From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D00E2C5AD49 for ; Mon, 26 May 2025 09:46:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 550EE6B008A; Mon, 26 May 2025 05:46:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 528916B008C; Mon, 26 May 2025 05:46:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 465B66B0093; Mon, 26 May 2025 05:46:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 225876B008A for ; Mon, 26 May 2025 05:46:32 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id C928BE743B for ; Mon, 26 May 2025 09:46:31 +0000 (UTC) X-FDA: 83484578982.05.08634CD Received: from mail-io1-f77.google.com (mail-io1-f77.google.com [209.85.166.77]) by imf24.hostedemail.com (Postfix) with ESMTP id 20F82180003 for ; Mon, 26 May 2025 09:46:29 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=none; spf=pass (imf24.hostedemail.com: domain of 3dTg0aAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.77 as permitted sender) smtp.mailfrom=3dTg0aAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1748252790; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=J2IyipFEPL0z+ERgd2x0s09sX2Hk/O2ukCWICkgOitA=; b=gWqPq1o8P9Ess30dcLZ7v9lyIoXiWbFlQyjxRzcTsXL7CeG9+i3+SBNXQYp+ccNyTzo8Xo O6GQVtgdROV/l4Tpg9mOsL+/GXm/kKkPNad494W7PaTKDY/XxrjwMxV0jj8PtUu2eKFIln 9XqsE3jd2HasS17GP6rvCtqlHqS8/zk= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=none; spf=pass (imf24.hostedemail.com: domain of 3dTg0aAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.77 as permitted sender) smtp.mailfrom=3dTg0aAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1748252790; a=rsa-sha256; cv=none; b=X7SISOCxQI+NortwMk8xq7aeQuHmHqKzx5tkgLn+lA0UUqq00YoJyR6QBJncCzpnfMnjOK jsSetC0v7zaKa897zCntd3NWc7QwyhpY+zWc/MOamhgriz2AKgXPByIp/qsymOwjQ9UaTC uywq0r80dyd1onBeeR9X9VfNKZMS864= Received: by mail-io1-f77.google.com with SMTP id ca18e2360f4ac-86186c58c41so179273139f.1 for ; Mon, 26 May 2025 02:46:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748252789; x=1748857589; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=J2IyipFEPL0z+ERgd2x0s09sX2Hk/O2ukCWICkgOitA=; b=XEpOWOGTlyjauH3sFMKYA/x3DbhoCtvrp1effVJr5Jb/FKCD3MGbVP464lhmxE8q48 0b9CCHBTfeqeF0L0wkk5Gtpvain2khViOYsIakgPXXMANQSW10YNTNAzP8Q1N93pTqjH IHLUDmOF9jlTCe6FX3QsXM2yr4GeI/gaCRVDJv+C0xM+am8h+sZDDsXthlIk3y28u3Vl H0XfackxEIb0HItQ25fTDJ2flp7q6LRdeDiFXL+xHpOYBMmoq85YmM3/80w2pwkaGH3m dge/mu05dcftqkFwPpLiUVlFQXnTcH3AScbrSIQyyztkwOMwqqpJ08YtzvUsP+uhqNRs 4K0Q== X-Forwarded-Encrypted: i=1; AJvYcCWA/29YbesfuEimtNJLc4q+s4WCsJHMURIzeqBOYhp6YZVaYhiItlSbV5LDUpjgN+TnUpOhhLO/iA==@kvack.org X-Gm-Message-State: AOJu0YyVDta+av1Dl3c2XYzcWusp0iyC0tTaRvc8CaEIbTuS8Ywkl/Vc nnlAjKhvxFqCDTSA2xuOZ0hv3XRVWv2PFPMiChC147caXeAi/dsuKyFWmk+Fc2rX1XZkOpFM73U X5WuRLsCy7mZp4uE+GXbBofv2DCD3FH52EIM0dRAuzgCfE1Q2I5Q2/Xx5zIM= X-Google-Smtp-Source: AGHT+IEWtqtlLOiYjqHDijhvnwX2CIDvFHmSWYb7uykY6s36bXcQLq/BxnEd1D+KAyBGKj8GcN7M8vMJiNehQp5OU2FAZWtAxSbF MIME-Version: 1.0 X-Received: by 2002:a05:6602:4896:b0:864:a2e4:5fff with SMTP id ca18e2360f4ac-86cbb7eca3fmr978312639f.4.1748252789167; Mon, 26 May 2025 02:46:29 -0700 (PDT) Date: Mon, 26 May 2025 02:46:29 -0700 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <68343875.a70a0220.253bc2.0094.GAE@google.com> Subject: [syzbot] [mm?] WARNING in folio_add_file_rmap_ptes From: syzbot To: Liam.Howlett@oracle.com, akpm@linux-foundation.org, david@redhat.com, harry.yoo@oracle.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, lorenzo.stoakes@oracle.com, riel@surriel.com, syzkaller-bugs@googlegroups.com, vbabka@suse.cz Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Stat-Signature: x3u8qgnhoukhabs51pj3abnkxcyakj9a X-Rspamd-Queue-Id: 20F82180003 X-Rspamd-Server: rspam11 X-HE-Tag: 1748252789-87040 X-HE-Meta: U2FsdGVkX18tcMDMcxnYmsoFnVptxb+A0bbnbD8JlL48H8AtbQBUizvNIJGfuusNjApccyHPUONMQw1OCP3TW4pzGfwiM9nwUvHvNlTdQr37RcPKRvv0SAH4QBtLQPJi5URFBxWKzGdKv7jBWrJse9bGFw4xGEjHMkZgH+BXUU9lVufwV+6ajUAcRmj7ZAkYh3A7z2Q1bxoOnEboTidKf+Kk3ampQU87kv6YzZG6Fknc3ThmgoFSytqV7rfXxHzoFabA/4l/aYNp5wLTQL263HSsAzeV1zaJaf36j3khDVdJ/W7QUspXupumpFOaEgLLCm7OJ4U6Jh7ddATUGMVcy7dvuYugNxDNGRAKBCB26usPrcvOkNL4JBlWbfZQ8fwfhYZiIMuDUEREU/3OCFRw8xq9Fbvs2tXTfgbiBCkPTYmBJtIUhYr0lGCsq6ckZOFJVlFBGc9AsgQo7dJ7e3Fq+dIN8v2g7TVnMV9F1FvTgH/F5BezDqffALVznIovf61xdXufUQg335DOz27V2BhooRWC7u+VZlO0IbIt498mIWmHmFqWGaG6CpXmA96KmjcbF0qMBsnZu3cvPYnLbGfuLNUZ1Z79z4QN93JBgi4HQxG6FY8jk5RHWPqzm0AwLFEyTr75epjL/QwT8ATs3YnNUvUujXN2mR75R9M7KBSkfyN2jS3OvA1OJ9nOlkqX+eGfCQQFAceEaZyo0oL/clNT3JqlP+htEwSJo+kobAOhpxIbTIOSOczVpZvNnkqO2BJCsoOse8tKm3Iqzv4a7Q2pOOxHicl7dws6UFczLYhL2zkkUqE/5+56BuAHIXjpzRiQBF1ioL1ZBxUKYMYIIlizyeBO/M4Rp5OPfAeaFQJdvoPpCA8GeraEHkkBZE9E6Bf7K0vBTKkt7I5oMcR1CebNJZVVV/X5mDyWaXwbK00yVmGqtDjhZpPfCZx7EIpg9YNXOx2j+0b2Yw/8/RXlIU4 JTo6bhsC NjVCfoEvNOj24ZaV9Py5/xp79KKwLabSodoCy7VIzI4CVaW/IbPe7zFBnKzbMp9ju2XLRoYz0ZrMjqdh1tWDBu95DVuUoE4SOX+HrhJmtV4CxmDZJE7pq+tRM9Tu6AJZLcwKMRt46YW37LS3fSQmQCB0gkcuxcuu2OycJF9k79UyRCapB6M+KPb6lATEm5yxxlMhjq7VhQOf04xVrWTMzEQWhYuICcQ/sEcaPkUadUPY3wFM6q7f3nLGnLxP4kR9VQW8uPwfVfqUi+3qW0OcZIqI+dMY0pOVZKPDakDOSuEUD1WkiAN4pT0U6HBkb+fmGv7EQKl4X1dxx4dWi30SeQmHnISvGIH0NivaYNDqz1t8Ije1eEAvVOA0v/TnzAP0MyPY0SeTXQ4Y90ZvlkS826arhK8JTtZDPnxpO6HzKFMkNxcJ2R26D8oPydgFtQYxxsmfCVGHKG+/IYP74IWeLZ52NH3S1pC9IxyCN92nV0rF9WzvcAleN+k3nxUVcSn2FOsvRS7bN49pixIKS5fXRulz+Bapfyg4oOfS8Bcc4UGNudCyNtuiDhMZfkR3+HAUEZaJPnS1IzgcWcjTC/50Tynwm9cb0lz4r50bsyQlsZoMLrF6RH2RQynTASRcXIntUz8BfHYsljkgtByUonWggjz+cTRZ1+jZwI7FIW8vN8TYkmUtLsDhANJAXNWSe3hptw36a+UR9SJ3nLxpW3ZUIwxNnghv0z34xu/0NnuUpzD8ENUEdBq1nJE0/3FHwiuTR4esK6PAmSpLK4Us+sKyQPdcKhr0cJmt7WrQYTxOjknjF/lj/QTNH+aEgZ5TTve4w5Wc5nWJMTk+Pv9+XXt0HZoCprLDM8iU2DUCRTnvH3E26LADwW0sbKno+/o0s1pXt5jjK6FGRHYtnKU2A8TNIwhCWlxGhXViiJkajPk72c4Fp1/KyHq00qev0S1MHDNy4ghnUhZkUef9ClBAKKMM9RucE+nKh kVl4yPh+ mfaThJH/mi7rUqsuBgb/knOVFho04c18+m/2NFYrwMn5Vu+Rz6XBIrcGLgudrmOdGLR/8roSFW5JXiBrZbfQ3o2OMOH1QV1BJ/BI3DW4ih5tLNSEFnYws7Uc6zl/a1cQp0ErG+LcUxb4kcTe/BhryTWakH+hhOAtqSDjFqVZXeSXGWmoLqDGDFCTByg4q0SPMwWgv6rw0ADjMWTjFWikmi30hslMFZA/6TwfMe3xIrf/f3FNdMw8kxoR3HbO5K1fCwJV7bgfqPbIwc9qiKc1C9E9MPB7ZuEG0N8BRzwtfi7QZ6TuSC/UQflEc7w/Syo1+DFeMQAdKYgizpUjvDapXo4l8lEZMm+VCO390NvUHMhtjcUWntFmV+fNI88rfH8QVFnSltgc2Y7DJvY41/gPrbAfaTTN6/aoR2ApoG2KJUqfmNElh1c9+w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hello, syzbot found the following issue on: HEAD commit: 187899f4124a Merge branch 'for-next/core' into for-kernelci git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci console output: https://syzkaller.appspot.com/x/log.txt?x=12f7f9f4580000 kernel config: https://syzkaller.appspot.com/x/.config?x=89c13de706fbf07a dashboard link: https://syzkaller.appspot.com/bug?extid=18bba5153739c29b88c5 compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 userspace arch: arm64 Unfortunately, I don't have any reproducer for this issue yet. Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/ab8c5d5c6c34/disk-187899f4.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/d67a1d9c9f04/vmlinux-187899f4.xz kernel image: https://storage.googleapis.com/syzbot-assets/074a891b2686/Image-187899f4.gz.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+18bba5153739c29b88c5@syzkaller.appspotmail.com page dumped because: VM_WARN_ON_FOLIO((_Generic((page), const struct page *: (const struct folio *)_compound_head(page), struct page *: (struct folio *)_compound_head(page))) != folio) ------------[ cut here ]------------ WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:426 __folio_rmap_sanity_checks include/linux/rmap.h:426 [inline] WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:426 __folio_add_rmap mm/rmap.c:1252 [inline] WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:426 __folio_add_file_rmap mm/rmap.c:1620 [inline] WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:426 folio_add_file_rmap_ptes+0x864/0xa80 mm/rmap.c:1642 Modules linked in: CPU: 1 UID: 0 PID: 10255 Comm: syz.0.668 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __folio_rmap_sanity_checks include/linux/rmap.h:426 [inline] pc : __folio_add_rmap mm/rmap.c:1252 [inline] pc : __folio_add_file_rmap mm/rmap.c:1620 [inline] pc : folio_add_file_rmap_ptes+0x864/0xa80 mm/rmap.c:1642 lr : __folio_rmap_sanity_checks include/linux/rmap.h:426 [inline] lr : __folio_add_rmap mm/rmap.c:1252 [inline] lr : __folio_add_file_rmap mm/rmap.c:1620 [inline] lr : folio_add_file_rmap_ptes+0x864/0xa80 mm/rmap.c:1642 sp : ffff80009ea777f0 x29: ffff80009ea77830 x28: ffff0000d89a43c0 x27: 0000000020010000 x26: 002000013aaf4bc3 x25: 00000000000001f0 x24: fffffdffc3eaba30 x23: fffffdffc3eabd00 x22: dfff800000000000 x21: 000000000020b68f x20: fffffdffc3eabd48 x19: fffffdffc3eaba00 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008ad27e48 x15: ffff700011e740c0 x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff x11: 0000000000080000 x10: 000000000000b6d5 x9 : c4bcfe0a46a0cd00 x8 : c4bcfe0a46a0cd00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80009ea76ef8 x4 : ffff80008f415ba0 x3 : ffff800080548ef0 x2 : 0000000000000000 x1 : 0000000000000001 x0 : 00000000000000b8 Call trace: __folio_rmap_sanity_checks include/linux/rmap.h:426 [inline] (P) __folio_add_rmap mm/rmap.c:1252 [inline] (P) __folio_add_file_rmap mm/rmap.c:1620 [inline] (P) folio_add_file_rmap_ptes+0x864/0xa80 mm/rmap.c:1642 (P) set_pte_range+0x28c/0x434 mm/memory.c:5256 filemap_map_folio_range mm/filemap.c:3631 [inline] filemap_map_pages+0xb50/0x1558 mm/filemap.c:3740 do_fault_around mm/memory.c:5476 [inline] do_read_fault mm/memory.c:5509 [inline] do_fault mm/memory.c:5652 [inline] do_pte_missing mm/memory.c:4160 [inline] handle_pte_fault mm/memory.c:5997 [inline] __handle_mm_fault mm/memory.c:6140 [inline] handle_mm_fault+0x2b84/0x4d18 mm/memory.c:6309 do_page_fault+0x428/0x1554 arch/arm64/mm/fault.c:647 do_translation_fault+0xc4/0x114 arch/arm64/mm/fault.c:783 do_mem_abort+0x70/0x194 arch/arm64/mm/fault.c:919 el0_da+0x64/0x160 arch/arm64/kernel/entry-common.c:627 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:789 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 292 hardirqs last enabled at (291): [] __up_console_sem kernel/printk/printk.c:344 [inline] hardirqs last enabled at (291): [] __console_unlock+0x70/0xc4 kernel/printk/printk.c:2885 hardirqs last disabled at (292): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511 softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- page: refcount:10 mapcount:1 mapping:00000000dc26ff10 index:0x4 pfn:0x13aae8 head: order:2 mapcount:4 entire_mapcount:0 nr_pages_mapped:4 pincount:0 memcg:ffff0000d4838000 aops:bch_address_space_operations ino:1002 dentry name(?):"file1" flags: 0x5ffc0000000516d(locked|referenced|uptodate|lru|active|arch_1|private|head|node=0|zone=2|lastcpupid=0x7ff) raw: 05ffc0000000516d fffffdffc3e1bf08 fffffdffc3d17508 ffff0000f1fd18e8 raw: 0000000000000004 ffff0000d4c1f300 0000000a00000000 ffff0000d4838000 head: 05ffc0000000516d fffffdffc3e1bf08 fffffdffc3d17508 ffff0000f1fd18e8 head: 0000000000000004 ffff0000d4c1f300 0000000a00000000 ffff0000d4838000 head: 05ffc00000000202 fffffdffc3eaba01 0000000400000003 00000000ffffffff head: ffffffff00000003 000000000000003d 0000000000000000 0000000000000004 page dumped because: VM_WARN_ON_FOLIO((_Generic((page + nr_pages - 1), const struct page *: (const struct folio *)_compound_head(page + nr_pages - 1), struct page *: (struct folio *)_compound_head(page + nr_pages - 1))) != folio) ------------[ cut here ]------------ WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:427 __folio_rmap_sanity_checks include/linux/rmap.h:427 [inline] WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:427 __folio_add_rmap mm/rmap.c:1252 [inline] WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:427 __folio_add_file_rmap mm/rmap.c:1620 [inline] WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:427 folio_add_file_rmap_ptes+0x890/0xa80 mm/rmap.c:1642 Modules linked in: CPU: 1 UID: 0 PID: 10255 Comm: syz.0.668 Tainted: G W 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __folio_rmap_sanity_checks include/linux/rmap.h:427 [inline] pc : __folio_add_rmap mm/rmap.c:1252 [inline] pc : __folio_add_file_rmap mm/rmap.c:1620 [inline] pc : folio_add_file_rmap_ptes+0x890/0xa80 mm/rmap.c:1642 lr : __folio_rmap_sanity_checks include/linux/rmap.h:427 [inline] lr : __folio_add_rmap mm/rmap.c:1252 [inline] lr : __folio_add_file_rmap mm/rmap.c:1620 [inline] lr : folio_add_file_rmap_ptes+0x890/0xa80 mm/rmap.c:1642 sp : ffff80009ea777f0 x29: ffff80009ea77830 x28: ffff0000d89a43c0 x27: 0000000020010000 x26: 002000013aaf4bc3 x25: 00000000000001f0 x24: fffffdffc3eaba30 x23: fffffdffc3eabd00 x22: dfff800000000000 x21: fffffdffc3eb3900 x20: fffffdffc3eb3801 x19: fffffdffc3eaba00 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008ad27e48 x15: ffff700011e740c0 x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff x11: 0000000000080000 x10: 000000000002ce5f x9 : c4bcfe0a46a0cd00 x8 : c4bcfe0a46a0cd00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80009ea76ef8 x4 : ffff80008f415ba0 x3 : ffff800080548ef0 x2 : 0000000000000000 x1 : 0000000000000001 x0 : 00000000000000e5 Call trace: __folio_rmap_sanity_checks include/linux/rmap.h:427 [inline] (P) __folio_add_rmap mm/rmap.c:1252 [inline] (P) __folio_add_file_rmap mm/rmap.c:1620 [inline] (P) folio_add_file_rmap_ptes+0x890/0xa80 mm/rmap.c:1642 (P) set_pte_range+0x28c/0x434 mm/memory.c:5256 filemap_map_folio_range mm/filemap.c:3631 [inline] filemap_map_pages+0xb50/0x1558 mm/filemap.c:3740 do_fault_around mm/memory.c:5476 [inline] do_read_fault mm/memory.c:5509 [inline] do_fault mm/memory.c:5652 [inline] do_pte_missing mm/memory.c:4160 [inline] handle_pte_fault mm/memory.c:5997 [inline] __handle_mm_fault mm/memory.c:6140 [inline] handle_mm_fault+0x2b84/0x4d18 mm/memory.c:6309 do_page_fault+0x428/0x1554 arch/arm64/mm/fault.c:647 do_translation_fault+0xc4/0x114 arch/arm64/mm/fault.c:783 do_mem_abort+0x70/0x194 arch/arm64/mm/fault.c:919 el0_da+0x64/0x160 arch/arm64/kernel/entry-common.c:627 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:789 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 928 hardirqs last enabled at (927): [] __up_console_sem kernel/printk/printk.c:344 [inline] hardirqs last enabled at (927): [] __console_unlock+0x70/0xc4 kernel/printk/printk.c:2885 hardirqs last disabled at (928): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511 softirqs last enabled at (830): [] softirq_handle_end kernel/softirq.c:425 [inline] softirqs last enabled at (830): [] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607 softirqs last disabled at (727): [] __do_softirq+0x14/0x20 kernel/softirq.c:613 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 10255 at ./include/linux/rmap.h:214 __folio_large_mapcount_sanity_checks+0x3d4/0x5dc include/linux/rmap.h:214 Modules linked in: CPU: 1 UID: 0 PID: 10255 Comm: syz.0.668 Tainted: G W 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __folio_large_mapcount_sanity_checks+0x3d4/0x5dc include/linux/rmap.h:214 lr : __folio_large_mapcount_sanity_checks+0x3d4/0x5dc include/linux/rmap.h:214 sp : ffff80009ea77790 x29: ffff80009ea77790 x28: 0000000080000000 x27: 1fffffbff87d574f x26: 1fffffbff87d5740 x25: 1fffffbff87d5741 x24: dfff800000000000 x23: 00000000000001f0 x22: fffffdffc3eaba78 x21: 0000000000000004 x20: fffffdffc3eaba08 x19: fffffdffc3eaba00 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008ad27e48 x15: 0000000000000001 x14: 1fffffbff87d574d x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000080000 x10: 0000000000049002 x9 : ffff8000aa342000 x8 : 0000000000049003 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80009ea76ef8 x4 : ffff80008f415ba0 x3 : ffff800080b2596c x2 : 000000000000003d x1 : 00000000000001f0 x0 : 0000000000000004 Call trace: __folio_large_mapcount_sanity_checks+0x3d4/0x5dc include/linux/rmap.h:214 (P) folio_add_return_large_mapcount include/linux/rmap.h:250 [inline] __folio_add_rmap mm/rmap.c:1279 [inline] __folio_add_file_rmap mm/rmap.c:1620 [inline] folio_add_file_rmap_ptes+0x47c/0xa80 mm/rmap.c:1642 set_pte_range+0x28c/0x434 mm/memory.c:5256 filemap_map_folio_range mm/filemap.c:3631 [inline] filemap_map_pages+0xb50/0x1558 mm/filemap.c:3740 do_fault_around mm/memory.c:5476 [inline] do_read_fault mm/memory.c:5509 [inline] do_fault mm/memory.c:5652 [inline] do_pte_missing mm/memory.c:4160 [inline] handle_pte_fault mm/memory.c:5997 [inline] __handle_mm_fault mm/memory.c:6140 [inline] handle_mm_fault+0x2b84/0x4d18 mm/memory.c:6309 do_page_fault+0x428/0x1554 arch/arm64/mm/fault.c:647 do_translation_fault+0xc4/0x114 arch/arm64/mm/fault.c:783 do_mem_abort+0x70/0x194 arch/arm64/mm/fault.c:919 el0_da+0x64/0x160 arch/arm64/kernel/entry-common.c:627 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:789 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 1044 hardirqs last enabled at (1043): [] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline] hardirqs last enabled at (1043): [] exit_to_kernel_mode+0xc0/0xf0 arch/arm64/kernel/entry-common.c:95 hardirqs last disabled at (1044): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511 softirqs last enabled at (1042): [] softirq_handle_end kernel/softirq.c:425 [inline] softirqs last enabled at (1042): [] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607 softirqs last disabled at (933): [] __do_softirq+0x14/0x20 kernel/softirq.c:613 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ kernel BUG at mm/page_table_check.c:120! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Modules linked in: CPU: 1 UID: 0 PID: 10255 Comm: syz.0.668 Tainted: G W 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : page_table_check_set+0x56c/0x590 mm/page_table_check.c:120 lr : page_table_check_set+0x56c/0x590 mm/page_table_check.c:120 sp : ffff80009ea776a0 x29: ffff80009ea776b0 x28: ffff80008f63c000 x27: 0000000000000001 x26: ffff0000c08158c8 x25: 0000000000000006 x24: 0000000000000001 x23: ffff0000c08158c8 x22: 000000000013ab14 x21: 0000000000000000 x20: 0000000000000010 x19: 1ffff00012dfca50 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008051c10c x15: 0000000000000001 x14: 1fffe00018102b19 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000080000 x10: 00000000000632c3 x9 : ffff8000aa342000 x8 : 00000000000632c4 x7 : ffff800080cd13e4 x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800080cd0928 x2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000 Call trace: page_table_check_set+0x56c/0x590 mm/page_table_check.c:120 (P) __page_table_check_ptes_set+0x2a8/0x2e0 mm/page_table_check.c:209 page_table_check_ptes_set include/linux/page_table_check.h:76 [inline] __set_ptes_anysz arch/arm64/include/asm/pgtable.h:724 [inline] __set_ptes+0x4a0/0x504 arch/arm64/include/asm/pgtable.h:756 contpte_set_ptes+0x120/0x188 arch/arm64/mm/contpte.c:273 set_ptes arch/arm64/include/asm/pgtable.h:1807 [inline] set_pte_range+0x39c/0x434 mm/memory.c:5258 filemap_map_folio_range mm/filemap.c:3631 [inline] filemap_map_pages+0xb50/0x1558 mm/filemap.c:3740 do_fault_around mm/memory.c:5476 [inline] do_read_fault mm/memory.c:5509 [inline] do_fault mm/memory.c:5652 [inline] do_pte_missing mm/memory.c:4160 [inline] handle_pte_fault mm/memory.c:5997 [inline] __handle_mm_fault mm/memory.c:6140 [inline] handle_mm_fault+0x2b84/0x4d18 mm/memory.c:6309 do_page_fault+0x428/0x1554 arch/arm64/mm/fault.c:647 do_translation_fault+0xc4/0x114 arch/arm64/mm/fault.c:783 do_mem_abort+0x70/0x194 arch/arm64/mm/fault.c:919 el0_da+0x64/0x160 arch/arm64/kernel/entry-common.c:627 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:789 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Code: aa1603e0 97fd6781 17fffee6 97e91fd8 (d4210000) ---[ end trace 0000000000000000 ]--- --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup