From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68C1BC4345F for ; Tue, 16 Apr 2024 23:08:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C619E6B008A; Tue, 16 Apr 2024 19:08:22 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C11366B008C; Tue, 16 Apr 2024 19:08:22 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id ADB566B0092; Tue, 16 Apr 2024 19:08:22 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 8F8696B008A for ; Tue, 16 Apr 2024 19:08:22 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 59615C0C9E for ; Tue, 16 Apr 2024 23:08:22 +0000 (UTC) X-FDA: 82016935644.18.397C2AB Received: from mail-ed1-f49.google.com (mail-ed1-f49.google.com [209.85.208.49]) by imf25.hostedemail.com (Postfix) with ESMTP id 86EE7A0002 for ; Tue, 16 Apr 2024 23:08:20 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Q6gfCvS3; spf=pass (imf25.hostedemail.com: domain of zokeefe@google.com designates 209.85.208.49 as permitted sender) smtp.mailfrom=zokeefe@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713308900; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SOdiC0tL+G3FANw6Y9F4LL53FfietZiL2c5R415IOXg=; b=GVT39fB1ic+X91d6NV53CRX0B4G8+/t5oLvbxQVs6ZFI1weXcVkJIqHPYNJot3vMfdI4pt cPws03er4LNYKXMjP/ZmAERWNVMsm93mWoPmU7MAanx21XInYO5eAEJEd3CWtdPxYDVtdc z1SkwQCkrQmO7EbhDTiLEMPgBmoorWM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1713308900; a=rsa-sha256; cv=none; b=1DvIawvkb0bEZw+q0+AI11PgtPqaYYodSlChOJtPuFcPpNcu8oseUOC0pCqQLRrr9HQFl9 C9PzVnJNQVUF1M+EYzDHRmysgWnhbDphy6sMdjDR8KDj3TSdz6HgkbMabgjOpOBcPmNM/d SFevP2gGiic59kmLDhTC92WNjpmZG10= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Q6gfCvS3; spf=pass (imf25.hostedemail.com: domain of zokeefe@google.com designates 209.85.208.49 as permitted sender) smtp.mailfrom=zokeefe@google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-56e5174ffc2so2986a12.1 for ; Tue, 16 Apr 2024 16:08:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1713308899; x=1713913699; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=SOdiC0tL+G3FANw6Y9F4LL53FfietZiL2c5R415IOXg=; b=Q6gfCvS3DmE2UZzwOlYhYcU7qbOR4n13Mmz6pXKGn1xQq/RFryKgslBKtmuuVfIcdn bjNL9lgYDKh4hBWHIZCXT3TgMEdqJu0GrVcoxhQxngpbAqzWpz4W05wxA1KRD8BuV2NM 2Zsd86uLTCd0gMyDZ1eT5rwbwzZOuYADIAjjO+HhZvNpTh62RIvp5MT7zvDJcqc8AHNB HtA3Z3pUDYPBMOcsCOXAb7vndCzd4Yz+gC26qwgk96gV0FkvTx5/TaIaXOUbZTn//Djv 7NFHoZIQzlLo0pi5W6QCVepBECWf1EEAAJzTH+kOZNV6cq0qs2f9dv89ZATcCu8ELdb7 hroA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713308899; x=1713913699; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SOdiC0tL+G3FANw6Y9F4LL53FfietZiL2c5R415IOXg=; b=M3WdsU+Rf9q6eaqNPvztnRb1CFhXXlJwFqwBRckT4ytbMtLnAKfRReq2nZ84UNc5ao +7+s/3P3bJkEvc+xWB4/tgtLargvBwMHreg/0DLPSFBQMVpSnvRj0rUKAiAJ4IywbcA7 gP9kQ+hWdJfUE3eq5WVDhic/fzV54pbF06T1i/GGH37ZKC7r9ICnebvapXS3N//pOaWj QZtORwy74mPS02KnlZllUJrdTeqFsVNwjmoxK7+9HIX4zxzvF2ceIp5fLX983LbVtlZn 3Qn4FcojL3hceq5VIr75SWdVx2e7UBVHYQOdmk+oEXv8RSUKplt0Qi1l4cGMPzj3tHnd +RVw== X-Forwarded-Encrypted: i=1; AJvYcCWMS7s4py5wUC1RHL8TzoK99JM7PC4u9k8MHlQMa6LzN474rL4czXII/rjpzJS/NSsIK+nio24+dh7BjhqOlKKrcUA= X-Gm-Message-State: AOJu0YyGcgKs2323TFn5oV29KlUuiSUE0rnbI9o2r2PvZxiaYWzrRx48 X2xtV0T1sRgflHY6haW23obo/CBMnPctCFbwpQaff+pigCY0qyyBPp6RveO7A1rmlHDHI7ZegDj dJ6uGkKJ49Xcg1cCd62RdcFacG+rZGOlhIggu X-Google-Smtp-Source: AGHT+IGkH8dcsSd2mHEmIvZNmPTDJjKG22oRPWWX1ECCNsJoXjeJV4w8yQaudJm2VHLYAmkWNYyZwliEX9Gq/R0Jt28= X-Received: by 2002:a50:9f2c:0:b0:570:5d40:5e3b with SMTP id b41-20020a509f2c000000b005705d405e3bmr10618edf.6.1713308898764; Tue, 16 Apr 2024 16:08:18 -0700 (PDT) MIME-Version: 1.0 References: <0000000000009db84e0615a73698@google.com> <20240409164627.b4803e09c81c01ccb6f55601@linux-foundation.org> In-Reply-To: From: "Zach O'Keefe" Date: Tue, 16 Apr 2024 16:07:41 -0700 Message-ID: Subject: Re: [syzbot] [mm?] general protection fault in hpage_collapse_scan_file To: Andrew Morton Cc: syzbot , linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 86EE7A0002 X-Rspam-User: X-Stat-Signature: i6ct8rw7wgijrp69nkg7iaa889rdea5d X-HE-Tag: 1713308900-34829 X-HE-Meta: U2FsdGVkX1833Xdv9BM8AV6w6xNMFQQqHSuVX2XewGUtWR0YnVa5lUxDloYXYFrzomdkN6xTJuRFV/HgTs/wuCXzU8JXhWMUSv9WH0UTtSGibQ+sbcJTwwgt85UcfnoLa9G4pydEK9n3/+tJJitX39gOcJIztHzsw8VNdUc8qoKWUs0JheH6LXix0vEU1JusYADOmgD6+5FJbUsKDVbTisIMQz66fXdckMBftkhHLjoz4zbDzAC8TO697SeO5RMkgyQOiVFECbz9e3XSy9S9ZK35KHZQhiptXhoQMsckQYDLBu5mo1vBZBmIZ61jdRQRsN8hPfipuiSO+JFnJ1WxQJrRy1L91GIbTxsCfUPlZlvTIicgIUAbVy0JDqjGE1vR8xMY+1D+HFDiBh+TV0F6TGqPg9YYumRaTw6xd4kKLtXcMQ1aEju5UWM/uaIasKqUluvmTSVGgSz2jlT5DMcMB/+tI7Qs3K8KwY07OedFV6UxrUHxZXNsYlHaJ/YYjqfLS1Mg2RtP86Z3RQ+u6N+xcw8Tv11o/hdIdiwi8To9oNvv8p7a6wZGPaQ6VN7uwQAbb7mC3QOgHQ/9E8nhcm7uKF3CSg3VKH4fqYOYNjNRh+A83+GzgOghz2rpKIuh4qb2wZdb+i0pzCKkRF1+n8jWgqlMSh7jQxqW0QUQS5rIePHcjkgCeypSgWEfVmwO4nVDIKUl3FwUz7ojEL0hsKmkcbsXwN1p/SMLBRep/hrYuakK8J6+92u1tukPnZmb7Unyo5PpgdqbNEBmriEsyd2g87KipXrIwFC/kK2VZVp3UqiUcbITYc26R+osM64KdBp5Pkqed/731Ql7Zf67D7IPsDvh3kDzlDVSZZrgQVtWAx4fKOxx1Mm3eQ9MTDFQY+7H5zGRXremUqLp2AZ/WrkEHMO+ybZRncKWD911PKE8mh6k8rGyIN94SYWIBjyYPQcJroJA2l0XJQp7i/lIwFs J5QCrhmX p5rZnsOEd1jVJwbKD2Kx8PCpfMUagGv9k7MhPVLx5yDyjmjBE0BUgejh+i8OJJ6LzLYi8c29knQp7qMCn8R4KjNROO1oQTXh5y4Zd6WZ1U7aIjX3514n+5mgrlUG2AY6yaaYnRYZne7i3tyaoXttf2b1KN7Myp+KqNyTuMNOAbgY3jm4/Tq9SsrgggY3SI3A+lBRbu1U3UkLeCut40O8+/nlrTPV02PfhtA3EsrRsFaC5YUxCMWlVw3Xvx2kCGhTFDWY+pjPS36PeA5QTIE/2K4C67J0Ok1IlDrPiI+BdxbiQn6a04QR37mRO5fW4A9XrRCKU9yVmdvslnirCo0E3aHm2O1Q8eojQVFcz/2CqBWlBe+Qotg3R2INtfLPphX7PyZpq9i6OT2mJIZl8eju2JrfvvZ6lzwhjSTWMzI4CmitnFDuuAacPvbMQx8aSWtExewsptfsCHtZXAqYTsnPz1B5zx3PTdxndX+TO30tEbSojYb7nI7pquyLz/83+B6LCLJinMaQ6bVqs+QwfaWcS+XZBMs+e9SeNEN5FOXa4KVke9qPZKZr4buS5WdiIo10WDHYghe3rqHdqh8Q4zssfXplnOrddn9iDEG7R1YogamqJAkXDK6bDO8Gyt7xJKYqD4FzHDUtp7DLqKzO7bWrThMcxb7Q9cQIIL8OuBIRPYxuPXtwHPu8C2fNl64Qxg4PTUFU2blQx7Tp38djk3+f29ZCpNA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Apr 9, 2024 at 5:32=E2=80=AFPM Zach O'Keefe wr= ote: > > On Tue, Apr 9, 2024 at 4:46=E2=80=AFPM Andrew Morton wrote: > > > > On Tue, 09 Apr 2024 03:16:20 -0700 syzbot wrote: > > > > > Hello, > > > > > > syzbot found the following issue on: > > > > > > HEAD commit: 8568bb2ccc27 Add linux-next specific files for 202404= 05 > > > git tree: linux-next > > > console+strace: https://syzkaller.appspot.com/x/log.txt?x=3D152f48051= 80000 > > > kernel config: https://syzkaller.appspot.com/x/.config?x=3D48ca5acf8= d2eb3bc > > > dashboard link: https://syzkaller.appspot.com/bug?extid=3D57adb2a4b9d= 206521bc2 > > > compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for= Debian) 2.40 > > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=3D1268258= d180000 > > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=3D1256598d1= 80000 > > > > Help. From a quick look this seems to be claiming that collapse_file() > > got to > > > > VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio); > > > > with folio=3D=3DNULL, but the code look solid regarding this. > > > > Given that we have a reproducer, can we expect the bot to perform a > > bisection for us? > > > > I often don't see a successful automatic bisect, even with > reproducers. Hit or miss. I will take a closer look tomorrow -- the > reproducer doesn't look to be doing anything crazy. I've only been able to reproduce this using the disk image provided by syzb= ot. What is happening is we are calling MADV_COLLAPSE on an empty mapping -- which actually reaches collapse_file() -> filemap_lock_folio() after page_cache_sync_readahead() attempt. This of course fails correctly, and I can see right before GPF that the returned pointer is 0xfffffffffffffffe, which is correctly ERR_PTR(-ENOENT). This should be causing us to take the if (IS_ERR(folio)) {..} path .. but we don't, and I don't know why. I haven't yet attempted to repro this against other images. Will continue looking, but wanted to provide some type of update -- even if it is a disappointing one -- so as to not appear like I've disappeared. Thanks, Zach > Thanks, > Zach