From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 214DCC41535 for ; Fri, 22 Dec 2023 14:55:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6512C6B0072; Fri, 22 Dec 2023 09:55:38 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 5D9B66B0075; Fri, 22 Dec 2023 09:55:38 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 453336B0078; Fri, 22 Dec 2023 09:55:38 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 2FDD06B0072 for ; Fri, 22 Dec 2023 09:55:38 -0500 (EST) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id E7E4C160E48 for ; Fri, 22 Dec 2023 14:55:37 +0000 (UTC) X-FDA: 81594753114.29.8E7EB60 Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) by imf18.hostedemail.com (Postfix) with ESMTP id B77F21C0034 for ; Fri, 22 Dec 2023 14:55:35 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=kernel-dk.20230601.gappssmtp.com header.s=20230601 header.b=ulQwmZ38; dmarc=none; spf=pass (imf18.hostedemail.com: domain of axboe@kernel.dk designates 209.85.215.181 as permitted sender) smtp.mailfrom=axboe@kernel.dk ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703256936; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=kHQCFGGLNiztDEJ2wrlf/vZG7Mebms+6KQMqUg+YQGU=; b=LXPKJUW421Mh1cu+HkWAeraLjdQ2bbivD0hMcbsPkTmrJR49LtsEvGB0q5S9Q6iapNDTJp Rk+nW9WFTM+NF/D3eIYz1D/2oZzZt257x3DSciJRf2nx3PB1tFW3OsCwSvlIkr4ZO3OGch ldqGNXlS4VUBs3qNucVjC/RA336xuWY= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=kernel-dk.20230601.gappssmtp.com header.s=20230601 header.b=ulQwmZ38; dmarc=none; spf=pass (imf18.hostedemail.com: domain of axboe@kernel.dk designates 209.85.215.181 as permitted sender) smtp.mailfrom=axboe@kernel.dk ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1703256936; a=rsa-sha256; cv=none; b=NB2uHlJ/0rEByxaHrj6l6kFPqlxUk8OYoaUBrl+QA+zO7sNcUiByn7Wx13flnJms9+a+qH +JBJUvgZeSdaDLtyyHLIYSK2IRCa6rMjOJxpNYcJukNfixMGHx9JoP3+7LDe8IYx1yKez0 gemVZd+X+CAtgdWvmRq87v2PIEYlTZ0= Received: by mail-pg1-f181.google.com with SMTP id 41be03b00d2f7-5cdf90e5cdeso115712a12.1 for ; Fri, 22 Dec 2023 06:55:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel-dk.20230601.gappssmtp.com; s=20230601; t=1703256934; x=1703861734; darn=kvack.org; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=kHQCFGGLNiztDEJ2wrlf/vZG7Mebms+6KQMqUg+YQGU=; b=ulQwmZ38StEnD5GfeROG8/nhnmjYuZdbJtljHo1KnDL1qoKiDsdPpcJ9nv8B2P2ZCI rpFriNCgQeeI9Vhs2C6z72cpv3oPVzQNmJgUajHDfTJX9NLX71q4tNtGm9cR1uam1YT7 3H4BfXlQawvXS48o927iV+Ow8D+3uyFB9uM5swMkwCe8OA7Ph3mFzLmz/akfi0/klJji kK8FitSxpdZNUErkRAHw6OLOvGfTsQ2gNxTQVxm6lw7C/Ps+qPY36XXaroH9SFKqymfw ueJ565T7pNBrRc1SQR61qHu7rEU//KAZYaOVhJj+7yx/vbDHulTslgw7Kj9sYD8Ie4sf RMAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703256934; x=1703861734; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=kHQCFGGLNiztDEJ2wrlf/vZG7Mebms+6KQMqUg+YQGU=; b=De2+n2NIDAw5vxTLhnjd0OrpSehBqrT1DjVqdNVYRTMO40lmm0VEvF2KF4Hed7BgKK O4YdRNg/X5PlwrTIed2m3MWEWwXW+gmVfVTcqGj9RgezHiw8daRtJoRpiRjqMXAHlO0j HhEzMZF5f+arvxYLrrZgflgjsuHtNFf7n7zdSbNq3MJgQ2J8GwgZTyQeANQrGSG5lAkz LLPyQvJe1XXT4rZLEf/6U9r8wC2AzNiGOOXBN/T7Zfa7SL56qsqHzLHKS2hGoXC61eYo tqO6ul3g1M6y5/7qzrTo+9uBOPGf4UqKeaEFAvXmEuyQNGIr9dG0aUDXeQYROBa3Vz9n yWSg== X-Gm-Message-State: AOJu0YzB8/ZbtH6uyMiU581z9FukICEuigaZ6f7EF18Rxbnn5M9/lp2d QPMxRTSz9ZeooyuS9CcGTHF6oYo0upy3Iw== X-Google-Smtp-Source: AGHT+IH7UNV2CQYUhtnVKei9ph0mvzFJGhzvL2yJnpBqFgaMPcBfqE1TRyfMYzvN0RP1tDNHcQnQ5g== X-Received: by 2002:a05:6a20:c5a0:b0:194:dbd6:9c1e with SMTP id gn32-20020a056a20c5a000b00194dbd69c1emr2139270pzb.2.1703256934236; Fri, 22 Dec 2023 06:55:34 -0800 (PST) Received: from [192.168.1.150] ([198.8.77.194]) by smtp.gmail.com with ESMTPSA id p23-20020a635b17000000b005c66b54476bsm3326753pgb.63.2023.12.22.06.55.32 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 22 Dec 2023 06:55:33 -0800 (PST) Message-ID: <831312c5-d86f-4d53-8a18-1bd00db61c0d@kernel.dk> Date: Fri, 22 Dec 2023 07:55:31 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [syzbot] [mm?] [io-uring?] WARNING in get_pte_pfn Content-Language: en-US To: syzbot , akpm@linux-foundation.org, io-uring@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com References: <000000000000f9ff00060d14c256@google.com> From: Jens Axboe In-Reply-To: <000000000000f9ff00060d14c256@google.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspam-User: X-Stat-Signature: 1jb68pnunfbfy49rr3smq41jjk7fc3dw X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: B77F21C0034 X-HE-Tag: 1703256935-577610 X-HE-Meta: U2FsdGVkX19JFPDYXDe6X1XyENOPcEx+8rrwR7ZHkyy3DIZPcM/mT+hQt9NJ41MeS2HJUV/egaf9KryZDQGInoodSJvaqlrjy3PC0K19o5LUVI3avXCxG6KFAPA3VrvMb6FHU2nQh1twfAZI3wEkLIW8DJ6IcGjhsEr/wu5jWdwJF7gBi19Ijj/jSkpVT+3EESIbWZldhwQFl2btd8Ke0zMXKgomu00qmMqxXcQEIgSoOXBRRfFtlVTbIPchKFUbEOS15oMaqKotWycN1QQHH7gkWx9jGzm3GwBssHE6wnmrHBOyg3pV0pzmlxv0d2R8BTSF9dFLYecgk+OtrL9F9hLK/4GYLa4FUHMMFalJFT1tqnEX7dWPwbZfZxrmLgvFM4SVUpSo8GZKaqG726LCwXYL+NsyVabefxrxC3+xZlAojad/lg1M9BHthYpzXV0sRLRF9ntIAXPtbuIVtFygh68qU+5fh5prfACdVe/VEXRbg0K66RbQEATPmyb0x+AB9oe+ysau1DxvzvB3i4/GqxKbhSwYPaWmdGTg7Le5zrRIVRcMbsQhiu45QfqGRtk7TGWlKA6yM/uFl48pz/DY+ge5AR0GhzJlC0ToBgCDvS+ZqV+7YdcdJM6DTuRcF8DfxBlA4kAbljcOc86qvzyQEIxWgstS+NG2mRqJeOsbOVwPM/3XfoaR22K1slFbb8PhgEdazq+hXo15AQ18oZ6LymJxPN2pmwI9hdGHQHJfyq57rjyDEyOaAAVmuvKoGZp+6K3x8T3B1XdWlKLGuMQ/QNh5+9iPiijn9wH59gx8DB1JMm4Z3D8Kg8CaqPB2h8DChnMuhBnOfaVhlg/V+zOhReSPNT/3a+3BdaX6GEGa6wVIG4GIClHftLAnD8w9qg/uiikE3/K2tUdIT2txam/jGTYPLcZpLRwl6X4W0FIbbnsxlRHlztgb40LFEQuulArJaWMy3Oz4Vux6bFX0rhJ TyaxO2hM /eEzOczGAsKnp3LU+H9plRT2GVLhPoSYhqLbIsvB9jOKbSV9C/sZ5eNCoct49aVsc4fofq9IpWZUMwgSXt5XRl+b1bmi6ih/K3d4rrpt3d2TzZE9ytsbUJ2BfKVEbhUwI88ENJAvWFkPRyLzx1mDG1rRA9oybDiPd6XlZ9BRlRXCgjtdmnxiQUeXfL3x91PN49II3Nsj3Z67G6Iqy+zlGm1SZB0Iu7Rfr9HOgMOVO5eeGJF/7n/aHRgbw+U/YikJeYIED3k+lPmY0Pbg82bm62g96mq8HRkwuZ1H5frbL8cGuQb2pFRj8P+xgjKEsg8xCCJOWH33RmxK9qYSXUQSusiucWaHVJAZIA8rpnn5tegAtfMtUGVzL+eqHbk2jNMXNbtT0u41C0Ot0uqUNtJU7dLjRyiq+SKJaSfNChzNXaI039JAgOJx13+3unxMiD6yher58T6KzMNq9ybizjbgrwwD4imwaem9ntHtlvfRkonqTO4csqqMVPvwKJFFDrlOnMD9gYLOj/8hFZOhH/Zs6Rk/88xX4b1R0nOJZK8gvSwOdNTEIXFo8Dxnd7oJUDShAkYpo28efCajgRTARIkAF9456uMqVBXXEcST3PLhQVAKLuMJzUJGcDtKPChlPQDGwqkWfoYS6HqIs0YGUUmP0z5+ohPI0cutO9dy9j3Ly5k/96hysSN7UaqToocuMMbsoZ5oVkz1C3g69EaERwlZ/e0emSicACvR+ExjGskBKzTJkS6UGtRlJl1sB4+E4JnnHLk3aJaDBej6Fx7yicd09oLusLpB7SUCPxjZgDGti0+OlzSnjS2fPDyR9heYHzHWgozaS72oDKospjs3oh49wZ9F8g2AFRjd7jGxB13tDXiK2lW1g9R4aFMBUFXfRMhNf0sXCLfmEUalCaC66NNNMUJftwkIbUoQCo1WpHw6V+wEfpAc98C1p6ecxKPGggF8Gai5WcftK3o0DYAlRcrTKzY3kPlFe xZlQddy9 dgOnByctwl62bpqXEiR+8SPN2iOD8DvUgR8T2RkRQGKZW87ZbykdCWBuI1lbqZYp X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 12/22/23 1:11 AM, syzbot wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: 0e389834672c Merge tag 'for-6.7-rc5-tag' of git://git.kern.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=1454824ee80000 > kernel config: https://syzkaller.appspot.com/x/.config?x=f21aff374937e60e > dashboard link: https://syzkaller.appspot.com/bug?extid=03fd9b3f71641f0ebf2d > compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13b4ef49e80000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=118314d6e80000 > > Downloadable assets: > disk image: https://storage.googleapis.com/syzbot-assets/e58cd74e152a/disk-0e389834.raw.xz > vmlinux: https://storage.googleapis.com/syzbot-assets/45d17ccb34bc/vmlinux-0e389834.xz > kernel image: https://storage.googleapis.com/syzbot-assets/b9b7105d4e08/bzImage-0e389834.xz > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > Reported-by: syzbot+03fd9b3f71641f0ebf2d@syzkaller.appspotmail.com > > ------------[ cut here ]------------ > WARNING: CPU: 1 PID: 5066 at mm/vmscan.c:3242 get_pte_pfn+0x1b5/0x3f0 mm/vmscan.c:3242 > Modules linked in: > CPU: 1 PID: 5066 Comm: syz-executor668 Not tainted 6.7.0-rc5-syzkaller-00270-g0e389834672c #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 > RIP: 0010:get_pte_pfn+0x1b5/0x3f0 mm/vmscan.c:3242 > Code: f3 74 2a e8 6d 78 cb ff 31 ff 48 b8 00 00 00 00 00 00 00 02 48 21 c5 48 89 ee e8 e6 73 cb ff 48 85 ed 74 4e e8 4c 78 cb ff 90 <0f> 0b 90 48 c7 c3 ff ff ff ff e8 3c 78 cb ff 48 b8 00 00 00 00 00 > RSP: 0018:ffffc900041e6878 EFLAGS: 00010293 > RAX: 0000000000000000 RBX: 000000000007891d RCX: ffffffff81bbf6e3 > RDX: ffff88807d813b80 RSI: ffffffff81bbf684 RDI: 0000000000000005 > RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 > R10: 0000000000000200 R11: 0000000000000003 R12: 0000000000000200 > R13: 1ffff9200083cd0f R14: 0000000000010b21 R15: 0000000020ffc000 > FS: 0000555555f4d480(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 0000000000000000 CR3: 000000005fbfa000 CR4: 0000000000350ef0 > Call Trace: > > lru_gen_look_around+0x70d/0x11a0 mm/vmscan.c:4001 > folio_referenced_one+0x5a2/0xf70 mm/rmap.c:843 > rmap_walk_anon+0x225/0x570 mm/rmap.c:2485 > rmap_walk mm/rmap.c:2562 [inline] > rmap_walk mm/rmap.c:2557 [inline] > folio_referenced+0x28a/0x4b0 mm/rmap.c:960 > folio_check_references mm/vmscan.c:829 [inline] > shrink_folio_list+0x1ace/0x3f00 mm/vmscan.c:1160 > evict_folios+0x6e7/0x1b90 mm/vmscan.c:4499 > try_to_shrink_lruvec+0x638/0xa10 mm/vmscan.c:4704 > lru_gen_shrink_lruvec mm/vmscan.c:4849 [inline] > shrink_lruvec+0x314/0x2990 mm/vmscan.c:5622 > shrink_node_memcgs mm/vmscan.c:5842 [inline] > shrink_node+0x811/0x3710 mm/vmscan.c:5877 > shrink_zones mm/vmscan.c:6116 [inline] > do_try_to_free_pages+0x36c/0x1940 mm/vmscan.c:6178 > try_to_free_mem_cgroup_pages+0x31a/0x770 mm/vmscan.c:6493 > try_charge_memcg+0x3d3/0x11f0 mm/memcontrol.c:2742 > obj_cgroup_charge_pages mm/memcontrol.c:3255 [inline] > __memcg_kmem_charge_page+0xdd/0x2a0 mm/memcontrol.c:3281 > __alloc_pages+0x263/0x2420 mm/page_alloc.c:4585 > alloc_pages_mpol+0x258/0x5f0 mm/mempolicy.c:2133 > __get_free_pages+0xc/0x40 mm/page_alloc.c:4615 > io_mem_alloc+0x33/0x60 io_uring/io_uring.c:2789 > io_allocate_scq_urings io_uring/io_uring.c:3842 [inline] > io_uring_create io_uring/io_uring.c:4019 [inline] > io_uring_setup+0x13ed/0x2430 io_uring/io_uring.c:4131 > __do_sys_io_uring_setup io_uring/io_uring.c:4158 [inline] > __se_sys_io_uring_setup io_uring/io_uring.c:4152 [inline] > __x64_sys_io_uring_setup+0x98/0x140 io_uring/io_uring.c:4152 > do_syscall_x64 arch/x86/entry/common.c:52 [inline] > do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83 > entry_SYSCALL_64_after_hwframe+0x63/0x6b > RIP: 0033:0x7f4b0e4778a9 > Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 > RSP: 002b:00007fff814fe868 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 > RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4b0e4778a9 > RDX: 0000000020000700 RSI: 0000000020000640 RDI: 0000000000005a19 > RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000020000700 > R10: 00007fff814fe8d0 R11: 0000000000000202 R12: 0000000020000640 > R13: 0000000000000000 R14: 0000000000005a19 R15: 0000000020000700 > Don't think this is io_uring related, test case looks like it's just setting up and tearing down big rings. -- Jens Axboe