bscribe@vger.kernel.org> MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Bug#1120602: [REGRESSION 6.12.y] hyper-v: BUG: kernel NULL pointer dereference, address: 00000000000000a0: RIP: 0010:hv_uio_channel_cb+0xd/0x20 [uio_hv_generic] To: Peter Morrow Cc: Salvatore Bonaccorso , 1120602@bugs.debian.org, Long Li , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, regressions@lists.linux.dev, stable@vger.kernel.org, John Starks , Michael Kelley , Tianyu Lan , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Greg Kroah-Hartman References: <7a38c04d-4e54-4f1a-96fd-43f0f11ab97b@linux.microsoft.com> <176298819854.487825.11724175116974643582.reportbug@p15v.lan> <18bcf829-04f9-46ec-a874-7c2b9338cf3d@linux.microsoft.com> <25aff5ca-b5e1-4907-bd12-6571f8454146@linux.microsoft.com> Content-Language: en-US From: Naman Jain In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-DKIM: signer='linux.microsoft.com' status='pass' reason='' DKIMCheck: Server passes DKIM test, 0 Spam score X-Spam-Score: 0.4 (/) X-Spam-Report: Spam detection software, running on the system "witcher.mxrouting.net", has performed the tests listed below against this email. Information: https://mxroutedocs.com/directadmin/spamfilters/ --- Content analysis details: (0.4 points) --- pts rule name description ---- ---------------------- ----------------------------------------- 1.5 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to DNSWL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#DnsBlocklists-dnsbl-block for more information. [139.178.88.99 listed in list.dnswl.org] -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager SpamTally: Final spam score: 4 On 11/21/2025 3:34 PM, Peter Morrow wrote: > Hi Naman/Salvatore, > > Is it possible to get this fixed in the 6.1 LTS series too? I just ran > into this crash when moving from bookworm based Debian kernel > 6.1.153-1 to 6.1.158-1. I saw that "uio_hv_generic: Let userspace take > care of interrupt mask" appeared in 6.1.156. > > Thanks, > Peter. > Hi Peter, Yes, I have sent a patch for older kernel versions as well. I am working to fix the review comments and send new revisions. Here is the link: https://lore.kernel.org/all/20251115085937.2237-1-namjain@linux.microsoft.com/ Regards, Naman From - Wed Nov 26 06:15:54 2025 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: Delivered-To: hi@josie.lol Received: from witcher.mxrouting.net by witcher.mxrouting.net with LMTP id SpD0MxabJmnqyCoAYBR5ng (envelope-from ) for ; Wed, 26 Nov 2025 06:15:50 +0000 Return-path: Envelope-to: hi@josie.lol Delivery-date: Wed, 26 Nov 2025 06:15:50 +0000 Received: from sv.mirrors.kernel.org ([139.178.88.99]) by witcher.mxrouting.net with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.98) (envelope-from ) id 1vO8og-0000000Ble9-1xpG for hi@josie.lol; Wed, 26 Nov 2025 06:15:50 +0000 Received: from smtp.subspace.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 553943B49F3 for ; Wed, 26 Nov 2025 06:15:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 610D01EDA2C; Wed, 26 Nov 2025 06:15:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="CqVULmqe" X-Original-To: stable@vger.kernel.org Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B72151D7995; Wed, 26 Nov 2025 06:15:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=13.77.154.182 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764137731; cv=none; b=N5y5Lf0nMuz4vcg455aDwDaXB25/kXJ8/GITwjs0iHiTncTJ1jrsQYG3XOLPYpoAWCBsFlekbmNH3dZNqXigRsxeYEVuhQ7G+6E9qMWXVf7n2MEzm5pmOoPWMrNk2GvCN1yMVPIekGSxCh9fRaFFdcZ1XuHkcY7IyLV6OCr6oMQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764137731; c=relaxed/simple; bh=LpBcEy8bnxtMa8mq6ZQdHo94SI6kk0VpssK47nsOWj0=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=MXmMBRKOuOi4Uyvf8PNqGlEdEQd0Nq46STXdCeCbnlg2ndmnTNkhX8C/aZ9RlvnQxxj2bwl/eewjt2OUnPGPleuTejxJ83AIEXeKrWzyKmcgQZS9D++FfNICdaW+4GtEBX3Mx5AU6GZ2pxdwwqCIwh0wvhAeVdkezSnbGZNvY6Q= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com; spf=pass smtp.mailfrom=linux.microsoft.com; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b=CqVULmqe; arc=none smtp.client-ip=13.77.154.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.microsoft.com Received: from [10.95.66.235] (unknown [167.220.238.139]) by linux.microsoft.com (Postfix) with ESMTPSA id D482F2120EB5; Tue, 25 Nov 2025 22:15:25 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com D482F2120EB5 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1764137729; bh=oBNpyNmU+M6ZcEV7fHhlIGTKM9KfZA0mvfPsglQ09yU=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=CqVULmqe5Kq1TXCs29vv1QjWMTRsk+gM96OZtvKJHtWxpRJtBSr4Mv0olgzu69dvm Y0io2JA4ug8Wg5svnXEkKJsA0LIGXKCFxNBU98YnqYr5IlbE9D1mpaiM9wo2onCvVt OWOB0akANdM7TKuBIT93o3fp3l6fvTRq8t1j35f4= Message-ID: <9f9f63aa-f4a9-4747-9ff0-3d18b7f3c2fb@linux.microsoft.com> Date: Wed, 26 Nov 2025 11:45:23 +0530 Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 6.6 and older] uio_hv_generic: Enable user space to manage interrupt_mask for subchannels To: Salvatore Bonaccorso , Greg Kroah-Hartman Cc: Wei Liu , Dexuan Cui , Michael Kelley , Long Li , Saurabh Sengar , "K . Y . Srinivasan" , Haiyang Zhang , Tianyu Lan , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org, Peter Morrow References: <20251115085937.2237-1-namjain@linux.microsoft.com> <2025112109-legroom-resend-643f@gregkh> Content-Language: en-US From: Naman Jain In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-DKIM: signer='linux.microsoft.com' status='pass' reason='' DKIMCheck: Server passes DKIM test, 0 Spam score X-Spam-Score: 0.4 (/) X-Spam-Report: Spam detection software, running on the system "witcher.mxrouting.net", has performed the tests listed below against this email. Information: https://mxroutedocs.com/directadmin/spamfilters/ --- Content analysis details: (0.4 points) --- pts rule name description ---- ---------------------- ----------------------------------------- 0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to DNSWL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#DnsBlocklists-dnsbl-block for more information. [139.178.88.99 listed in list.dnswl.org] 1.5 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager SpamTally: Final spam score: 4 On 11/21/2025 6:13 PM, Salvatore Bonaccorso wrote: > Hi, > > On Fri, Nov 21, 2025 at 11:10:43AM +0100, Greg Kroah-Hartman wrote: >> On Sat, Nov 15, 2025 at 02:29:37PM +0530, Naman Jain wrote: >>> From: Long Li >>> >>> Enable the user space to manage interrupt_mask for subchannels through >>> irqcontrol interface for uio device. Also remove the memory barrier >>> when monitor bit is enabled as it is not necessary. >>> >>> This is a backport of the upstream commit >>> d062463edf17 ("uio_hv_generic: Set event for all channels on the device") >>> with some modifications to resolve merge conflicts and take care of >>> missing support for slow devices on older kernels. >>> Original change was not a fix, but it needs to be backported to fix a >>> NULL pointer crash resulting from missing interrupt mask setting. >>> >>> Commit 37bd91f22794 ("uio_hv_generic: Let userspace take care of interrupt mask") >>> removed the default setting of interrupt_mask for channels (including >>> subchannels) in the uio_hv_generic driver, as it relies on the user space >>> to take care of managing it. This approach works fine when user space >>> can control this setting using the irqcontrol interface provided for uio >>> devices. Support for setting the interrupt mask through this interface for >>> subchannels came only after commit d062463edf17 ("uio_hv_generic: Set event >>> for all channels on the device"). On older kernels, this change is not >>> present. With uio_hv_generic no longer setting the interrupt_mask, and >>> userspace not having the capability to set it, it remains unset, >>> and interrupts can come for the subchannels, which can result in a crash >>> in hv_uio_channel_cb. Backport the change to older kernels, where this >>> change was not present, to allow userspace to set the interrupt mask >>> properly for subchannels. Additionally, this patch also adds certain >>> checks for primary vs subchannels in the hv_uio_channel_cb, which can >>> gracefully handle these two cases and prevent the NULL pointer crashes. >>> >>> Signed-off-by: Long Li >>> Fixes: 37bd91f22794 ("uio_hv_generic: Let userspace take care of interrupt mask") >> >> This is a 6.12.y commit id, so a fix for 6.6.y does not make sense :( > > Should maybe be updated to reflect the original upstream commit. In > fact b15b7d2a1b09 ("uio_hv_generic: Let userspace take care of > interrupt mask") was backported to various stable series: > > v5.4.301: 540aac117eaea5723cef5e4cbf3035c4ac654d92 uio_hv_generic: Let userspace take care of interrupt mask > v5.10.246: 65d40acd911c7011745cbbd2aaac34eb5266d11e uio_hv_generic: Let userspace take care of interrupt mask > v5.15.195: a44f61f878f32071d6378e8dd7c2d47f9490c8f7 uio_hv_generic: Let userspace take care of interrupt mask > v6.1.156: 01ce972e6f9974a7c76943bcb7e93746917db83a uio_hv_generic: Let userspace take care of interrupt mask > v6.6.112: 2af39ab5e6dc46b835a52e80a22d0cad430985e3 uio_hv_generic: Let userspace take care of interrupt mask > v6.12.53: 37bd91f22794dc05436130d6983302cb90ecfe7e uio_hv_generic: Let userspace take care of interrupt mask > v6.17.3: e29587c07537929684faa365027f4b0d87521e1b uio_hv_generic: Let userspace take care of interrupt mask > > And Peter just confirmed in > https://lore.kernel.org/stable/CAFcZKTyOcDqDJRB4sgN7Q-dabBU0eg7KKs=yBJhB=CNDyy7scQ@mail.gmail.com/ > that he is seeing the problem now as well after updating from > 6.1.153-1 to 6.1.158-1 in Debian. > >>> Closes: https://bugs.debian.org/1120602 >>> Cc: # 6.6.x and older >> >> How "old" do you want this? Can you fix the Fixes: line up and resend >> with this info? Hi Greg, Sorry for replying late, as I was away for personal reasons since last week. I'll change the commit to reflect upstream commit id and resend the patch and also include the exact older kernels info in the stable tag. > > It is at least relevant for back in 6.1.y now, but I'm not sure about > the older series. I will let Naman speak up. > > I guess the proper fixes tracking is a bit "tricky" because it only > affected some of the stable series, namely those which had a backport > of b15b7d2a1b09 ("uio_hv_generic: Let userspace take care of interrupt > mask") done before the including a backport of d062463edf17 > ("uio_hv_generic: Set event for all channels on the device"). So this > is the reason why we seeing it first in 6.12.y stable series (but now > as well on olders), but not a problem on 6.17.y. > > Hope this explanation helps, please keep in mind that I'm no expert > here by no means, just helping to report it from downstream Debian up > here. > > Regards, > Salvatore Thanks Salvatore for chiming in. I was under the impression that the commit ids remain same across different kernel versions for the same commit, but that was completely wrong. Regards, Naman From - Wed Nov 26 06:19:04 2025 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: Delivered-To: hi@josie.lol Received: from witcher.mxrouting.net by witcher.mxrouting.net with LMTP id gD76ANSbJmnWyCoAYBR5ng (envelope-from ) for ; Wed, 26 Nov 2025 06:19:00 +0000 Return-path: Envelope-to: hi@josie.lol Delivery-date: Wed, 26 Nov 2025 06:19:00 +0000 Received: from dfw.mirrors.kernel.org ([142.0.200.124]) by witcher.mxrouting.net with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.98) (envelope-from ) id 1vO8rj-0000000BsVI-3N40 for hi@josie.lol; Wed, 26 Nov 2025 06:18:59 +0000 Received: from smtp.subspace.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.mirrors.kernel.org (Postfix) with ESMTPS id C54604E070B for ; Wed, 26 Nov 2025 06:18:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) wi