From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 81F21CDB483
	for <linux-mm@archiver.kernel.org>; Tue, 17 Oct 2023 14:15:32 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id CE9A48D0112; Tue, 17 Oct 2023 10:15:31 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id C72D18D000C; Tue, 17 Oct 2023 10:15:31 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id B127B8D0112; Tue, 17 Oct 2023 10:15:31 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 97EE88D000C
	for <linux-mm@kvack.org>; Tue, 17 Oct 2023 10:15:31 -0400 (EDT)
Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay09.hostedemail.com (Postfix) with ESMTP id 49FCE80D2D
	for <linux-mm@kvack.org>; Tue, 17 Oct 2023 14:15:31 +0000 (UTC)
X-FDA: 81355151262.08.07A1A2F
Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com [209.85.208.176])
	by imf03.hostedemail.com (Postfix) with ESMTP id F3FC420038
	for <linux-mm@kvack.org>; Tue, 17 Oct 2023 14:15:28 +0000 (UTC)
Authentication-Results: imf03.hostedemail.com;
	dkim=pass header.d=linaro.org header.s=google header.b=QsCKp6V1;
	dmarc=pass (policy=none) header.from=linaro.org;
	spf=pass (imf03.hostedemail.com: domain of dan.carpenter@linaro.org designates 209.85.208.176 as permitted sender) smtp.mailfrom=dan.carpenter@linaro.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1697552129;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=lj+rrdViRJjUfQuPmcCus9x1Xjw7sD9CZl2Q7GMS/eI=;
	b=bPm0bFUADEdfYxiqFyFxsnGH/E8XtBjDMkJlwVmKxlccycsWINSaB2hX1DJAutbruUCLKX
	Gw2KAh2wey6rqx5wSt1UX1k8wxOaLtzPpwud7OQxyYFm+g27j9tf8gme7ysSu4o9xYlWlO
	qNif9Suz1c5nSspInYoCT/IMmpWV6+E=
ARC-Authentication-Results: i=1;
	imf03.hostedemail.com;
	dkim=pass header.d=linaro.org header.s=google header.b=QsCKp6V1;
	dmarc=pass (policy=none) header.from=linaro.org;
	spf=pass (imf03.hostedemail.com: domain of dan.carpenter@linaro.org designates 209.85.208.176 as permitted sender) smtp.mailfrom=dan.carpenter@linaro.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1697552129; a=rsa-sha256;
	cv=none;
	b=zfCrARGK0wxqAZj3Klho4z32aP0t6cdrZm91GXH5IZBY8HV6CFiM7T4Sse/zHezvKaWRaP
	h++7T29kCTY+p0PJRffH7R/pxeza4Gdm01zSO8mCQ2U8lSju0iXRVldXZPsutzGsjq1xmz
	4ZpF0ADhbU/xISwXVB2SlVh5/X6XJGk=
Received: by mail-lj1-f176.google.com with SMTP id 38308e7fff4ca-2c51388ccebso40787921fa.3
        for <linux-mm@kvack.org>; Tue, 17 Oct 2023 07:15:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1697552127; x=1698156927; darn=kvack.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=lj+rrdViRJjUfQuPmcCus9x1Xjw7sD9CZl2Q7GMS/eI=;
        b=QsCKp6V1E4bZbUiyh7WEpQALx1linOvX+TkKBObFYdWElUayFtmWtiBhl1K+5JnFQ8
         XzrgEjcFUtlTB4Dc4L0bOT2dkeH0ZtX7dyrxKTVLr9fK5cOTfOTDzBeNRxuH5TwQuuMX
         E8u5MilHP9OHcucJiD/48OLKeWOQTi+NLZNJmRQEp0gUyqhhkCCNuK5WxD/GSZyxUHm7
         Bua7TyhT5+tRrbG86qKRD7tWcSvqNYxVzHjvGc8DZN2Ziacus6sgII5jBtFR5m9j2Mco
         uayElLE+DfmPGEaJQru8dPJxZSsiNPIeTDffflCUdk2i54AWbO2sBCpM6Cy1puP7yDMf
         bW/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1697552127; x=1698156927;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=lj+rrdViRJjUfQuPmcCus9x1Xjw7sD9CZl2Q7GMS/eI=;
        b=nKN6Mc4vQR/bnzSUvi/aLntsETBp2Gh2kt+BE7Qpyh93KUs3h8g015IGPk9hN8qd3p
         104FtAfR6110AGudUk65evCHEXMwxOYCVmhFVOg6GsTLDf7SJSM5FMiZDZ0gsXhsJLGa
         YJTLtt7rO6TRZOIHoC78XNrEkVzC8qSeL+e7TnbYgkXGWUMOS6s+aZ9Y7cLhp8zLFzsY
         xBvSiw8ni7dH7or/Als5NCmtT0Y5irr4ea0rRUjmA6jjhox22kJ6TrOObpb3gkdle8GZ
         8kc0O1j+1mcA4XrJ9eYbrX6WLKR9Lw6pDmAIhMayQ5jG+ArCw0cXKV4HNLD3vLJNpMFX
         7jCQ==
X-Gm-Message-State: AOJu0YyOga8381DThSDd+OoRa0s65pYzYM0xhUfyEhdaE4NFAEUHf3oW
	G8fpfWSk4mu6nTZSLAvorEiWCg==
X-Google-Smtp-Source: AGHT+IG/Qb1WyUSRcFMsKcYP3r/QECH5ek8lUiosc3//YaTTJ96KN/DrbAJfDnOLJb/QQW2gvAMJhQ==
X-Received: by 2002:a05:651c:145:b0:2c5:2191:3f35 with SMTP id c5-20020a05651c014500b002c521913f35mr1879222ljd.2.1697552127096;
        Tue, 17 Oct 2023 07:15:27 -0700 (PDT)
Received: from localhost ([102.36.222.112])
        by smtp.gmail.com with ESMTPSA id o19-20020a05600c4fd300b004060f0a0fd5sm1663409wmq.13.2023.10.17.07.15.26
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 17 Oct 2023 07:15:26 -0700 (PDT)
Date: Tue, 17 Oct 2023 17:15:23 +0300
From: Dan Carpenter <dan.carpenter@linaro.org>
To: Lorenzo Stoakes <lstoakes@gmail.com>
Cc: Naresh Kamboju <naresh.kamboju@linaro.org>,
	open list <linux-kernel@vger.kernel.org>,
	linux-mm <linux-mm@kvack.org>, lkft-triage@lists.linaro.org,
	"Reviewed-by: Jan Kara" <jack@suse.cz>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Andy Lutomirski <luto@kernel.org>,
	Christian Brauner <brauner@kernel.org>,
	Hugh Dickins <hughd@google.com>, willy@infradead.org,
	Mike Kravetz <mike.kravetz@oracle.com>,
	Muchun Song <muchun.song@linux.dev>,
	Andrew Morton <akpm@linux-foundation.org>,
	Arnd Bergmann <arnd@arndb.de>
Subject: Re: mm: Unable to handle kernel NULL pointer dereference at virtual
 address - mmap_region (include/linux/fs.h:580 mm/mmap.c:2946)
Message-ID: <3d007161-f0d8-43cf-a0c4-5d62cd38da07@kadam.mountain>
References: <CA+G9fYtL7wK-dE-Tnz4t-GWmQb50EPYa=TWGjpgYU2Z=oeAO_w@mail.gmail.com>
 <48534660-d5f7-45b2-8f99-19c8fb3e51c8@lucifer.local>
 <49bf8caa-e72e-406f-88d6-6d28aded078a@lucifer.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <49bf8caa-e72e-406f-88d6-6d28aded078a@lucifer.local>
X-Rspam-User: 
X-Rspamd-Server: rspam12
X-Rspamd-Queue-Id: F3FC420038
X-Stat-Signature: 6tpeiiy8u9ph5yehzaejfp8myxdss37x
X-HE-Tag: 1697552128-877432
X-HE-Meta: U2FsdGVkX1/gvTMdpOFIyyHTbghJ6o8GUSf5NwwOXumDELx/ONt9zFkdm/+FyNOyj1xAlW/2ox49+rRgOfPrQxiRK8+y0cwk8hDpImfr1P76rv3dyib8INxzbx2aXpY8muqyuAurGxGImVieC1MI+G/s+/0ITqpMcFSv1kZ0wmXlrVSi2GB6zfz9Tz1/NAO4q2Yjykfu8wvlB6MFUWnoTZxETolk4rk5FkOR3KsyfgKYP9asBWHovz7Fl0LOCzX3awJDyCTxLyNhb5ul4MyAlC/+NLw20Hg5zdS8QjqIMlBo6bFHRMp38/F8P8cI/KsjzIa5sc849XuApSJtpphkj71+u4cAWt+PQIrbfEiVzgGQu2CFPgXsRauucEVrbOPu1+ax306SXkbg/nPLMRsKISZfUI6Se5LohqO8iCbluk4hyECKM1rAIU07Deu+qqDbb2OIjB4YtSRvNoZo9qjmSAT/XbHaN3UG3E0DgukBfm8V0FmB2Pk9I+F6Lyc4alp7a6YkYzCNEQMsV3+ekPgbGqKnv93dvjSsS9QVVIr/oloe20FWY8KJ2hw6eDyjEFVUPMX3RfWxtYEa6ff8wm0pOYHAJIjwu/1vQvLOIkvMi5qGc+SVArGLsR4/jbVEJn0bwX7CeK+I+gs1CsEa0aXTVc5YnjKrNARuuhuJl3tOAawZ+eH6KdACnNNptqp1oFA2YO3K08ZtC64Nxz+XyGWPiAXfisQobyExCOw1befYY0u5snHDZO+Fqzer6ah5VuQ1JYmfzRtC4VELT6ffqDg+AKjZbupAZZINDZIz5tZ9F0us1BczeRUr8+adUq7H8zJR+h3vgFWKfonQiYy32qc/oaT8KwnqXwBppLKj+FAoMmT3qQSvsB9NTv7Fyq5tsD51UV80LlQ4b7UXKFYIXXegpQFbWa+uLFASokQK2D+JEiiXmsiqIzg0vBjNSz7dZJ0bveCsY7irBmBE265DIas
 r+tMKbU5
 HzuQ3NpO7axjqvphz/QlJ3LueK3tJ7Kehn+zD8ai6UTI+AiY0QJmWvRYVEw1uFxOPgGi7IcrdgzsM/aLF4vs8ySin5sY/7h2Z3MPyajZdLK5g7Xx3PiDicShbkn2sAP5Z2jyt06/kN+qOZ+njhSHR5aV5Uy19lvhSnskyhiMloQ9+JfF7cVOVUO1dA8jcseijDnHZ1eLN3TSVs9+Sn5JbILOZW/mSUopNwW6ppSyHtyoxsGYq228+TbNT92xX9qYFrQ7ezVukd+18GdeGQ0rBzpxRpofYEVOxaR3xNOgxk9hYC8aslCqqD86Ym/IUhq6lbOITL+507kPV1tUpq/ZspQ4s59f6GsccRHFx2vcGF62vjAPtbiQEwHYKnIVfYKVIVnh2/x3D03UKVKde5c4kEWm/wk7409Z28SbR77Xb0aTbGpVBvpMWj5uoRdiWyMqSFl9ZfJPcxc9pnQh4qXnMgi2zAI4X9NCgqCXj
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Oct 16, 2023 at 05:32:00PM +0100, Lorenzo Stoakes wrote:
> On Mon, Oct 16, 2023 at 12:05:37PM +0100, Lorenzo Stoakes wrote:
> > On Mon, Oct 16, 2023 at 03:52:07PM +0530, Naresh Kamboju wrote:
> > > Following kernel crash noticed while running LTP hugetlb and selftests on
> > > qemu-x86_64 and qemu-arm64 running with Linux next 6.6.0-rc6-next-20231016.
> > >
> > > Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
> > > Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
> > >
> > > Test Logs:
> > > -----
> >
> > [snip]
> >
> > > <4>[   97.499871] Call trace:
> > > <4>[ 97.500288] mmap_region (include/linux/fs.h:580 mm/mmap.c:2946)
> >
> > OK this is from a patch of mine, and an easy fix (incorrect assumption about
> > vm->vm_file == file).
> >
> > I will put a fix forward tonight.
> >
> > > <4>[ 97.500814] do_mmap (mm/mmap.c:1379)
> > > <4>[ 97.501243] vm_mmap_pgoff (mm/util.c:546)
> > > <4>[ 97.501711] ksys_mmap_pgoff (mm/mmap.c:1425)
> > > <4>[ 97.502166] __arm64_sys_mmap (arch/arm64/kernel/sys.c:21)
> > > <4>[ 97.502634] invoke_syscall (arch/arm64/include/asm/current.h:19
> > > arch/arm64/kernel/syscall.c:56)
> > > <4>[ 97.503175] el0_svc_common.constprop.0
> > > (include/linux/thread_info.h:127 (discriminator 2)
> > > arch/arm64/kernel/syscall.c:144 (discriminator 2))
> > > <4>[ 97.503763] do_el0_svc (arch/arm64/kernel/syscall.c:156)
> > > <4>[ 97.504191] el0_svc (arch/arm64/include/asm/daifflags.h:28
> > > arch/arm64/kernel/entry-common.c:133
> > > arch/arm64/kernel/entry-common.c:144
> > > arch/arm64/kernel/entry-common.c:679)
> >
> > [snip]
> 
> Have cc-d people in this thread on it, but for the record, -fix patch is at
> https://lore.kernel.org/all/c9eb4cc6-7db4-4c2b-838d-43a0b319a4f0@lucifer.local/

Smatch also caught this bug.  Your patch silences the warning.

mm/mmap.c:2946 mmap_region() error: we previously assumed 'file' could be null (see line 2849)

It's amazing that Naresh was able to hit this after it had only been in
linux-next for less than a day.

regards,
dan carpenter