2-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
RIP: 0010:drm_mode_vrefresh drivers/gpu/drm/drm_modes.c:1305 [inline]
RIP: 0010:drm_mode_debug_printmodeline+0x308/0x5d0 drivers/gpu/drm/drm_modes.c:60
Code: b4 8c 4c 8b 7c 24 30 41 57 55 e8 53 c9 e7 05 48 83 c4 18 44 89 f8 48 69 c8 e8 03 00 00 48 89 e8 48 d1 e8 48 01 c8 89 e9 31 d2 <48> f7 f1 49 89 c0 e9 81 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c
RSP: 0018:ffffc90004e1f8d0 EFLAGS: 00010246
RAX: 000000008001f400 RBX: ffff88807c374000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000100000000 R08: ffffffff81711cfc R09: 1ffff920009c3e6c
R10: dffffc0000000000 R11: fffff520009c3e6d R12: dffffc0000000000
R13: 0000000000000080 R14: 1ffff1100f86e801 R15: 0000000000000080
FS: 00007fb08687c6c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb085b980c0 CR3: 000000007eb58000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
drm_mode_setcrtc+0x83b/0x1880 drivers/gpu/drm/drm_crtc.c:794
drm_ioctl_kernel+0x349/0x4f0 drivers/gpu/drm/drm_ioctl.c:789
drm_ioctl+0x636/0xb00 drivers/gpu/drm/drm_ioctl.c:892
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:871 [inline]
__se_sys_ioctl+0xf8/0x170 fs/ioctl.c:857
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fb085a7cae9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fb08687c0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fb085b9bf80 RCX: 00007fb085a7cae9
RDX: 0000000020000180 RSI: 00000000c06864a2 RDI: 0000000000000003
RBP: 00007fb085ac847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fb085b9bf80 R15: 00007ffe452acab8
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:drm_mode_vrefresh drivers/gpu/drm/drm_modes.c:1305 [inline]
RIP: 0010:drm_mode_debug_printmodeline+0x308/0x5d0 drivers/gpu/drm/drm_modes.c:60
Code: b4 8c 4c 8b 7c 24 30 41 57 55 e8 53 c9 e7 05 48 83 c4 18 44 89 f8 48 69 c8 e8 03 00 00 48 89 e8 48 d1 e8 48 01 c8 89 e9 31 d2 <48> f7 f1 49 89 c0 e9 81 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c
RSP: 0018:ffffc90004e1f8d0 EFLAGS: 00010246
RAX: 000000008001f400 RBX: ffff88807c374000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000100000000 R08: ffffffff81711cfc R09: 1ffff920009c3e6c
R10: dffffc0000000000 R11: fffff520009c3e6d R12: dffffc0000000000
R13: 0000000000000080 R14: 1ffff1100f86e801 R15: 0000000000000080
FS: 00007fb08687c6c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc82ccfc378 CR3: 000000007eb58000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: b4 8c mov $0x8c,%ah
2: 4c 8b 7c 24 30 mov 0x30(%rsp),%r15
7: 41 57 push %r15
9: 55 push %rbp
a: e8 53 c9 e7 05 call 0x5e7c962
f: 48 83 c4 18 add $0x18,%rsp
13: 44 89 f8 mov %r15d,%eax
16: 48 69 c8 e8 03 00 00 imul $0x3e8,%rax,%rcx
1d: 48 89 e8 mov %rbp,%rax
20: 48 d1 e8 shr %rax
23: 48 01 c8 add %rcx,%rax
26: 89 e9 mov %ebp,%ecx
28: 31 d2 xor %edx,%edx
* 2a: 48 f7 f1 div %rcx <-- trapping instruction
2d: 49 89 c0 mov %rax,%r8
30: e9 81 fd ff ff jmp 0xfffffdb6
35: 89 e9 mov %ebp,%ecx
37: 80 e1 07 and $0x7,%cl
3a: fe c1 inc %cl
3c: 38 c1 cmp %al,%cl
3e: 0f .byte 0xf
3f: 8c .byte 0x8c
Tested on:
commit: 888cf78c Merge tag 'iommu-fix-v6.6-rc7' of git://git.k..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=146669b8e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=f0d47f0e0359e88e
dashboard link: https://syzkaller.appspot.com/bug?extid=2e93e6fb36e6fdc56574
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch: https://syzkaller.appspot.com/x/patch.diff?x=10890c77680000
next parent reply other threads:[~2023-11-18 5:17 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <tencent_72961A37384AFC744F774366863D91364409@qq.com>
2023-11-18 5:13 ` syzbot [this message]
[not found] <tencent_ED66D63C7D36FA97CA372E4AFA744777FB09@qq.com>
2023-11-20 14:41 ` [syzbot] [dri?] divide error in drm_mode_debug_printmodeline syzbot
[not found] <tencent_6AFFDDB999194F950DA525D88D9C126B5D07@qq.com>
2023-11-20 14:20 ` syzbot
[not found] <tencent_0A6DB773A6D6B36B037E496063AC044D5705@qq.com>
2023-11-20 14:00 ` syzbot
[not found] <tencent_85864D49802EF66EDA0CBA67C346E592F406@qq.com>
2023-11-19 1:59 ` syzbot
[not found] <tencent_E563A5A44C176E777386C7D365A365497C05@qq.com>
2023-11-18 12:23 ` syzbot
[not found] <tencent_C06FDC2D996D409534E8DEEC96CC7079B20A@qq.com>
2023-11-18 11:02 ` syzbot
[not found] <tencent_065CC990AEDDAEEA8CB0A7C806E012E74606@qq.com>
2023-11-18 7:18 ` syzbot
[not found] <CAGuQ_7jmT0_GAYyGHZc1JVfi0P_e4Rum2nLXVZjnsS2EOVo0kA@mail.gmail.com>
2023-11-16 4:02 ` syzbot
[not found] <CAGuQ_7hOGTm_gfXh5zvVovyKCz1Y0f-hkQ8WmzRfh5SuLvHx4g@mail.gmail.com>
2023-11-16 3:12 ` syzbot
[not found] <20231116005155.2180143-1-lizhi.xu@windriver.com>
2023-11-16 1:24 ` syzbot
2023-11-15 9:34 syzbot
2025-01-18 18:25 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000cb628c060a664eb0@google.com \
--to=syzbot+2e93e6fb36e6fdc56574@syzkaller.appspotmail.com \
--cc=eadavis@qq.com \
--cc=linux-kernel@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.