From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC263C4332F for ; Thu, 2 Nov 2023 15:26:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3BB82280001; Thu, 2 Nov 2023 11:26:31 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 344578D000F; Thu, 2 Nov 2023 11:26:31 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1E5B5280001; Thu, 2 Nov 2023 11:26:31 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 092B08D000F for ; Thu, 2 Nov 2023 11:26:31 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id C712EA0148 for ; Thu, 2 Nov 2023 15:26:30 +0000 (UTC) X-FDA: 81413390940.08.6E4F1D1 Received: from mail-ot1-f78.google.com (mail-ot1-f78.google.com [209.85.210.78]) by imf11.hostedemail.com (Postfix) with ESMTP id 21CE740010 for ; Thu, 2 Nov 2023 15:26:28 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf11.hostedemail.com: domain of 3pL9DZQkbAGMTZaLBMMFSBQQJE.HPPHMFVTFSDPOUFOU.DPN@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.210.78 as permitted sender) smtp.mailfrom=3pL9DZQkbAGMTZaLBMMFSBQQJE.HPPHMFVTFSDPOUFOU.DPN@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1698938789; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=36jTIk8RNWrAuIMJmC5HqYBs4sdtGNKnTTHc+A6SXu8=; b=egdGEyhL9pRS4cXudu5wie5VhZXP+VF+pdPsJIUqA98v1xH+BEiHQr0guNXRmSzMEIEFT8 /UbO6AYmK5IcmqgxWH0UoT4cKuAXREBsWryBEgykon+DPW1oF9YPw+AUrRdPEmFDlcLH7j lwOrOau+Gkx7JqeOxxYZWQbAoXR4rM0= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf11.hostedemail.com: domain of 3pL9DZQkbAGMTZaLBMMFSBQQJE.HPPHMFVTFSDPOUFOU.DPN@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.210.78 as permitted sender) smtp.mailfrom=3pL9DZQkbAGMTZaLBMMFSBQQJE.HPPHMFVTFSDPOUFOU.DPN@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1698938789; a=rsa-sha256; cv=none; b=AK1uM/ccXgXweweATY0oNToy00iBS4PlD4+S+kG3rWDn7EFRHv399ICHPysTXQ4R1QEJbh O7TkD0zEKvPENrA6Cn3n8eDjrR3abuH/s2/lK3UevZ+7eoY/y8KP2z6eWqR11NFHgorToS WJMg2s/ooPL7HC89GJBRSViLKMltYAQ= Received: by mail-ot1-f78.google.com with SMTP id 46e09a7af769-6ce37195375so1305993a34.0 for ; Thu, 02 Nov 2023 08:26:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698938788; x=1699543588; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=36jTIk8RNWrAuIMJmC5HqYBs4sdtGNKnTTHc+A6SXu8=; b=YpehjXg5WUj3QP+5ITkKpPCqabrYa5mDUZN1yJXHOhVKD3kdv9M82THC1cFMfW+ImP iEq4KWkQn7eRvnexoxiFl/DvLGY3HUoMiVRBPZ4yGyk5+9RXkbJFiZRClioSNhh9MqFe HQZ+ZixUCfTvJLqM3mHkx1/LZjrn8sE9RbMGSE/LJfAuPj7HMFP3zVefRq5VmlpXk91I 7eh1BL8dzonEuv9r/x+H1oaXBMfBnZRKfxl197G7ebuVmSOS8vIUdYTdWDu9CcV85ZYU 42bp7nC4JIFC2aehswPk7A0xjJnnDAnRtvDTPT9w8raaVULJOUlz7/z38hULYrKi0tGo svMQ== X-Gm-Message-State: AOJu0YyDFfDty9+OwHk1WwxfzLZyUGFsA8u1zy6+eRXftpZjN0NpSFye PsMNzRMhui7M1lAy4+2ICgWaqUkoEY4wjFl6n0cGhscb/p2k X-Google-Smtp-Source: AGHT+IEWlYNHZ8FBPDPfTtKasOoO9DDEe2aMzCjLNuY/eunbWx/0Dx23U9vkHQAGwGrZmEfOiGN4XMP/wdHHKYAgSp9iDYgca8ce MIME-Version: 1.0 X-Received: by 2002:a9d:6197:0:b0:6cd:f9b7:dadf with SMTP id g23-20020a9d6197000000b006cdf9b7dadfmr5320954otk.2.1698938788231; Thu, 02 Nov 2023 08:26:28 -0700 (PDT) Date: Thu, 02 Nov 2023 08:26:28 -0700 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <000000000000f7bf4906092d02cb@google.com> Subject: [syzbot] [mm?] general protection fault in hugetlb_vma_lock_read From: syzbot To: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, llvm@lists.linux.dev, mike.kravetz@oracle.com, muchun.song@linux.dev, nathan@kernel.org, ndesaulniers@google.com, syzkaller-bugs@googlegroups.com, trix@redhat.com Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Stat-Signature: oen6c6weegp3ormba6qz3ndns1cby4ir X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 21CE740010 X-HE-Tag: 1698938788-674993 X-HE-Meta: U2FsdGVkX1+TW7Q7kvxYrNera70pGR2AOM1uDfx1RADGF59quzCzlzPOQkoJQmwiLU2cmZm0LC7lkoSbpVTMcnMsILBVXXp6M67wQLqn8ZnCWrdvxxGNoYqYYLdihAuvDCx8qdTKtXrucLm50DOVbbO8iEciik63rGn3yRY10Q+z8qb1Z5OZWe0GsakBnNcUmyJiiVOZ3aeufMCq4Y7DhX37tn+C4sIvASFMVqS069Ki4vjzc4fP3IR2Pahh1il9zXYuHKmia8xNU+lQKfGxouejC5bqJwwCZl6i8Vl6DNwj3OA+h8+Yl27w2sF7FHr0I1CQIW7Bzj5JBbZ1QWD2WXb5GcPTn0Lk1cZUGUm3HrTe1+JX8KwTGHH/AWktkK3MeO5E3ttqj4J1sF5fm+dIucEJC7OS4m6Ie3kJa8J49DbrgQhVSDGqjnPMdaNYHFSIWO0TiAD0vhS7G+ugzO10NRNhUQJdW6IXrv1KvguWoOYE5VoZhcVvU5BKxwa5AiwSBKyl2zeqNB4PCoPXqQhjWBYciU28T1humOhS368Ltu478+nnuSc32VCWjatfVM8E/XgkddSRjguNIdSbWfOem17zn0F4b45Of/LAoItwVsfEuFbVhMbCYef6kQha692WromW1V9rU/bXkoD/lNCE4YvoMH3GK4Et2U3ngL1Z4F2bkSugujfAcis9E+SUPB8oxcfhmAPfgrzKHQW2rwwUPb0nW3NHcRNd0zF3eR2VpPe92T1P78/hP/ebyV8TPJdmi/8ckn5McOBIw7XoBncKHshVIBw3nq9ZSbXX0x0kt7CzpxPwjbY5jMSlKfRvaxjU4r0tJDlTdSXSBV2nmfya36A121BPoOor21DaS6aF13aPoi519e39BK3UXpFsqwj44lyE5k6LDFmsjsWJseQkTzxdcJt7lTJpMjP5aM4sZDILOfAsHCuIAWkgCV0ktfO5j1w9bv0I73FP/ViCIAM f8f8T6Ss gDGoX/63WdGvYbnDbSWaT2ctM6Hm2h6upuCt+TV+pYVoihZcszWZS1oSs/Vm5Rl/8VU+yGA4wqnPp0ylul2pPat3h5/gxXpKgwyQ1VcMHpkw/taRDI6R3OnyQUpvtgCSCEdAVac8lqaciALmjnVIv6BFgsTitPJzSbhA4PpTwMRaK3Qm1ow9RbxYCKDiSShBmlY6PhOGjtleaGdr4t5yD8Zn8CQrGk+xyXC5lYPyjPSjasRN4aQRnbyH/fG5KqkUAsuGBNOl8/kRlq2FQ/kIBvSiEjEyeaQtbGt0z7V9GpVkPp4exnLd61qOjl0XYWcAFgskSaStQpTFekx8xKeDl3JAp3Vd162KvpQy1DmcORPZR/aaktTltt4Z4EcwxOveYCEW9vGvfSZslTkngyk7j4OkKMmohQ6qBLaABG73EfIAavNbj3mTDudXUqenSDe9G/y2oIFRlIjGK+wTWeR2FwSFieanOlfX6bZm/VwrU2DzVT6op1VUI109ENpm5eehTC8e81fDTx50OOnRtwBgBD0bp5nZd40SRyFjMUjxvZjZCQJ0TRXEaZ+vDg+b4KG9MUzOuh4TGUwSZg7hencQALWVU6U74hq3KkBOkwX+rPpmrEli48ekmUMFBVqDd1a1lFePABn46atRk6hZjCp4rwyJ2lgKFsCnx25/8r+vbOvEfVY85lsLK1MxrYGZvzl2i73JeBIx7O9sqrUdhFJRcYggQbXpvDO8SXo0rAb5ctyVxN2inr/swEZJr8RTp6o5/8FsASFceKjcaRFzOJwCuLzq6tqNYheyJWdqlUJhApJw4xOHecbWATrAxxN15ntOe5gGyON2GfLTRQWZGhAAjL0eTMJjRQbT3rdCK0wepLQLAei5iwqNQthqw4cNr/apZjgd8nOVQLfnnVIiNXqs9FXZLAyCBiEbP9n6JopqMrNM19SM34MnvMuDEY+4Po6VBr9bOdRLNLtaYkxiPJ1s3SSoHycaJ k0XHo4QQ m3iS688AsoPTCFF7Z+pEMcEtUEDzqgFJXqJJlW9twL4rMDU/S1AQ/rKkcXYfK82EMK5MSjGN7qV/Gu71Nj2vk7vG+TIRlZRUXscE+ZuxoYjVa0qB+h0Ur271GzDWjPLROkO2TtXUIzYAdbjSM3Sr6ILwPYGA8Q2cJU6271BEYMa/EsfTdR47ndCMhO2IE56vloUlaVnGiQHBVTzaKbHbEfsfqSKfwAy3SKZdYM6b6Ralr9xu/B2nSs4s43NyMjQQQymSUZoBAILkfBM8z1qXv/hReFYP/WysEy9RG55BHcljdUSH0CUd8aKi7h4t638UvX56K68Pmna7egDislODk/LYinNOEXOHO++t9eN205q2FcAtwFMZINIpctfeRWqKkY0eOt93EE3UGATs3Y3omwgUKLlsikqalQP4IHZMSmw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hello, syzbot found the following issue on: HEAD commit: babe393974de Merge tag 'docs-6.7' of git://git.lwn.net/linux git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=176e7813680000 kernel config: https://syzkaller.appspot.com/x/.config?x=34994593e74fdcfe dashboard link: https://syzkaller.appspot.com/bug?extid=93e7c679006f0d4e6105 compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 Unfortunately, I don't have any reproducer for this issue yet. Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/81ff19e40c77/disk-babe3939.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/a92e6d2d9507/vmlinux-babe3939.xz kernel image: https://storage.googleapis.com/syzbot-assets/afd2bad18cfc/bzImage-babe3939.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+93e7c679006f0d4e6105@syzkaller.appspotmail.com netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. general protection fault, probably for non-canonical address 0xdffffc000000001d: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x00000000000000e8-0x00000000000000ef] CPU: 1 PID: 15736 Comm: syz-executor.1 Not tainted 6.6.0-syzkaller-10265-gbabe393974de #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 RIP: 0010:__lock_acquire+0x109/0x5de0 kernel/locking/lockdep.c:5004 Code: 45 85 c9 0f 84 cc 0e 00 00 44 8b 05 21 dc 81 0b 45 85 c0 0f 84 be 0d 00 00 48 ba 00 00 00 00 00 fc ff df 4c 89 d1 48 c1 e9 03 <80> 3c 11 00 0f 85 e8 40 00 00 49 81 3a e0 09 b3 90 0f 84 96 0d 00 RSP: 0018:ffffc90003387378 EFLAGS: 00010006 RAX: ffff88801d5e9dc0 RBX: 1ffff92000670e9f RCX: 000000000000001d RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 00000000000000e8 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 R10: 00000000000000e8 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 FS: 00007f07477fc6c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000b80 CR3: 000000006a8b7000 CR4: 00000000003506f0 Call Trace: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 down_read+0x9c/0x470 kernel/locking/rwsem.c:1526 hugetlb_vma_lock_read mm/hugetlb.c:274 [inline] hugetlb_vma_lock_read+0xae/0x100 mm/hugetlb.c:265 hugetlb_follow_page_mask+0x156/0xf20 mm/hugetlb.c:6500 follow_page_mask+0x49e/0xda0 mm/gup.c:824 __get_user_pages+0x366/0x1480 mm/gup.c:1237 __get_user_pages_locked mm/gup.c:1504 [inline] __gup_longterm_locked+0x755/0x2570 mm/gup.c:2198 pin_user_pages_remote+0xee/0x140 mm/gup.c:3346 process_vm_rw_single_vec mm/process_vm_access.c:105 [inline] process_vm_rw_core.constprop.0+0x43d/0xa10 mm/process_vm_access.c:215 process_vm_rw+0x2ff/0x360 mm/process_vm_access.c:283 __do_sys_process_vm_writev mm/process_vm_access.c:303 [inline] __se_sys_process_vm_writev mm/process_vm_access.c:298 [inline] __x64_sys_process_vm_writev+0xe2/0x1b0 mm/process_vm_access.c:298 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x63/0x6b RIP: 0033:0x7f0746a7cae9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f07477fc0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 RAX: ffffffffffffffda RBX: 00007f0746b9bf80 RCX: 00007f0746a7cae9 RDX: 0000000000000001 RSI: 0000000020000b80 RDI: 0000000000001d1b RBP: 00007f0746ac847a R08: 0000000000000001 R09: 0000000000000000 R10: 0000000020000f80 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007f0746b9bf80 R15: 00007f0746cbfa48 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__lock_acquire+0x109/0x5de0 kernel/locking/lockdep.c:5004 Code: 45 85 c9 0f 84 cc 0e 00 00 44 8b 05 21 dc 81 0b 45 85 c0 0f 84 be 0d 00 00 48 ba 00 00 00 00 00 fc ff df 4c 89 d1 48 c1 e9 03 <80> 3c 11 00 0f 85 e8 40 00 00 49 81 3a e0 09 b3 90 0f 84 96 0d 00 RSP: 0018:ffffc90003387378 EFLAGS: 00010006 RAX: ffff88801d5e9dc0 RBX: 1ffff92000670e9f RCX: 000000000000001d RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 00000000000000e8 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 R10: 00000000000000e8 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 FS: 00007f07477fc6c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000b80 CR3: 000000006a8b7000 CR4: 00000000003506f0 ---------------- Code disassembly (best guess): 0: 45 85 c9 test %r9d,%r9d 3: 0f 84 cc 0e 00 00 je 0xed5 9: 44 8b 05 21 dc 81 0b mov 0xb81dc21(%rip),%r8d # 0xb81dc31 10: 45 85 c0 test %r8d,%r8d 13: 0f 84 be 0d 00 00 je 0xdd7 19: 48 ba 00 00 00 00 00 movabs $0xdffffc0000000000,%rdx 20: fc ff df 23: 4c 89 d1 mov %r10,%rcx 26: 48 c1 e9 03 shr $0x3,%rcx * 2a: 80 3c 11 00 cmpb $0x0,(%rcx,%rdx,1) <-- trapping instruction 2e: 0f 85 e8 40 00 00 jne 0x411c 34: 49 81 3a e0 09 b3 90 cmpq $0xffffffff90b309e0,(%r10) 3b: 0f .byte 0xf 3c: 84 .byte 0x84 3d: 96 xchg %eax,%esi 3e: 0d .byte 0xd --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup