From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D35CE77197 for ; Mon, 6 Jan 2025 03:37:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 66EF66B0089; Sun, 5 Jan 2025 22:37:19 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 61F3F6B008A; Sun, 5 Jan 2025 22:37:19 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4E66A6B008C; Sun, 5 Jan 2025 22:37:19 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 30ADC6B0089 for ; Sun, 5 Jan 2025 22:37:19 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id B39C7161377 for ; Mon, 6 Jan 2025 03:37:18 +0000 (UTC) X-FDA: 82975616556.24.56190D7 Received: from out-186.mta1.migadu.com (out-186.mta1.migadu.com [95.215.58.186]) by imf07.hostedemail.com (Postfix) with ESMTP id C1F6F4000F for ; Mon, 6 Jan 2025 03:37:16 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=FhiZM9R2; spf=pass (imf07.hostedemail.com: domain of muchun.song@linux.dev designates 95.215.58.186 as permitted sender) smtp.mailfrom=muchun.song@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736134637; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=PQpBofpQnl0SC7Bi5dor0VL3rQqnVvyzbkJ0KQ2jWQ4=; b=OdUDjBJQAWL0SwijVUiv4s0BJIDvyxA/lAmeC+ZywGZXzoocu+C3c/21L+ZMX4jk/aSwEw lbk3kTvfWsIIaXOthsu15NF9TKiT8+eb128dcZvq/q25ork5ksVV8kwUZn61EMIC5xz6Bc mlDio2bp1mESevjOprcdvXn1oiKVMMI= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=FhiZM9R2; spf=pass (imf07.hostedemail.com: domain of muchun.song@linux.dev designates 95.215.58.186 as permitted sender) smtp.mailfrom=muchun.song@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736134637; a=rsa-sha256; cv=none; b=XHMAsdmsd7Uuzzz02TuQTjSBrBxbu41Ttk1FCSYB9nxYxrvsizG19h9BVv6TrOFF3vRRKV KhB9QrjYUXmUnmpvn/vOBLV/SQ6PaT0jRcimsHneXtSQOsmODcXHEsvyCFW70B82rxc5In u78tebaNhCV1l0ErwbROaEWyZeOU5Ps= Content-Type: text/plain; charset=us-ascii DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1736134634; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PQpBofpQnl0SC7Bi5dor0VL3rQqnVvyzbkJ0KQ2jWQ4=; b=FhiZM9R2YuM3C+GbYHcaAwXUTSYoOs7oD/vvjSR6/ms95MfNnvW4yH7dw0LQ2wnSYHA24L GmZxqwDN2ENIdADu77GDxBkmqeyXEU01KA4xO3ZHENJHErRnrB5MttWLTv2V+0s4r2b0jU GJ8r6dELPbWi6aPs/jf/pw/9d16JIgQ= Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.200.121\)) Subject: Re: [syzbot] [mm?] kernel BUG in alloc_hugetlb_folio_reserve X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Muchun Song In-Reply-To: <677928b5.050a0220.3b53b0.004d.GAE@google.com> Date: Mon, 6 Jan 2025 11:36:36 +0800 Cc: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com, syzbot Content-Transfer-Encoding: quoted-printable Message-Id: <61EACBD1-8619-4142-8F29-ED3E5A5DC56F@linux.dev> References: <677928b5.050a0220.3b53b0.004d.GAE@google.com> To: Steve Sistare X-Migadu-Flow: FLOW_OUT X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: C1F6F4000F X-Rspam-User: X-Stat-Signature: o9nmq66q5s4rbsxojzin9t9awmaqzrw7 X-HE-Tag: 1736134636-973644 X-HE-Meta: U2FsdGVkX18xcEVoQNSYlzK6387qpQSnlKKKBmYvO6uzF4GbCVUqzsn84UF2DZZqasie/lFz5mQKZC3/ik6IvhYhvL/d3isltOGmG7meCLd+GxOQN/paDeAe1HVAK9L8kFLFdAohPOy5guwvu7mjjAQ72XLh7G2NlOv3G0pefMrWM6h1YZx2XOJYvb448BwX07QzyWpikYH+b6IcsSs5Om7v7NG/UdvehAFUN8LZYP9QjfC2Sr8Y2bfjQndynG8DkiyQdi5+r5WxOjf8eLdbDulm1zZx2/k6GBWu3RoGoV6qsQBdQTduEyLdgTeaaBOgnqEXdRoeHNVj40qcNegyGSi63B5jjvPRf6fHXRbLy3bijk1y0VHKd32wo/wTkOKFh8KVQxwBAQpxWFLDPqvMLCOqPrFz8/pwXvzifmfRdaF0Q5ZQLT9swga64UeKafLGIiIrxikVWnfCn+gaILj9s3fhOglUWRIZQYdyt3EE8hjJ8T7DmZBwSKOrsZhdUnhdEBtDvykFhEdLO1Skc9UPaVXQ7awWMXyAsTWwxsfFp49CPoy0Y4Rzo6FQ8XVlW/NOYdGx9xuabMJd+3gBeCekqWX1X7BdZtxuu3iPHMB6e8lF9NwNCnQI/kZjK4Ev/VXLGdaWWAmKu76AHp88zQvQF2yu/Rsfnzfga6Wc/0PDPxtRIY1C8t+3bjFfXXMezSwhgIiHJwWO30QHDJfBoyqX2mBJKM2SmcmiJKS4/3umrDks394tKj5JeICpkfiP8J5Is/PB+GGkekeJleDCnR2UDXmRkLvVs8pq8V0Epl5TJe9RygRbr0FDGxSjMnGYBjl6DBHlpTm8TRrYfpAC/wuM/gzZE6PDiCgGNl01F4G+WNhcIOY+t/0kRB37j+kuTFFpW6UpBQrQcdsgOB01HXYHY6Bmb4yDIseTNjlRE6fdyiJF9OGqxyDHeSPZLFJmakUJx3UGy/MEC+h6TTfVgS/ evz+vT+P CJDbi8pwCAQYxYPbjDn7T2UgNbph5wHtGubUrkTeI3dvzH+5lHHeZko5o8sWylQEY3sWPrDg0vZ4/lJuxkqU+lBcy07gqB45yHUiIG0mBEcoKZYnOLyk0JdxzNRNGGrcj8o4yxRvHOJC+Tj96zaUR2Ga1J85x4sHgxC+TfX8U2rh67yFvxCwmtNZ1w/a8cYBc1Q7P2BfeWoXA9Ba49U+b1UvlTZr+t510ExNZwD+yGnY9HrDlFsQ0ZjGXZlcDM+qnzylSA5p54FPXR+xwaNztCjmO0eFlnFHbJhoMfKsmUl5Ypkpo/87HRsO3+kPB8kkVQqw4A8tGkeBAjG0OZFTb/sLeoblJEYn+LEHnxBkSvbUrx9kGGh9ER8ywTZgLdhPaq9MzmzJTVl1g3qjlQNobgADkq3pKu0YdvTLsQtj/+HSQb2x2XWqQLoKCVHc2OkYKz0qi341TFT4cyIQ1RoqVyYojQx1FcDBR2Q0mmikotZYArMHPJ7OtagN3HOXUqxJRJFPLA/zuNl58EvdkjE+tKKE2WmOkkBHBwW5qMCG0FfNJk2LBjB2jrGwVFPfqBDtxU5b0pq1iAWXdmD19LGjwZ2D5twCfmVTF2agq8rTrVjdwk1M4pZs+rQG9eLorFGixmriWmGjHnXGS4DvRVJ8hk71wHmNbeYQGz35WTMNLP5qAHT08DEnLIntJMgVcFGDKMk+1n92uRLIo7LVgIoIPO4pI20TZ4GySZGzR3PC3nmpZR0OwCWVzOgvbTlF13ndsjUnca24YNGDtucVCK6yGmox4VKsD7RggPhNJ7QbEF1opl02fib8G72mUQyechvlKZFdBd8hyt68V2k9E+/REp47LyOZ1Y6xLdRnc8aJ45TGdJDvOODt1i/CLPU+1nfUQQf3Xueb/Whg61e07yyytyyZINg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: > On Jan 4, 2025, at 20:25, syzbot = wrote: >=20 > Hello, >=20 > syzbot found the following issue on: >=20 > HEAD commit: 63676eefb7a0 Merge tag 'sched_ext-for-6.13-rc5-fixes' = of g.. > git tree: upstream > console output: = https://syzkaller.appspot.com/x/log.txt?x=3D15fb66f8580000 > kernel config: = https://syzkaller.appspot.com/x/.config?x=3D1c541fa8af5c9cc7 > dashboard link: = https://syzkaller.appspot.com/bug?extid=3Da504cb5bae4fe117ba94 > compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for = Debian) 2.40 >=20 > Unfortunately, I don't have any reproducer for this issue yet. >=20 > Downloadable assets: > disk image (non-bootable): = https://storage.googleapis.com/syzbot-assets/7feb34a89c2a/non_bootable_dis= k-63676eef.raw.xz > vmlinux: = https://storage.googleapis.com/syzbot-assets/599e1a07ba5c/vmlinux-63676eef= .xz > kernel image: = https://storage.googleapis.com/syzbot-assets/b52f3534bdbe/bzImage-63676eef= .xz >=20 > IMPORTANT: if you fix the issue, please add the following tag to the = commit: > Reported-by: syzbot+a504cb5bae4fe117ba94@syzkaller.appspotmail.com >=20 > ------------[ cut here ]------------ > kernel BUG at mm/hugetlb.c:2403! It is an assertion VM_BUG_ON(!h->resv_huge_pages) in = alloc_hugetlb_folio_reserve(). Cc Steve, the author of adding this assertion. Maybe you have some = thoughts on this. Muchun, Thanks. > Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI > CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted = 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 > Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS = 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 > RIP: 0010:alloc_hugetlb_folio_reserve+0xbc/0xc0 mm/hugetlb.c:2403 > Code: 1f eb 05 e8 56 18 a0 ff 48 c7 c7 40 56 61 8e e8 ba 21 cc 09 4c = 89 f0 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc e8 35 18 a0 ff 90 <0f> 0b = 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f > RSP: 0018:ffffc9000d3d77f8 EFLAGS: 00010087 > RAX: ffffffff81ff6beb RBX: 0000000000000000 RCX: 0000000000100000 > RDX: ffffc9000e51a000 RSI: 00000000000003ec RDI: 00000000000003ed > RBP: 1ffffffff34810d9 R08: ffffffff81ff6ba3 R09: 1ffffd4000093005 > R10: dffffc0000000000 R11: fffff94000093006 R12: dffffc0000000000 > R13: dffffc0000000000 R14: ffffea0000498000 R15: ffffffff9a4086c8 > FS: 00007f77ac12e6c0(0000) GS:ffff88801fc00000(0000) = knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007f77ab54b170 CR3: 0000000040b70000 CR4: 0000000000352ef0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > Call Trace: > > memfd_alloc_folio+0x1bd/0x370 mm/memfd.c:88 > memfd_pin_folios+0xf10/0x1570 mm/gup.c:3750 > udmabuf_pin_folios drivers/dma-buf/udmabuf.c:346 [inline] > udmabuf_create+0x70e/0x10c0 drivers/dma-buf/udmabuf.c:443 > udmabuf_ioctl_create drivers/dma-buf/udmabuf.c:495 [inline] > udmabuf_ioctl+0x301/0x4e0 drivers/dma-buf/udmabuf.c:526 > vfs_ioctl fs/ioctl.c:51 [inline] > __do_sys_ioctl fs/ioctl.c:906 [inline] > __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892 > do_syscall_x64 arch/x86/entry/common.c:52 [inline] > do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 > entry_SYSCALL_64_after_hwframe+0x77/0x7f > RIP: 0033:0x7f77ab385d29 > Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 = 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d = 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 > RSP: 002b:00007f77ac12e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 > RAX: ffffffffffffffda RBX: 00007f77ab575fa0 RCX: 00007f77ab385d29 > RDX: 0000000020000040 RSI: 0000000040187542 RDI: 0000000000000006 > RBP: 00007f77ab401b08 R08: 0000000000000000 R09: 0000000000000000 > R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 > R13: 0000000000000000 R14: 00007f77ab575fa0 R15: 00007fff748b7238 > > Modules linked in: > ---[ end trace 0000000000000000 ]--- > RIP: 0010:alloc_hugetlb_folio_reserve+0xbc/0xc0 mm/hugetlb.c:2403 > Code: 1f eb 05 e8 56 18 a0 ff 48 c7 c7 40 56 61 8e e8 ba 21 cc 09 4c = 89 f0 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc e8 35 18 a0 ff 90 <0f> 0b = 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f > RSP: 0018:ffffc9000d3d77f8 EFLAGS: 00010087 > RAX: ffffffff81ff6beb RBX: 0000000000000000 RCX: 0000000000100000 > RDX: ffffc9000e51a000 RSI: 00000000000003ec RDI: 00000000000003ed > RBP: 1ffffffff34810d9 R08: ffffffff81ff6ba3 R09: 1ffffd4000093005 > R10: dffffc0000000000 R11: fffff94000093006 R12: dffffc0000000000 > R13: dffffc0000000000 R14: ffffea0000498000 R15: ffffffff9a4086c8 > FS: 00007f77ac12e6c0(0000) GS:ffff88801fc00000(0000) = knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007f77ab54b170 CR3: 0000000040b70000 CR4: 0000000000352ef0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 >=20 >=20 > --- > This report is generated by a bot. It may contain errors. > See https://goo.gl/tpsmEJ for more information about syzbot. > syzbot engineers can be reached at syzkaller@googlegroups.com. >=20 > syzbot will keep track of this issue. See: > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. >=20 > If the report is already addressed, let syzbot know by replying with: > #syz fix: exact-commit-title >=20 > If you want to overwrite report's subsystems, reply with: > #syz set subsystems: new-subsystem > (See the list of subsystem names on the web dashboard) >=20 > If the report is a duplicate of another one, reply with: > #syz dup: exact-subject-of-another-report >=20 > If you want to undo deduplication, reply with: > #syz undup