From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8BF5C636D3 for ; Wed, 8 Feb 2023 20:19:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2C72B6B0071; Wed, 8 Feb 2023 15:19:59 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 24F506B0072; Wed, 8 Feb 2023 15:19:59 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 116F16B0074; Wed, 8 Feb 2023 15:19:59 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id EDA9D6B0071 for ; Wed, 8 Feb 2023 15:19:58 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id A716D1C6693 for ; Wed, 8 Feb 2023 20:19:58 +0000 (UTC) X-FDA: 80445240876.10.D04BE76 Received: from mail-io1-f72.google.com (mail-io1-f72.google.com [209.85.166.72]) by imf19.hostedemail.com (Postfix) with ESMTP id 02A931A0019 for ; Wed, 8 Feb 2023 20:19:55 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf19.hostedemail.com: domain of 36wPkYwkbAKgaghSITTMZIXXQL.OWWOTMcaMZKWVbMVb.KWU@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.72 as permitted sender) smtp.mailfrom=36wPkYwkbAKgaghSITTMZIXXQL.OWWOTMcaMZKWVbMVb.KWU@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1675887596; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=boyPZOAY3X383WTfH+FoTPjeMXz4TtxflAWHGTjO3uA=; b=XH7BRdBjNs5fE+JyksyC4mk0HH9+m/62WYSlr2SdnUzXceAmEc2nIlOdrtOBZR5aHz78l0 rTBQKx6A9L49aGCmFfCIivCMSIBMwSBqmVkzyyzmkJi6tfwdM+VmADt4CUe1UAZ8AWJ2hr a0kIqQDDikmMUmcB4yf+WdxEeQztqgo= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf19.hostedemail.com: domain of 36wPkYwkbAKgaghSITTMZIXXQL.OWWOTMcaMZKWVbMVb.KWU@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.72 as permitted sender) smtp.mailfrom=36wPkYwkbAKgaghSITTMZIXXQL.OWWOTMcaMZKWVbMVb.KWU@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675887596; a=rsa-sha256; cv=none; b=ZF6UZhFwWy9BBzFglsqyBEZbyDHQ7mI5tRxPWcV+WITnP0pWHNzipoBb7B0CAqJUtu+m2M 7PUn+09IAY7PM93ZFnI2tEGWay8XI/eR8kAmKmmst2XTRI3lp9RbgKGrn5zrzGgAfdI4Xk kwKarMzMBILOu821QBhBwFiXsQqv5lg= Received: by mail-io1-f72.google.com with SMTP id t15-20020a5d81cf000000b006f95aa9ba6eso12032762iol.16 for ; Wed, 08 Feb 2023 12:19:55 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=boyPZOAY3X383WTfH+FoTPjeMXz4TtxflAWHGTjO3uA=; b=rXW4wn+GNdeBylT6NmMBK2krB7M478CO3SWRSQmsfywhdIj650/67ICh6KCSh6gsyt mILuCg2qEyKN9oWn2mDbK75o96O/3iMbI5/ibxuomNAg4L2OProglF+aDyqG9uHt5gDt qQ0+9T24aXuAhjyGxvZMtXfEY1zrBnGdDS7DV/x26gHH6s2R2SXb/OD1AL8C1CaPk7QY rddV0fVBZqKZ/jy/p7wpMTThc3igB7wYaOwAufzZ9uZocbMiJNJYpDsInzHpzIHxFfes MwS2m16MCHt6akLoJPnvsS/0ydT5oCai+2FXmnfidnAo/9Yx1DMFE6BJXiDw84rQEVel jTJA== X-Gm-Message-State: AO0yUKWYoUFDFusGI15eThVTWL06JY5hZZfQunD/LThrBY+5fDrPhilQ XnZ0U+fZnHDA3zQzpTskoNuEgeFa3yPymL549LDbft0rNkY2 X-Google-Smtp-Source: AK7set8HYAF5nFRgeMXQys2wWST+vnCsVc2VRHahIaPre0bJD5v2smb7lJcTLDbPs50DhSTMEy1OfLkPggppcyjOJpylfvd+gWZc MIME-Version: 1.0 X-Received: by 2002:a05:6e02:100f:b0:311:be1:d35c with SMTP id n15-20020a056e02100f00b003110be1d35cmr4576653ilj.116.1675887595282; Wed, 08 Feb 2023 12:19:55 -0800 (PST) Date: Wed, 08 Feb 2023 12:19:55 -0800 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <000000000000cce8cd05f435fc77@google.com> Subject: [syzbot] BUG: unable to handle kernel paging request in folio_flags From: syzbot To: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, llvm@lists.linux.dev, mike.kravetz@oracle.com, muchun.song@linux.dev, nathan@kernel.org, ndesaulniers@google.com, syzkaller-bugs@googlegroups.com, trix@redhat.com Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 02A931A0019 X-Stat-Signature: fna3ya3i1kw1mh5oz4gk1i5zp9p7xdqf X-HE-Tag: 1675887595-933533 X-HE-Meta: U2FsdGVkX19u6Ox7cxL98P0ChZXaH8nO/JQwRXaz4OtCfhFw+Ay02kqgySM+OSq2LxEDOfe4kGwr+ccGJLppcDnbrGUR1z6Rdc3s6IwFmZ6+mAeN874JRYvyCbqojgyVVIi0wS42bklvKYT7BycFKqJ/Dg/jvY2QdnoCtpL7rshGgcNLrRu/lbkgy07828HtnDIhbGaYxkdYa0O/qhPlqQq+tfHn/UMiggNeduzVR1DRbUuqMZs4bZMGCehLj2GuGvB7j5cftW6qQHQum6CJ/rTy7+S9tBVXgCg98amIgMjU857ucv2IGLnqQx1ZDRlGXcG9yzVFe6Ha5xxdpviz82Yqbg4g7ToJdUPrJdtA+X53O4sBYdNfve8oxOEZwbjwUoSlbT5+9MFIa4itytfYQShedWXaOzk01YTFs6MbMRxt7XNCAOdW9/Jp+SC/sf+92cOnQDg5fnO2cxPbHnmfUPy2OUKj0wAIimeV3FuS93QHSez1X/kU2c1FFKi9U+xkiI5f2g3ue5BCfCE/jFDniZd7WjLInEQ3xg7Ic+nxjIdg+82vbYTmPbRh1MAMc9c+Teh3pk0nNJnqdO/ZsAFICDd5IDhBZo4Hbsdb33LFOpDM8r+6MByWMp6JFx91rr8FJJShd+5GDgpqSyiGBrJks3SgcS2hEmNHwR7ENc/Na+p4bPdv+g3CRCBBF6kf+Su070kf4qwJaV9PqAt/3hSGUOi6fFptPCOQMdn6swzLpOBh1jV2/Wi4WR+TIJIXCj+Zjz0XExPUBPyDdMx8xP60Eh54X6UlKiPvvzZZvFlQP0SbIxyRqtpwk+dWB6gRutUqfLgWsVZvPRZEZ4FU5Yw0hqpt8nQvugrxep+0/vcXLOa49vFN1GG17YTSEDNZ9ktb90Vqtow0VwN0RcMWzxW74glyAo8m9w7WgvWqJ1KhvxiteCgS4wBISmW3gyMtloIeRbIKAVyb7Wh7C9KGM3Y KgkyJtWH LkMmEpT0VdZenfDMpvfJRPaSeEQP+IFsjaJd7fApgK/LI6oN5FPBwwFJYHwThE79joz2vzpyCOy9ZTwZlLJmZg7WStUA0eQJBjiGVPYvjup4z8BrqtieTk1SiNrai0pl7utjVlQen+LUqYcHH5TcNzbznD2a5fPOTn6u+/F+rDZaNVCtHrIOvviVYwZBDffFTT6U48kZYE7WN+HDVzWatstdNlPBFfGoWiNpxiSOh/35lJXgOBkrLRYLA7a2TQ2vBzM2KUlbOdzOXZ3sO5T0M2EGKomVCwZkyTBG55+CCLzEn03Cx/0jzbJ6X2Vbec3cEDzKmJWuGH7dNuUDoPggRffZFtbMFCFISQakz5aZiMfE5Eu16Nf0oxGZGw/xfo4bRDKnBhfG+EE1hNYFsQ51JOylhewDePDqeEtfrBWQMf2FHa4RPxUD10w+AM3XSfTbyJlj9F6R1nfQ+LFz8GFixrSWwNomUHkbQS4Q6x5vFfoMUtx7CFyeZ3g0/vjHD6YqmhwQ6mn1299UUwT0cDLnKyqJC+f+qYXKU0v5ofSwmGupUWPH5zxUJBvqE4f9WxqG4fweUVjnpSwUJ/N3cgCRwX++zeeVl9yxDgM6kMnMLGu6j0V25gXLrfGRYGJikcw/+AnUtDIbHQTN4kSCubIHxUH4QeSdB9IrOGMXo1Syt5dCE5pYIj36qcEHuqWNd9Tp/7JnYtqVQm4Ur3wG1i2FDrPmSo34R7mV85MFdFbmVYAf12IBUmF+aqwlep28Rlqkz/rKI38hRVopwordZcYpwiw7X6IC9CZBqSYi2lO+iYNd2cKuLgFsLwUKPP9hzAui3huONH4vOyb1uhqaY/upaOF5EocluOLVVB2JsNGcT6dnkd/D243qxJzZSuPjZPQyFa5pbOcMxDBZQtzXoqHKQnoVVB+lZChj3F0erQem7z2NnyjOpA6yAc/0NwN0mWtc6wjfe+pY21Bg7+QSoHVWwWKiVTqQU blYEZVJE 4g6Duq6ZdGDQBn1hfrmk7ZU2lU2X/OwTk9quFSzutr78b4R5Wwucr2UZ0i/AI5s01P7cXaRmxPnq3kl0fHSJWriZbth8U7mAAobuV9t6EVA557DbG6ZHsU9unUh9Pqtrz2CpXELDqNjcku63d3oxk9fonyeiZzCnDBYL8kl8NXD3znz2m26jiqMlPaPFVMUdTmdNJDOYDz/tjaji8sOHvG7J58jA1IFPAcqyOqCyhdJfuNZzBzHHkFYHaz2R81dJomE/P53Vtsr1kDyoPvfb8e6is8XEuOJxOeO5Q/Qk6EZtoIcvhHCTxGQKSc6kVNHaZ4+Vq9Dc/dGp2N+1QJQOQQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hello, syzbot found the following issue on: HEAD commit: 38d2b86a665b Add linux-next specific files for 20230208 git tree: linux-next console output: https://syzkaller.appspot.com/x/log.txt?x=147599df480000 kernel config: https://syzkaller.appspot.com/x/.config?x=3691b32dd4410e01 dashboard link: https://syzkaller.appspot.com/bug?extid=d632e24db18585d7b3c6 compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 Unfortunately, I don't have any reproducer for this issue yet. Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/0a9d60e90514/disk-38d2b86a.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/71311be5f1a1/vmlinux-38d2b86a.xz kernel image: https://storage.googleapis.com/syzbot-assets/a242870cc8eb/bzImage-38d2b86a.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+d632e24db18585d7b3c6@syzkaller.appspotmail.com BUG: unable to handle page fault for address: ffffffffffffffed #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD c570067 P4D c570067 PUD c572067 PMD 0 Oops: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 5544 Comm: syz-executor.2 Not tainted 6.2.0-rc7-next-20230208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 RIP: 0010:PageTail include/linux/page-flags.h:290 [inline] RIP: 0010:folio_flags.constprop.0+0x2c/0x150 include/linux/page-flags.h:317 Code: 49 89 fc 55 53 e8 84 4e b7 ff 49 8d 7c 24 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 f8 00 00 00 <49> 8b 5c 24 08 31 ff 83 e3 01 48 89 de e8 c2 4a b7 ff 48 85 db 0f RSP: 0018:ffffc9000675fc08 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffffffffffffffe5 RCX: ffffc9000cd62000 RDX: 1ffffffffffffffd RSI: ffffffff81cd1f5c RDI: ffffffffffffffed RBP: ffffffffffffffe5 R08: 0000000000000005 R09: 0000000000000000 R10: 00000000ffffffe5 R11: 0000000000000000 R12: ffffffffffffffe5 R13: 000feffffff00000 R14: 0000000000000046 R15: 000feffffff00000 FS: 00007f6f37eb3700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffed CR3: 00000000217a0000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: folio_test_head include/linux/page-flags.h:781 [inline] folio_test_large include/linux/page-flags.h:802 [inline] PageHeadHuge+0x18/0xc0 mm/hugetlb.c:2060 folio_test_hugetlb include/linux/page-flags.h:830 [inline] folio_file_page include/linux/pagemap.h:702 [inline] shmem_read_mapping_page_gfp+0x34/0x100 mm/shmem.c:4366 shmem_read_mapping_page include/linux/shmem_fs.h:124 [inline] udmabuf_create+0x93b/0x1440 drivers/dma-buf/udmabuf.c:286 udmabuf_ioctl_create drivers/dma-buf/udmabuf.c:346 [inline] udmabuf_ioctl+0x156/0x2c0 drivers/dma-buf/udmabuf.c:377 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f6f3708c0f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f6f37eb3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6f371abf80 RCX: 00007f6f3708c0f9 RDX: 0000000020000080 RSI: 0000000040187542 RDI: 0000000000000005 RBP: 00007f6f370e7ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffec3da43f R14: 00007f6f37eb3300 R15: 0000000000022000 Modules linked in: CR2: ffffffffffffffed ---[ end trace 0000000000000000 ]--- RIP: 0010:PageTail include/linux/page-flags.h:290 [inline] RIP: 0010:folio_flags.constprop.0+0x2c/0x150 include/linux/page-flags.h:317 Code: 49 89 fc 55 53 e8 84 4e b7 ff 49 8d 7c 24 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 f8 00 00 00 <49> 8b 5c 24 08 31 ff 83 e3 01 48 89 de e8 c2 4a b7 ff 48 85 db 0f RSP: 0018:ffffc9000675fc08 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffffffffffffffe5 RCX: ffffc9000cd62000 RDX: 1ffffffffffffffd RSI: ffffffff81cd1f5c RDI: ffffffffffffffed RBP: ffffffffffffffe5 R08: 0000000000000005 R09: 0000000000000000 R10: 00000000ffffffe5 R11: 0000000000000000 R12: ffffffffffffffe5 R13: 000feffffff00000 R14: 0000000000000046 R15: 000feffffff00000 FS: 00007f6f37eb3700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffed CR3: 00000000217a0000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 49 89 fc mov %rdi,%r12 3: 55 push %rbp 4: 53 push %rbx 5: e8 84 4e b7 ff callq 0xffb74e8e a: 49 8d 7c 24 08 lea 0x8(%r12),%rdi f: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 16: fc ff df 19: 48 89 fa mov %rdi,%rdx 1c: 48 c1 ea 03 shr $0x3,%rdx 20: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) 24: 0f 85 f8 00 00 00 jne 0x122 * 2a: 49 8b 5c 24 08 mov 0x8(%r12),%rbx <-- trapping instruction 2f: 31 ff xor %edi,%edi 31: 83 e3 01 and $0x1,%ebx 34: 48 89 de mov %rbx,%rsi 37: e8 c2 4a b7 ff callq 0xffb74afe 3c: 48 85 db test %rbx,%rbx 3f: 0f .byte 0xf --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot.