On Fri, 26 May 2023 18:54:09 +0000 SeongJae Park <sj@xxxxxxxxxx> wrote:
[...]
> > >
> > > divide error: 0000 [#1] PREEMPT SMP KASAN
> > > CPU: 1 PID: 13527 Comm: syz-executor.1 Not tainted 6.4.0-rc3-syzkaller #0
> > > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
> > > RIP: 0010:damon_nr_accesses_to_accesses_bp mm/damon/core.c:491 [inline]
> > > RIP: 0010:damon_nr_accesses_for_new_attrs mm/damon/core.c:497 [inline]
> > > RIP: 0010:damon_update_monitoring_result mm/damon/core.c:506 [inline]
> > > RIP: 0010:damon_update_monitoring_results mm/damon/core.c:534 [inline]
> > > RIP: 0010:damon_set_attrs+0x224/0x460 mm/damon/core.c:555
>
> Thank you for finding and reporting this bug!
>
> The code of the problem is as below:
>
> /* convert nr_accesses to access ratio in bp (per 10,000) */
> static unsigned int damon_nr_accesses_to_accesses_bp(
> unsigned int nr_accesses, struct damon_attrs *attrs)
> {
> unsigned int max_nr_accesses =
> attrs->aggr_interval / attrs->sample_interval;
>
> return nr_accesses * 10000 / max_nr_accesses;
> }
>
> The problem can happen when 'aggr_interval' is smaller than 'sample_interval',
> because 'max_nr_accesses' becomes zero in the case, and resulting in divide by
> zero.
>
> Same problem is in damon_accesses_bp_to_nr_accesses().
This is not true, because the function doesn't divide something by
'max_nr_acceses'. I was confused, sorry.
Thanks,
SJ
[...]
