From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 308E2C6FD1F for ; Tue, 2 Apr 2024 17:32:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AC3876B008C; Tue, 2 Apr 2024 13:32:30 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A4C166B0092; Tue, 2 Apr 2024 13:32:30 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8C6FE6B0093; Tue, 2 Apr 2024 13:32:30 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 6A5A86B008C for ; Tue, 2 Apr 2024 13:32:30 -0400 (EDT) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id D705C120A52 for ; Tue, 2 Apr 2024 17:32:29 +0000 (UTC) X-FDA: 81965286018.14.23B1527 Received: from mail-io1-f69.google.com (mail-io1-f69.google.com [209.85.166.69]) by imf11.hostedemail.com (Postfix) with ESMTP id 23F1140025 for ; Tue, 2 Apr 2024 17:32:27 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf11.hostedemail.com: domain of 3K0EMZgkbABYEKL6w770DwBB4z.2AA270GE0DyA9F09F.yA8@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.69 as permitted sender) smtp.mailfrom=3K0EMZgkbABYEKL6w770DwBB4z.2AA270GE0DyA9F09F.yA8@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1712079148; a=rsa-sha256; cv=none; b=f6z6+5CJz/0UOoJf+cukuG36ShQVdp0XPVnoNP8zymP1gbp3doNo1CCF6Ba7DcNFxMzWNE Qi6srjj8amTkvRxCmmV8LZa27fSf+CcYLjv3DRO0LFDc7k1PgGlnjr0c18efK+9Qj/ZW93 yQ53EfUqJnIilNWIiD1srthr7IEAX30= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf11.hostedemail.com: domain of 3K0EMZgkbABYEKL6w770DwBB4z.2AA270GE0DyA9F09F.yA8@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.69 as permitted sender) smtp.mailfrom=3K0EMZgkbABYEKL6w770DwBB4z.2AA270GE0DyA9F09F.yA8@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1712079148; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=3SY9IQN3JgrkzwyVxDMeEwfCmWGF4TEr/b6KUrVvOYo=; b=7TnAshWCee+dHw9qrVHvZDnMEj9t70qLRlE62Y3TatYr3EGQHFZ6lztohoKKNVn5zTvfYJ JsnULArfPCw7iofJPdjKdwxwSNXVfdvPjAk06WzZ3LLcuUgGsDpxSrheRfPqe+sy3zIMDV cvmpoCa6V8zLzh1iByWr+VF2bhdtw64= Received: by mail-io1-f69.google.com with SMTP id ca18e2360f4ac-7cc0370e9b0so603432939f.0 for ; Tue, 02 Apr 2024 10:32:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712079147; x=1712683947; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=3SY9IQN3JgrkzwyVxDMeEwfCmWGF4TEr/b6KUrVvOYo=; b=LuRd7O0kc6ZIzrH8eBLiMEGNyN7NJ+lf5pduh/WImWc1CHhKh/MtacPCBQ9KWXo4YY +6fB8kj0z9pVsaOKbY+O9OChNbbVBljigGW09DK7QCCRT2u06fr4OaP7/S5x1/+ABI0k 6u90aZ14jp+fM6atD4WXQfO2qv3Ki/8xDCxGlthNafR9yeVbWaMl0l7BffKyU+FgGUk2 zXQCEzY82Rdj3ACG5mtItDVDU0dlYOfgVpOdpvySr2KFNf8LmhGCNxTKLG83Xm7oGjRx lH0Q3QDn9NCimmnU1jRp00t4wN/eaS72yESvZ4s09yGFcm4Pvd+nv1u46hdbBrRM7/qC mgiQ== X-Forwarded-Encrypted: i=1; AJvYcCUwZcIpP9iLMDRMARn/m133E2lFFFjjO9ODt92QTie0SMD1+80tQ0h/oP4nGZjosmAB91W+ORTLlf6dzitGHzHk3Og= X-Gm-Message-State: AOJu0YzIyB8qZ2r87Vs6VmxD1SaANLzFN47mMqKXzOhqUWbphONcOrxS avjgxFlEe/toVfIDhp0FkGb4SEdKIFNDau9D4+qC/MBtqvD6ODbFHP03GCVrUr9FGNQUvWGlQme VduJsbUzGPNI3OBqkv/NrKVvfPx9QPIA3hdw1dq6tP9tc9TLn3Arv44A= X-Google-Smtp-Source: AGHT+IHM5KGInL/Vqe3sg2WIOULTaCdYKaXbbtlFCXtlp8wFl18jx2lfWQD+So7vv3M7dXzDZCrELU6brHvjkQIpSXap00PdCQK6 MIME-Version: 1.0 X-Received: by 2002:a05:6602:6c09:b0:7cc:3370:b84f with SMTP id ik9-20020a0566026c0900b007cc3370b84fmr324166iob.4.1712079147245; Tue, 02 Apr 2024 10:32:27 -0700 (PDT) Date: Tue, 02 Apr 2024 10:32:27 -0700 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <000000000000662a630615207d87@google.com> Subject: [syzbot] [mm?] WARNING: bad unlock balance in madvise_cold_or_pageout_pte_range From: syzbot To: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 23F1140025 X-Stat-Signature: 3ksx4gm1p9sxoijznnfttqz5j3be497r X-Rspam-User: X-HE-Tag: 1712079147-313149 X-HE-Meta: U2FsdGVkX1/q3MNRcuLM5tbXIIL0vl3q2m13sBZ9yZY81txT04lkKrFKGlzfv0sZOMzyIGEe3wEIYrXzdHhhtldEXecFm2dd4wFQv+zkS00WgQi1y01BQYWNq5eO1eUj2HswmqXUQo1TL+uZ4MsLu+af5k+74UGZknyIK/yKPNG8ei0n9bCF5fC00Wjnn3R6i7DGLrnTzZw58cjJ7CByNx4IqMP/IPNi570tW4rodlUXf/PgcipJTkaUAOD3erCypTVCPdUR0IvGzH5FEdbycK5QX36gDIOfUDke1Qlk37M23OYuwZJNo3gHBbb11uvXM6ZzzHFTDjZTAsRC4t6XrGk70XTQnnt63c8ioYupbNZUCg/9AfbRMBzAskwdR/uMcoiqUXbbBu510g6bw0tC7PY/mFVDJOmprC8oMqfAnkFRzLUR7o2arNasIGC7CO2QKV4kEM8eSMiVCru4OH8cES+rOm/fUuZsXxVRn0ZMxt79peg+Mf3CG3uK+kP4xmAk7w9eVnvgsqIaYquo6UmA43iKt+QVyClU78igbpUWDGVF4pV9D/+O2jxJIPmdo/ztwk49G0aKx6Du0KdM7gNro+H7LvfzLVUKMLmNBluC8jg6ndcnPcHOcQQfvxzWYIO6ocUk29iC50VLwwxjWnpJ2R+UyQ99h5gz+fW+Ec2KegagEYlZx0JEisgU87IO9L/X1ptY72LuEzI8DnGXnryppPSJJeu8tiDkxo72Mzdy/U/856V99Jf4MMtJipJPZXzsgeTKE1zrTvIN9HnLOCnz7KPLJxyD2aQFFA/Q3f1nU5chWr3pfHnfk5110weZ1EC/a85OFP47Wu1BMtJCrKdQqgEWtFHgyVhkhoJXt6NhrecyM44rMh2ZfzaxeV6xfkItzQdcLrPGIYdCM06mupXQG6QXg/V+4jxKViH5hdbimHTFASx6Vkjp3bjhv/Pt4Aarmug9Jofk2q+bDyr5JAO hLvUa7rt ZaYR17Gj/GSUaW6xzFM/O983mCO0zD9kTzz/Upu9q/0w9IpJLy+GdseZsGrJKzlERw7iuxOTV0DuZ1d9OrDr5hhqiEbt5SdQ5TJ1AsOQgYgi/YfaQH30xLynmDAJnHhKlHrbbFNWS7OZDOFraMHkXEgNUlk/H+QjQo1AZwXX7zzdstqFgCnY5TVZntlncr3kkRpVSysU00BHv4weVfFrMV5ZANOgM6TD8Sqq8UhG6sADfOXS3QTCe5sRBzUXCf2c3ltEnsGfmdRKY9yQ6xc6etaKEs/G7hKyNwMdkrLOxLRU09reXnJdGHfcjk/PezaaC7h7/cjlhtFjvGsInzCGqdZJVcESSP9KvhhT/T/HKLW/VXhgF6XIKzWq3/vGfgrHqbkGdIRGS2fz20q8NTkrCT0yYtoNRAsCx6lzZ9C853aEAb756xOW3Turbu7CKOcft0LaFjvoj9DT9ONcN7Tg7n/upTA4XyUWz6ar0fdE2akW+S6I0mmbW/o538pC/upzaMlIP/bgN70iJEcWPmKWaYDVwWpYRizogtizwrWGok+TxMJwxViDjdwwOojIK8jRQFzSIiYszP+6nb6/oXj4DdPk4ecxjfPx4Z8GwyDzApArZafFql1yboniY59VlaBlVfGVMRFU4VtSqkDjNIo35QEQuOzoH3Cte2ucOPO/IFIPvayfOAi6l3dHFB9Yp868Tg9T7SBTZsR/l9OcqPfqE3xu3hTOXbfuGKqLKpXd/l92C+Rv/rHCWzYZbXuJPA6UemdEtCkcqqLs3XbwenhsGvt9aDdgBDYfoZhHJXqW2nnq584jlw/6FkvpqMZ8s//wG6Q5JprkIqpUyTj3djHcLPcSBGU4XYiAsZuV1YhcUjDP9LDkqr+aE+igUxSENHnDgt87B5UgDXManaQIzpP5GjL868tdBUkUbbYLxy9ZxmkXGCw2epWkd18wx3EqInQ6J5+AQ9ByhZAdpGz4V2uyM1Wj7Yjhn wcf+O7h7 5UKaM+I8R+5QBl0x9lPC+ixeLuvLK99s72QXPz69AXVUc9jt+WLwfGCJTZ1/ODidLY4Ry3VjUvxzjONazU9Or7VkTKWACLF1o1vG7XGYmSwRdbnUUJ6wi2JnggPAKrkIoMsYHThD0tCwEUXgEbNF/y3WZbPht0CFrYT+LCBnmxiJrivahp5og3P0m/hHy4eXYVNe42dN8VM7dlJ6gX4sVL5XnJxQejCa4eQBhT6d6pEo6wmFKgDf00T1EvM3zP4/pUl+BLmZf2qYCubxRT55TRoManrc9Dc1CkaTNMsXm5x/FuZiZHCpwQ5pjBhSIicOKq1LYZpmF53PIqpSq1gX5RaOCXw7jEXlMMbAOAa/J10= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hello, syzbot found the following issue on: HEAD commit: c0b832517f62 Add linux-next specific files for 20240402 git tree: linux-next console output: https://syzkaller.appspot.com/x/log.txt?x=155b7db1180000 kernel config: https://syzkaller.appspot.com/x/.config?x=afcaf46d374cec8c dashboard link: https://syzkaller.appspot.com/bug?extid=c641706ad4e9688cccdf compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 Unfortunately, I don't have any reproducer for this issue yet. Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/0d36ec76edc7/disk-c0b83251.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/6f9bb4e37dd0/vmlinux-c0b83251.xz kernel image: https://storage.googleapis.com/syzbot-assets/2349287b14b7/bzImage-c0b83251.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+c641706ad4e9688cccdf@syzkaller.appspotmail.com ===================================== WARNING: bad unlock balance detected! 6.9.0-rc2-next-20240402-syzkaller #0 Not tainted ------------------------------------- syz-executor.4/9211 is trying to release lock (ptlock_ptr(ptdesc)) at: [] spin_unlock include/linux/spinlock.h:391 [inline] [] madvise_cold_or_pageout_pte_range+0x170f/0x3990 mm/madvise.c:480 but there are no more locks to release! other info that might help us debug this: 1 lock held by syz-executor.4/9211: #0: ffff888067e40b18 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock include/linux/mmap_lock.h:144 [inline] #0: ffff888067e40b18 (&mm->mmap_lock){++++}-{3:3}, at: do_madvise+0x481/0x44a0 mm/madvise.c:1429 stack backtrace: CPU: 0 PID: 9211 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240402-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_unlock_imbalance_bug+0x256/0x2c0 kernel/locking/lockdep.c:5194 __lock_release kernel/locking/lockdep.c:5431 [inline] lock_release+0x599/0x9f0 kernel/locking/lockdep.c:5774 __raw_spin_unlock include/linux/spinlock_api_smp.h:141 [inline] _raw_spin_unlock+0x16/0x50 kernel/locking/spinlock.c:186 spin_unlock include/linux/spinlock.h:391 [inline] madvise_cold_or_pageout_pte_range+0x170f/0x3990 mm/madvise.c:480 walk_pmd_range mm/pagewalk.c:143 [inline] walk_pud_range mm/pagewalk.c:221 [inline] walk_p4d_range mm/pagewalk.c:256 [inline] walk_pgd_range+0xba1/0x1810 mm/pagewalk.c:293 __walk_page_range+0x132/0x720 mm/pagewalk.c:395 walk_page_range+0x58f/0x7c0 mm/pagewalk.c:521 madvise_cold_page_range mm/madvise.c:562 [inline] madvise_cold mm/madvise.c:584 [inline] madvise_vma_behavior mm/madvise.c:1028 [inline] madvise_walk_vmas mm/madvise.c:1256 [inline] do_madvise+0x1e7b/0x44a0 mm/madvise.c:1442 __do_sys_madvise mm/madvise.c:1457 [inline] __se_sys_madvise mm/madvise.c:1455 [inline] __x64_sys_madvise+0xa6/0xc0 mm/madvise.c:1455 do_syscall_64+0xfb/0x240 entry_SYSCALL_64_after_hwframe+0x72/0x7a RIP: 0033:0x7ff60947dda9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff60a1b50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000001c RAX: ffffffffffffffda RBX: 00007ff6095abf80 RCX: 00007ff60947dda9 RDX: 0000000000000014 RSI: 0000000000600000 RDI: 0000000020000000 RBP: 00007ff6094ca47a R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007ff6095abf80 R15: 00007fffacd4bc68 ------------[ cut here ]------------ pvqspinlock: lock 0xffff88802ed23120 has corrupted value 0x0! WARNING: CPU: 1 PID: 9211 at kernel/locking/qspinlock_paravirt.h:510 __pv_queued_spin_unlock_slowpath+0x241/0x2f0 kernel/locking/qspinlock_paravirt.h:508 Modules linked in: CPU: 1 PID: 9211 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240402-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 RIP: 0010:__pv_queued_spin_unlock_slowpath+0x241/0x2f0 kernel/locking/qspinlock_paravirt.h:508 Code: 65 47 6e f6 4c 89 f0 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 9f 00 00 00 41 8b 16 48 c7 c7 c0 26 cb 8b 4c 89 f6 e8 90 f3 cb f5 90 <0f> 0b 90 90 eb 8d 44 89 f1 80 e1 07 38 c1 0f 8c 26 ff ff ff 4c 89 RSP: 0018:ffffc9000e477238 EFLAGS: 00010246 RAX: 5e9807e53cfb4f00 RBX: dffffc0000000000 RCX: 0000000000040000 RDX: ffffc9000b3b8000 RSI: 000000000003ffff RDI: 0000000000040000 RBP: dffffc0000000000 R08: ffffffff81580192 R09: fffffbfff1c39b10 R10: dffffc0000000000 R11: fffffbfff1c39b10 R12: 1ffff11005da4626 R13: ffff88802ed23130 R14: ffff88802ed23120 R15: ffff88802ed23120 FS: 00007ff60a1b56c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fea8ecdaab3 CR3: 000000005d0fe000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30 .slowpath+0x9/0x16 pv_queued_spin_unlock arch/x86/include/asm/paravirt.h:589 [inline] queued_spin_unlock arch/x86/include/asm/qspinlock.h:57 [inline] do_raw_spin_unlock+0x13c/0x8b0 kernel/locking/spinlock_debug.c:142 __raw_spin_unlock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_unlock+0x1e/0x50 kernel/locking/spinlock.c:186 spin_unlock include/linux/spinlock.h:391 [inline] madvise_cold_or_pageout_pte_range+0x170f/0x3990 mm/madvise.c:480 walk_pmd_range mm/pagewalk.c:143 [inline] walk_pud_range mm/pagewalk.c:221 [inline] walk_p4d_range mm/pagewalk.c:256 [inline] walk_pgd_range+0xba1/0x1810 mm/pagewalk.c:293 __walk_page_range+0x132/0x720 mm/pagewalk.c:395 walk_page_range+0x58f/0x7c0 mm/pagewalk.c:521 madvise_cold_page_range mm/madvise.c:562 [inline] madvise_cold mm/madvise.c:584 [inline] madvise_vma_behavior mm/madvise.c:1028 [inline] madvise_walk_vmas mm/madvise.c:1256 [inline] do_madvise+0x1e7b/0x44a0 mm/madvise.c:1442 __do_sys_madvise mm/madvise.c:1457 [inline] __se_sys_madvise mm/madvise.c:1455 [inline] __x64_sys_madvise+0xa6/0xc0 mm/madvise.c:1455 do_syscall_64+0xfb/0x240 entry_SYSCALL_64_after_hwframe+0x72/0x7a RIP: 0033:0x7ff60947dda9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff60a1b50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000001c RAX: ffffffffffffffda RBX: 00007ff6095abf80 RCX: 00007ff60947dda9 RDX: 0000000000000014 RSI: 0000000000600000 RDI: 0000000020000000 RBP: 00007ff6094ca47a R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007ff6095abf80 R15: 00007fffacd4bc68 --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup