From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7FC19C433F5 for ; Thu, 19 May 2022 05:18:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CB21F6B0073; Thu, 19 May 2022 01:18:37 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C61776B0074; Thu, 19 May 2022 01:18:37 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B50216B0075; Thu, 19 May 2022 01:18:37 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id A97FC6B0073 for ; Thu, 19 May 2022 01:18:37 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 7FEAD20A89 for ; Thu, 19 May 2022 05:18:37 +0000 (UTC) X-FDA: 79481337474.13.FCADCA3 Received: from mail-lf1-f49.google.com (mail-lf1-f49.google.com [209.85.167.49]) by imf11.hostedemail.com (Postfix) with ESMTP id E5C8A400C3 for ; Thu, 19 May 2022 05:18:30 +0000 (UTC) Received: by mail-lf1-f49.google.com with SMTP id v8so5213189lfd.8 for ; Wed, 18 May 2022 22:18:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=axllb5GQqP++J06UNyAiJmRp6CQfVYprVks5whWT5bo=; b=izAK16ZJP5ozUEzyLhMtwLpyzqAcQI2KduMxRpsnDVThZcxACDGD927tVmR9Czk93Y jByIRhqmX1JUXCvn+MfkZjNjhsJYccZXme5EOing8BpT9VxXn6QoUAAPHJv4/Nmt0q4N w7vAKq7WpVgjRHns9BiIvvXBhPVk6BC56ebpWcEKstr9C58RkjxK2G8zi5AyNHuXvFnx 5QES/ORD6gZGYsFJCmoMhZtrR0J57QdLahNP4zjttENIefN7bueevlTo5ToWrT6I237a qijE3KFdS7Pw3ZTnkzXkzbE9cNdqoEg9Lq7hd8BgjFKGlYRW07JlATZK/TrPkdCnUr+q 4iFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=axllb5GQqP++J06UNyAiJmRp6CQfVYprVks5whWT5bo=; b=StYakefjdNkrbc7WfaG897FVnIgqp+QGE/IFv25JdQ6NueECG7BFziCtRG6R/vMi61 I/wV2GHSPTMBCOAuZ37x5FcIVJ5Dy8sq1ZZ2P0lI+WzkCdkM3Ltyh7+Hl9IdKn+k+x3f iqwW9kSTBVqe5sSaHYuGjlP6ICTtzk5YZrHOqnEwzwt00u/PbXjZWy/JgzM8NEdHuogV O/5FOnP9FKuh1vVGduD9l4zaw9hE28R+Oosa4/093CKxM+eozAhWsoRwsbyFWZsHc23D Gfx/9NYMWC4AqyGIKx1JdqQDZQfbbrTYWO+7+5Om4/t6EgaKsIPGXtXjk62xJnwKcFp6 ye7A== X-Gm-Message-State: AOAM530TMcSiRvxmF4dajqk3RexfIXwFkwH2rdYj0Uwfw2DVG6IpLsMx h9o2VNHJSgFVwfvELLVLiEBi745m8lgJIE8dyOhZAg== X-Google-Smtp-Source: ABdhPJyYDq726ALmgi3t1wi5/7kN7ID6ifbL3RSeRN35Y1BJu+kseeVPMRg/DzwKNGbujMlUUYWnbV488qXzGZalHoc= X-Received: by 2002:a05:6512:3c94:b0:477:ba25:de54 with SMTP id h20-20020a0565123c9400b00477ba25de54mr2041366lfv.137.1652937515208; Wed, 18 May 2022 22:18:35 -0700 (PDT) MIME-Version: 1.0 References: <0000000000007f31db05de0638f0@google.com> <00000000000057d2f405defe7e00@google.com> <20220514135010.2528f75eb053a7b38d80584b@linux-foundation.org> <20220516175958.cswumupmeddptzdb@revolver> <20220519020341.rr3s6b4dr7o36cqb@revolver> In-Reply-To: <20220519020341.rr3s6b4dr7o36cqb@revolver> From: Dmitry Vyukov Date: Thu, 19 May 2022 07:18:23 +0200 Message-ID: Subject: Re: [syzbot] general protection fault in vma_interval_tree_remove To: Liam Howlett Cc: Andrew Morton , syzbot , "linux-kernel@vger.kernel.org" , "linux-mm@kvack.org" , "syzkaller-bugs@googlegroups.com" , Michel Lespinasse , "maple-tree@lists.infradead.org" Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: gmt1ifo913a7gdj499jw4n38xpbnep6h X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: E5C8A400C3 X-Rspam-User: Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=izAK16ZJ; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf11.hostedemail.com: domain of dvyukov@google.com designates 209.85.167.49 as permitted sender) smtp.mailfrom=dvyukov@google.com X-HE-Tag: 1652937510-435721 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, 19 May 2022 at 04:04, Liam Howlett wrote: > > * Liam R. Howlett [220516 13:59]: > > * Andrew Morton [220514 16:50]: > > > On Sat, 14 May 2022 13:18:26 -0700 syzbot wrote: > > > > > > > syzbot has found a reproducer for the following issue on: > > > > > > > > HEAD commit: 1e1b28b936ae Add linux-next specific files for 20220513 > > > > git tree: linux-next > > > > console+strace: https://syzkaller.appspot.com/x/log.txt?x=11da21b9f00000 > > > > kernel config: https://syzkaller.appspot.com/x/.config?x=e4eb3c0c4b289571 > > > > dashboard link: https://syzkaller.appspot.com/bug?extid=ee1fdd8dcc770a3a169a > > > > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 > > > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=142757f1f00000 > > > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17cf0966f00000 > > > > > > Thanks. > > > > > > So it was there on April 28 and it's there now. Liam, do you think > > > anything in the mapletree changes could have perturbed the interval > > > tree handling? > > > > It is certainly possible, these two trees are intertwined so much. One > > area that sticks out as a possibility is vma_expand(). I created a > > vma_expand() function to handle growing a vma and potentially removing > > the next vma. I do some interval tree modifications in there. > > > > I'll add it to my list of items to look at. > > This was my bug. I reused a pointer that wasn't reused in this function > until I altered the error path in this commit. > > Please apply this patch to the maple tree series to fix "mm/mmap: use > advanced maple tree API for mmap_region()" Please add this tag to the fix: IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+ee1fdd8dcc770a3a169a@syzkaller.appspotmail.com