From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2C38C5B543 for ; Thu, 5 Jun 2025 05:38:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3F35A6B00BC; Thu, 5 Jun 2025 01:38:35 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3A4438D0007; Thu, 5 Jun 2025 01:38:35 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 292538D0054; Thu, 5 Jun 2025 01:38:35 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 06DE38D0007 for ; Thu, 5 Jun 2025 01:38:34 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 26AE3C1897 for ; Thu, 5 Jun 2025 05:38:34 +0000 (UTC) X-FDA: 83520242148.16.725194A Received: from mail-il1-f206.google.com (mail-il1-f206.google.com [209.85.166.206]) by imf08.hostedemail.com (Postfix) with ESMTP id 7AD33160002 for ; Thu, 5 Jun 2025 05:38:32 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=none; spf=pass (imf08.hostedemail.com: domain of 3Vy1BaAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.206 as permitted sender) smtp.mailfrom=3Vy1BaAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1749101912; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=/z+LQtVXLG6xTh29GCPAc32w5jdO5ogRdmbiKbJuFqk=; b=47i7w55oIK4cCS0n+O9XljGJypCtmsydiPAohsX9w+d1hJ8jB6Zateb383q749lcofYjzQ uYq/OIcjN6PJO57M7Yem0hvqnxzGcY5G2Yg2Y8cxsEnd8tMuO2ux/h8vHoMuwb1Wo0zPZ1 AvrkJpX+mVlbwv5etqVbCzTXTmo82kM= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=none; spf=pass (imf08.hostedemail.com: domain of 3Vy1BaAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.206 as permitted sender) smtp.mailfrom=3Vy1BaAkbAP4y45qgrrkxgvvoj.muumrk0ykxiutzktz.ius@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1749101912; a=rsa-sha256; cv=none; b=sKKZfAgdSCKe2Y9ExH/cydljYoQvPsRQJWyQjB1CbDo410wHX1X1X2ndnVtJZBpq9pD0hA p2uKzQQ8GNDTWyV/03Qi0k5Y+hAQ1uMZu1WBG/gRyTxwsZ1Rq9hfrGxMJI10iZZZ+sT2rl VHkh7zldK/OhcjZ+NBNduPy4Qjb0W10= Received: by mail-il1-f206.google.com with SMTP id e9e14a558f8ab-3ddbb34fc1cso9485815ab.1 for ; Wed, 04 Jun 2025 22:38:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749101911; x=1749706711; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=/z+LQtVXLG6xTh29GCPAc32w5jdO5ogRdmbiKbJuFqk=; b=ZhBGu5HPY6qPDluPjVG5NRKOO4HRtkA5enSbkh7Hz8aTIUyqvF4wxQMWGIjFiXMr5P kl/wXxqD3SJ1dNYYN67yJcW2GP0+8npoE8VI9dxPI0ilc4GOOmAYRxFhEytF1GiGGpjz pf2zt6NEtGEkrPgzf9Bkuk1bjJEYKIvYp2vhJKLgY5wYmRgX69TAaHVoPnjJcOnc/O/2 YYUGe31o+65dOMCy3jQD2fxNlGd1ubuVJkEGcPQE4ekteBQwUODIiiQbhyR8EzGh5zdi TKZJMLaxL+dPHHO24aocPQcsulelEIgNCueNt/OzrBwiVVn48H3CmIkvTYrj4ybQVI/V sM7Q== X-Forwarded-Encrypted: i=1; AJvYcCVYvtIAwGsdec5+4IE1OXZc4z/hYfMg0AiEtuiqiftaJerrgAGLRyxXRGI6FI/we++etzvf7/SpBA==@kvack.org X-Gm-Message-State: AOJu0YwI0nlcKMI5lpIvnlMD9PdCVghWtJE1rt4WQeHS47qlXU5L3XCq bUtIjgb1R95RN50TQOBLtt+YWYgSfIHaQzWKA7+zDacknJ9eOcLYo0R/iPz+Z70VTSICwTB+i57 2yf6+6QCQ036Vm2+rDywVK+yz876Vf39rdS7JWDFrl9t6JEwwEA41G5lt2ic= X-Google-Smtp-Source: AGHT+IEbDqBJiTkeootdL8HXdYfl9FLp8xb9KNkcNyZgJE4vrkPq9BZXR3dVRbdpopg2vuAL1bDO+z30QRvKUj8RKaVb8Km1+g0z MIME-Version: 1.0 X-Received: by 2002:a05:6e02:19c9:b0:3d8:2023:d048 with SMTP id e9e14a558f8ab-3ddbedc9af7mr67269165ab.22.1749101911438; Wed, 04 Jun 2025 22:38:31 -0700 (PDT) Date: Wed, 04 Jun 2025 22:38:31 -0700 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <68412d57.050a0220.2461cf.000e.GAE@google.com> Subject: [syzbot] [mm?] kernel BUG in try_to_unmap_one (2) From: syzbot To: Liam.Howlett@oracle.com, akpm@linux-foundation.org, david@redhat.com, harry.yoo@oracle.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, lorenzo.stoakes@oracle.com, riel@surriel.com, syzkaller-bugs@googlegroups.com, vbabka@suse.cz Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 7AD33160002 X-Stat-Signature: abhk8w9kt6coun3naizzuka9crjeyjh7 X-Rspam-User: X-Rspamd-Server: rspam04 X-HE-Tag: 1749101912-958416 X-HE-Meta: U2FsdGVkX19v37M2YlxVCgGHaZLBq3Tgyt1Lo0x4mLV0W5yqWxzhvRK0B84X/Ypn9vFdgoJrjKBqoDgRTqIUxx06Np60g6+51xCRWiuSQPsUOUZF6wfSNkPXLLp59SDmv0oT3vHpBl/upnSlodQ2KI51SqS+dBUDCTkPxkKqSmSsA+crtsCH8E2DDieVI9P/dg7I/CAflB/ZVsbUf50twNit0vaoS0PNDW505oeGvw3RHoXDyY3QI4zDOw4p3XNIQ2CSebQxJr6V0efAcYT5rB/wcnHXj1r5HPO9ySGjV+oOaiz4/E6inmcAeYKusCNsQdeW6I32dsDNYU7NnkXqw8p8kyF4FkKjq600zKpT98dPWhAFG45qwsUi9SyJQ7Hp3MldQqmPQWxJCpc/hNydqRkcuVVhla4HEHb2LdIJnPW9pSbcUu4GmJL9ZAJ3Cy13udI31xt9/PGpXZrTMwRizEr1zM5OqByVUq6SUITd8EGgRMsZlqC1Vl1N/SeWKlJlPGkEizQ3cyjw2WTMALp3SMazg+KS5gNWqI+A8Sl87KS8D1vraISzEY/F4PtybKXqsiNqwimOWBIQRT+9x8Q8kQpRUErHvwtnqrpY/Z1k5dfQOzU8liqxxLPl+U4w9WZjbUan6LBNklrhBHXe78mJzB3eKXCV5nsLkpad5XfueB1IUJ8RCf3+iPDAlKJ1t+PjEAfIZtJ9pwXSL2RJzTvOOaHi3m8HDDMjgaxk0uPsD8KtmVBEvZGeYDRdZw3fFJoeTXfTZDV0MCkp3/5kHnz6FDUjp9X7U9/AcAIRu0dTqX/75BPUv5oJ6bH9JRp+J+WhlqVIMcBad5jCsE0rOojBnVt7PamECrQxBmrt64Xjh7SyM37K7HYVj17xVt47wUe/OhdrLQecwJvuA6FeqoSAJwMDr9tRoboLG2FP5+9lev19jSn5JSAyHvJD5m/qgmiRG1JSA7roL2cLkMnhVFl WzK9dDni PmHPs/Sx5x9gDnSVkpyLr9QYdTDubaxH/L0lS2HgGOpqNW8AjXQbUQRRgto6sXW1HryTxCGkls1tLslo5UtLzcfhhWETzJkuh3QCkZ/xm/7lBBRvvt9EsQ7DVFAV6McAfro01/x+PkFziGhQZlWhIDg/1iSMQXjVgT5I57EXpwom3ffx/xvFlmVyupMX9IAbw+8jpKTHSqogCyX6QYuqFrnLOhRToKdnw9iOyO8TzZtxn/AwwfDLAjKOEOdIs1VmeY7gBV2K0bX7aN2CzzHRioed1k1AgfEhrwMcYf4LH1zp7M4WVtpbu4kV99qBE/8zuVPajnWObpfO6GiwW91rFp2eysXK5I3p1tDnJ/MHBOSRy+0nqmN2n3kGiINY2EYKfElThJI8TMKI9qML3qp8qFAsSX9XreABT3KADSqfiEawx2xDCOTbf4/np0Hvp9QVbRGKJm3MH+K/MeqM5j28meDP6ggI2FOo9y6sdQ9KsvdouLZjS0kdYZZQCsb5Px0PE5CDgg/9nIyzQX5ckJBrzZYgcimuWc1yiqFrjKWzQnGs0NDixXegFYpX1tQBp38nYrmmY3jRDxLHXLSAw0mzDTRpIaJcrtKerxSBAn3F9LDOveg4iQ67lnv+ERHbGdg9ikKGeD8bwpYPIWDiIVR1dOA3RF0HHXqNpLerOsEfOaNiKU92uACflgq7dMw9arfOToLu5f2MwVXXGPDr1aOI2wUBRMbKx/S6iB1euJ4Md9CX4LhTk7mlWy9RZ/M0pE/yjAPdeml05/hsAx2gxXfJgsZi1nIG+cNzdBlGqP1P4RTuM88HAv8a8feBBSanyceDJ2TiuCbRQ+TBR/A1sjVvQ2sVfNsdZPvDgshapme/yOJ20cPx4BV4ExTA0GBjoMUc6Q5siFOGAnHgYlrNkXWI+1+fyMLfc8HeoYPTV0XofjKSkXE9v/zmXkhuqVTYY+PpKnwp/lDkRbAwoWsNuuE4B/IwEugRe 5gDoQIXq RKq83uZaigsh/4sXwyuDo8gBhi0V4q/VfFDZaejuJBW84qK8SIgizUcEfWFf3ra6K++16lZGYcfXcMlL1hkOrOMBSGpLeSMYYLw3R7EjpLqG2iOo0zHEp1qIIPPYGsn9fvYgX+AZbdye3F5t01aui9mCbU/sZOaEvBHIFgXD6smv6XqeKbwzKeAaPfZKMZvtRsjcZUpW2QBZbOG+9XeZkYviFMJd7zwTQVke/HAd6Gdqr/rLYOpqWzZmCKHwIXeitwoiwpWXWZRROJYYR/bXTzL2LejodcMa1VurX0Cip4jLhcLX5pfIwUDsGqJ4uFtDp4DMK1nwc89h1HhwrhiP8S9l4ZmChlrJXJbi+AdyOyUgwC5fzCrR1xJ12E5YYexpY/68eRIvgvn/OqMdV/popxPWYwDMqMPm3KkfxZ6YS0jbAMcBdIYC7w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hello, syzbot found the following issue on: HEAD commit: d7fa1af5b33e Merge branch 'for-next/core' into for-kernelci git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci console output: https://syzkaller.appspot.com/x/log.txt?x=1757300c580000 kernel config: https://syzkaller.appspot.com/x/.config?x=89c13de706fbf07a dashboard link: https://syzkaller.appspot.com/bug?extid=3b220254df55d8ca8a61 compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 userspace arch: arm64 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=150f7ed4580000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=13745970580000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/da97ad659b2c/disk-d7fa1af5.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/659e123552a8/vmlinux-d7fa1af5.xz kernel image: https://storage.googleapis.com/syzbot-assets/6ec5dbf4643e/Image-d7fa1af5.gz.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+3b220254df55d8ca8a61@syzkaller.appspotmail.com head: 05ffc00000000309 fffffdffc6628001 0080000000000000 0000000100000000 head: ffffffff00000000 0000000000000024 00000000ffffffff 0000000000000200 page dumped because: VM_BUG_ON_FOLIO(!pvmw.pte) ------------[ cut here ]------------ kernel BUG at mm/rmap.c:1955! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Modules linked in: CPU: 1 UID: 0 PID: 9503 Comm: syz-executor315 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : try_to_unmap_one+0x2c54/0x2d40 mm/rmap.c:1955 lr : try_to_unmap_one+0x2c54/0x2d40 mm/rmap.c:1955 sp : ffff80009e906380 x29: ffff80009e9065e0 x28: 0000000000000038 x27: ffff0000c9dbee80 x26: fffffdffc6628018 x25: fffffdffc6628030 x24: dfff800000000000 x23: ffff0000d84efdc0 x22: ffff0000d84efde0 x21: 0000000000000001 x20: fffffdffc6628000 x19: 05ffc00000020849 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008adbe9e4 x15: 0000000000000001 x14: 1fffe0003386f2e2 x13: 0000000000000000 x12: 0000000000000000 x11: ffff60003386f2e3 x10: 0000000000ff0100 x9 : 664e624a89365e00 x8 : 664e624a89365e00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80009e905a98 x4 : ffff80008f415ba0 x3 : ffff8000807b4b68 x2 : 0000000000000001 x1 : 0000000100000001 x0 : 000000000000002f Call trace: try_to_unmap_one+0x2c54/0x2d40 mm/rmap.c:1955 (P) rmap_walk_anon+0x47c/0x640 mm/rmap.c:2834 rmap_walk+0x128/0x1e8 mm/rmap.c:2939 try_to_unmap+0xc4/0x120 mm/rmap.c:2263 unmap_poisoned_folio+0x278/0x4a4 mm/memory-failure.c:1610 shrink_folio_list+0x608/0x4410 mm/vmscan.c:1131 reclaim_folio_list+0xdc/0x5d0 mm/vmscan.c:2217 reclaim_pages+0x420/0x544 mm/vmscan.c:2254 madvise_cold_or_pageout_pte_range+0x1d38/0x20d4 mm/madvise.c:434 walk_pmd_range mm/pagewalk.c:130 [inline] walk_pud_range mm/pagewalk.c:226 [inline] walk_p4d_range mm/pagewalk.c:264 [inline] walk_pgd_range+0xb4c/0x16bc mm/pagewalk.c:305 __walk_page_range+0x13c/0x654 mm/pagewalk.c:412 walk_page_range_mm+0x4fc/0x7dc mm/pagewalk.c:505 walk_page_range+0x80/0x98 mm/pagewalk.c:584 madvise_pageout_page_range mm/madvise.c:617 [inline] madvise_pageout mm/madvise.c:644 [inline] madvise_vma_behavior mm/madvise.c:1269 [inline] madvise_walk_vmas mm/madvise.c:1530 [inline] madvise_do_behavior+0x1940/0x2908 mm/madvise.c:1695 do_madvise mm/madvise.c:1782 [inline] __do_sys_madvise mm/madvise.c:1790 [inline] __se_sys_madvise mm/madvise.c:1788 [inline] __arm64_sys_madvise+0x10c/0x154 mm/madvise.c:1788 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Code: f9404be0 b0051fc1 910c8021 97fdefe4 (d4210000) ---[ end trace 0000000000000000 ]--- --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing. If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup