From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 97392C76195 for ; Mon, 27 Mar 2023 08:42:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C0EA56B0071; Mon, 27 Mar 2023 04:42:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BBEAF900003; Mon, 27 Mar 2023 04:42:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A5F7E900002; Mon, 27 Mar 2023 04:42:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 93FBE6B0071 for ; Mon, 27 Mar 2023 04:42:51 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 5FA8EAB459 for ; Mon, 27 Mar 2023 08:42:51 +0000 (UTC) X-FDA: 80614037742.16.89333F5 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by imf16.hostedemail.com (Postfix) with ESMTP id 56599180002 for ; Mon, 27 Mar 2023 08:42:49 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=dPS5YBD8; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b="Py296J0/"; spf=pass (imf16.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.28 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679906569; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=CZKboqUHI/6gJOZvhB30fR9xntPa2QoVQjkmdLgpJsA=; b=YoNdJhXky4i85vU6jMxAacy28VRLw24vm8eHBrv1YsSmlGRembKOjx3k6yMcMff9W6tBx3 Kl2eL7OgpxS8DBxX77xqR/cPMBjTQ1bYmSS57yjj747rwko6V48MN1Vyk62m/QIWao6FDB ey15L7YzEZFPXJAafaowDIvmNKNPeHo= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=dPS5YBD8; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b="Py296J0/"; spf=pass (imf16.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.28 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679906569; a=rsa-sha256; cv=none; b=bdh9eW7pG3Ey6lE3a367tdbk3fWZwgb+FBPdNWKPnc/Ay9iyWkYUyJuc/+szrhZNy6mpBX NId90ds3QU7pyYeK/LJlDDG5xoO/H1YN2jOZLymWb2D8TzgdjNIeLhN/RhdqJFYxZKbBsU jaMi28odONcZQsc2dJmnE3XTPXUcj5Q= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id BC1F321B2E; Mon, 27 Mar 2023 08:42:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1679906567; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CZKboqUHI/6gJOZvhB30fR9xntPa2QoVQjkmdLgpJsA=; b=dPS5YBD8q1EdTV+vU47/4eO7xmkxnK1BKk+ZfLUsqg38SBUSyHLd1oIFdVhJ1HguaNhcFY nKW2g1dglGbmvtMlIXXgnwYBsNyWStSmcH4ezSJWrYvOzbgmK7jWfOxd2fXi6ZBveB9Azo sr2cySZgETinBo+jOsiH+2ufY/M+Oz4= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1679906567; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CZKboqUHI/6gJOZvhB30fR9xntPa2QoVQjkmdLgpJsA=; b=Py296J0/E9moC1pQe0cbN+LozO2SckLVlx9RkdU9LSck0s9namJ8JA9HjY5eQYZLG/iFJj IZIuGhjPYfMK6mCg== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 9314213329; Mon, 27 Mar 2023 08:42:47 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id dRRJIgdXIWQyTAAAMHmgww (envelope-from ); Mon, 27 Mar 2023 08:42:47 +0000 Message-ID: <098c59e8-166c-ffa6-2742-9c7d32faa5e7@suse.cz> Date: Mon, 27 Mar 2023 10:42:47 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [syzbot] linux-next test error: general protection fault in vma_merge To: syzbot , akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-next@vger.kernel.org, sfr@canb.auug.org.au, syzkaller-bugs@googlegroups.com References: <000000000000c0822e05f7d9812d@google.com> Content-Language: en-US From: Vlastimil Babka In-Reply-To: <000000000000c0822e05f7d9812d@google.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 56599180002 X-Stat-Signature: krn1ayu3tgrsywdtmx11p6ag781e451f X-Rspam-User: X-HE-Tag: 1679906569-417372 X-HE-Meta: U2FsdGVkX1/2sY/wteIdgpZIs40UGBkSFy5fnjnDuV0y8l5ZfK8rCwVParvb2/ArB9gBC19fQn7sJhgkmd0c4EDR8D7D3Rt1iS2CxFd4UjTMRvTeO7Zc3lE4iNdy004OTuueWj0fQXWeX00OiPw3WflrYFRD7GtIFOPrZ2pJrweiqDC4fw65fGboFlSmO9Dz908LLV5yXIAJ7RPeHZFHhq/KvP8Fr9EQJzJgYp7MxTWzj+3Y6ak6xpeIdf3kjxi7o9q7690WrmjAWX0qovaKM4YQ/HFrPzZfDCP4eM907mLEXHNHbNW27h6ZLKTTmbR2gknWPQf3x55pn2+lABZny+4A/CH3Vp/crt5MFxgFnU7FxIqL2nMktHOEkSJPmFg8eMq2+wFlGAus4zfOTdpI4wgJQTJRMiRatBbgEvbX8qgI6klz6Vm8zzU+/AiVg/qY6ocFXbJxpGAeESR3LDVoKlfnwOwncbxEp97OQc+yu8Jc3c/Bk5BUnab4yCi9mCQjriOqXef9gB/iFi1B/x2jNG6C1ISUGMZd8xv27TJ2Wl/ZqS93Bn719aWKahOTJdMxOV1G1gXQV//6Gq0jlRa9WPBUbIlV1aIEPnH24Hmh9UU0bL4v9SRIAw7mOic+1jURzPO+U/OlmDlGy6/ZnOEtbN6f0UhkCU/sKrc6lFC5+T5vdYevoOeS178OfWppORLfwejHtnWo9Zdq/FAffTiKWdWeGZhN617dNNUhcgtMigBbbR6n7dxNbvdyTMUjC81FXR9hetYC8OoGMPcU4+94qZHO2le1Q5ayKJrrZcPOHY5wbAKEMR/Jyz1btsz4H5cpZEZ17KWL5qgElLI6VNYVAjG1ny38Efgn61x+OW8L4Z7PiGkoBI73U3bYfJb/cDI718dAI1v6r3bpeRYUJNg6JVCD1O3bXoDuBuH0tDeObQXruHuh4jzHF6IBEij5W9+zKfksWlPR1yZmoINcNXO zife2b5q d3VfJPClZk24s1Lx0P1QndkwmGIPbFiUV5EaQhIucqRxg8HLHzlwP7KMA+E3ydVVj7RXwt1trLBWGAi7rAxe0EeCxgTitabpZ4E2RSPAS4zD976sJ3pzUtqEyCgi7kZ/iDdo1NJZbrSxsIx0bdc3Ztnk50JWtfypP4o0V/5l8FujaBt+zh0MokeJHvJ1vYfB0E3SH85QTe98qGmr9CzfCkjQN3JnR4TMdzzbL0GjFlWFL4cI8NruV/uI0WSFliPYqVzdInMmtlAOvJq578ewHH4BV/HrUJVDdYsU0AM9Gto3KLHnM3GOQLtAVdjeCtkOAxqbQSHUFCuRENILizl/oBgX/BjTRMTI2h5u8mVj0camhP6J6I8WeINa/UExcQQ7yy+DkUPEMrVfbMhOeGJ/u0O3o5nLyj1anADEby1fjYGBfOh5wlxXqOJXTV01451s4rY9PTSE30Lo2nczwVmQbxzW2Co94ul5ZUOlPUN70yeVkZbS1hEI0o5q+xXI5YRJWAKbic3omOFu1T7MqNA2PmiafDkeBgTtWKVuBJ/aQOMSH08wEbobinDvjY8W9fkBPz4LagXaGmtw1MdkIKFhvn9nPEqYS1Y4ky+piEUCq73ahUeR76HhfSeMBTi/PnKgPHK1EhEExjqtCR7BgkHAmj6YsNeAplnpG0VXecQbLN6iI+IktT47nPqcvll8d0RLulI7p5iYI0F0fcN6rbU6Ag/HwxLBomik5URHSOq+M8XzeLMGSjy9IJMh61q/5kS1KTpwCHbs1GL/CzEz9qSj2kggq0i+cyuEUZ8X9wjImIrRH7g6zda6nKIihGZ64gxkwCsO0tSO52LwQnEjyx6c3xYZTYdK6UT1jcxZRZlQS9oUbEq21CQmHaj5Rr/wQYQON5ncQzqVoHfhHh9SWsNkatjqoEZxY7ttspeGpmwFZJulMgtSV4yduUtCTY+C3YhujS4BDLo+pvTVWb/hnxub3PaEgudov ebFhEth8 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 3/27/23 05:40, syzbot wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: 7c4a254d78f8 Add linux-next specific files for 20230323 Known issue already fixed in newer -next. > git tree: linux-next > console output: https://syzkaller.appspot.com/x/log.txt?x=15f70246c80000 > kernel config: https://syzkaller.appspot.com/x/.config?x=20fd034702e6edd2 > dashboard link: https://syzkaller.appspot.com/bug?extid=a2fd5af4a33891110a79 > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 > > Downloadable assets: > disk image: https://storage.googleapis.com/syzbot-assets/dc0bbbecd2a5/disk-7c4a254d.raw.xz > vmlinux: https://storage.googleapis.com/syzbot-assets/6b2c8c7cfd4b/vmlinux-7c4a254d.xz > kernel image: https://storage.googleapis.com/syzbot-assets/ae312a388585/bzImage-7c4a254d.xz > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > Reported-by: syzbot+a2fd5af4a33891110a79@syzkaller.appspotmail.com > > general protection fault, probably for non-canonical address 0xdffffc0000000018: 0000 [#1] PREEMPT SMP KASAN > KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] > CPU: 1 PID: 5080 Comm: syz-fuzzer Not tainted 6.3.0-rc3-next-20230323-syzkaller #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 > RIP: 0010:vma_merge+0x234/0x1fd0 mm/mmap.c:952 > Code: 08 00 0f 84 b0 03 00 00 e8 e9 54 bf ff 48 8b 44 24 08 48 8d b8 a8 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 18 00 00 48 8b 44 24 08 48 8b b0 a8 00 00 00 > RSP: 0018:ffffc90003d0f998 EFLAGS: 00010207 > RAX: dffffc0000000000 RBX: ffff88802974b800 RCX: 0000000000000000 > RDX: 0000000000000018 RSI: ffffffff81c37957 RDI: 00000000000000c7 > RBP: ffff888079aaa400 R08: 0000000000000006 R09: 0000000000000000 > R10: 000000c001ffffff R11: 0000000000000000 R12: 0000000000000001 > R13: 0000000000000000 R14: 000000c002000000 R15: 0000000000000000 > FS: 000000c000524890(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007fe510676000 CR3: 00000000249a5000 CR4: 00000000003506e0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > Call Trace: > > madvise_update_vma+0x23f/0xd40 mm/madvise.c:153 > madvise_vma_behavior+0x7f6/0x20e0 mm/madvise.c:1091 > madvise_walk_vmas+0x1c7/0x2b0 mm/madvise.c:1260 > do_madvise.part.0+0x193/0x470 mm/madvise.c:1439 > do_madvise mm/madvise.c:1452 [inline] > __do_sys_madvise mm/madvise.c:1452 [inline] > __se_sys_madvise mm/madvise.c:1450 [inline] > __x64_sys_madvise+0x117/0x150 mm/madvise.c:1450 > do_syscall_x64 arch/x86/entry/common.c:50 [inline] > do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 > entry_SYSCALL_64_after_hwframe+0x63/0xcd > RIP: 0033:0x46b557 > Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14 > RSP: 002b:000000c00022de60 EFLAGS: 00000206 ORIG_RAX: 000000000000001c > RAX: ffffffffffffffda RBX: 0000000000a12000 RCX: 000000000046b557 > RDX: 000000000000000e RSI: 0000000000800000 RDI: 000000c001c00000 > RBP: 000000c00022de88 R08: 0000000000000509 R09: 000000c001b6a000 > R10: 00000000000012bd R11: 0000000000000206 R12: 0000000000000509 > R13: 0000000000000003 R14: 000000c0003f1a00 R15: 00000000010e0700 > > Modules linked in: > ---[ end trace 0000000000000000 ]--- > RIP: 0010:vma_merge+0x234/0x1fd0 mm/mmap.c:952 > Code: 08 00 0f 84 b0 03 00 00 e8 e9 54 bf ff 48 8b 44 24 08 48 8d b8 a8 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 18 00 00 48 8b 44 24 08 48 8b b0 a8 00 00 00 > RSP: 0018:ffffc90003d0f998 EFLAGS: 00010207 > RAX: dffffc0000000000 RBX: ffff88802974b800 RCX: 0000000000000000 > RDX: 0000000000000018 RSI: ffffffff81c37957 RDI: 00000000000000c7 > RBP: ffff888079aaa400 R08: 0000000000000006 R09: 0000000000000000 > R10: 000000c001ffffff R11: 0000000000000000 R12: 0000000000000001 > R13: 0000000000000000 R14: 000000c002000000 R15: 0000000000000000 > FS: 000000c000524890(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 0000564702bbb078 CR3: 00000000249a5000 CR4: 00000000003506f0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > ---------------- > Code disassembly (best guess): > 0: 08 00 or %al,(%rax) > 2: 0f 84 b0 03 00 00 je 0x3b8 > 8: e8 e9 54 bf ff callq 0xffbf54f6 > d: 48 8b 44 24 08 mov 0x8(%rsp),%rax > 12: 48 8d b8 a8 00 00 00 lea 0xa8(%rax),%rdi > 19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax > 20: fc ff df > 23: 48 89 fa mov %rdi,%rdx > 26: 48 c1 ea 03 shr $0x3,%rdx > * 2a: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) <-- trapping instruction > 2e: 0f 85 4d 18 00 00 jne 0x1881 > 34: 48 8b 44 24 08 mov 0x8(%rsp),%rax > 39: 48 8b b0 a8 00 00 00 mov 0xa8(%rax),%rsi > > > --- > This report is generated by a bot. It may contain errors. > See https://goo.gl/tpsmEJ for more information about syzbot. > syzbot engineers can be reached at syzkaller@googlegroups.com. > > syzbot will keep track of this issue. See: > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. >