From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3AB55D3B7DD for ; Mon, 25 Nov 2024 07:16:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7D7EE6B0082; Mon, 25 Nov 2024 02:16:44 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 786656B0083; Mon, 25 Nov 2024 02:16:44 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 627806B0085; Mon, 25 Nov 2024 02:16:44 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 40B246B0082 for ; Mon, 25 Nov 2024 02:16:44 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id BD2E31C690F for ; Mon, 25 Nov 2024 07:16:43 +0000 (UTC) X-FDA: 82823759802.06.2132903 Received: from mail-ej1-f44.google.com (mail-ej1-f44.google.com [209.85.218.44]) by imf15.hostedemail.com (Postfix) with ESMTP id C108EA0005 for ; Mon, 25 Nov 2024 07:16:38 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Gugw7Ozj; spf=pass (imf15.hostedemail.com: domain of surajsonawane0215@gmail.com designates 209.85.218.44 as permitted sender) smtp.mailfrom=surajsonawane0215@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1732518999; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=XYuybcyRVu6mBub7ZrAtEAqpcAe8vFh2gBqH/74KHps=; b=Ron+FS48R3lKsGakPucLx7liEZ3SRggft+1Ky+tiIZ86JjMlH3+vUjaAOCYbot/43b3aAR ZOw/LRK6aKCE9oM3hQN+h1btWGr5m+gM2nFuW0N4Z+kcxkGccaxZCPDIyWnV0jz4vaXZiP VLd2sJ50bsXXSiQ+538SHptjyMPdraU= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1732518999; a=rsa-sha256; cv=none; b=BejCZusvjKZNYDFC1C4nhSnLIk4DZzp16LAkcp+CYehkecz6mUDSFcV6IsNa53iP/Vnw+u fuqGZELZlGqHFJkbGA8r+b6pgfM/Qt98zROq5NASTehzYSOGfD3qKCf9UcJE0LMjEldV8r Cc4IlJd5F8i3ZwCdHM0JDwiPvWGXdhg= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Gugw7Ozj; spf=pass (imf15.hostedemail.com: domain of surajsonawane0215@gmail.com designates 209.85.218.44 as permitted sender) smtp.mailfrom=surajsonawane0215@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-ej1-f44.google.com with SMTP id a640c23a62f3a-aa4d257eb68so758162566b.0 for ; Sun, 24 Nov 2024 23:16:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732519000; x=1733123800; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XYuybcyRVu6mBub7ZrAtEAqpcAe8vFh2gBqH/74KHps=; b=Gugw7Ozjzo8EI0sTUl4aC34hxliDXLsoLn6G0iA9NCWgaNuDjkEacyOpavNYB7Jxp0 webGZVHnazqYYERsOblhrK5WBRX/KtseFgDZu09SMjfmR4/PpfZj3bd9Q3UbWisElSB4 5zjZF0Ce43JJdccOlGD3bVQn0H0nojDTZmESBvSpEkY8wT/ZhhCOTqRlCz0WZZspFiYV FR3k/KQ4YPFFjssEgKkXIWUFX/A4QGtT9052A4m5L+ZBqvwYwx63fbCqMua+BdaSD/2C 01OPLTE+KwTlZ/95LS00U7KtrsTebM5RgrChxr8exsTR3xDmL9CdRN9WQ9V4ushKmx/K hZfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732519000; x=1733123800; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XYuybcyRVu6mBub7ZrAtEAqpcAe8vFh2gBqH/74KHps=; b=YXxtPTipjmzTClkEyj2vGT1AUwupFKIGQ37ideM8BUj2Q/KwWePRShUY8rPOrF3AC0 LaW12UnXUEUyM93tay1mbSCW8aGH5auMo3zl4/TmOof1wJ1CvJzdC8gT2TQbbZ/WrwjZ HT+2sz+dfRwac/ZB3hvjw6EQr8DEtD+a8fU1gtTx4RBH43tvwtucv6FX73HrsYsWcywd hWKkJqXwrKTVoL1GvZx7x0gYfC/mlEgrzBKycy6GidrJ4N4dWgA0BhfYKzSCzB+HZu1D zwy1WiOxpMFl4pYSmb7rv/COhhOvPs4AvN3i/f5YS2G1ctVcqz64vQjfIZV0yWfai3ce U5ZQ== X-Forwarded-Encrypted: i=1; AJvYcCVoO++HXe6C8hDNxUUnmMyKE59lDsls7XUudi4XqEArJfZ9uGynN6WNDuI0oawVL37vTxFFu5aASw==@kvack.org X-Gm-Message-State: AOJu0YzSt2t/AKJRHNi3ynTHGOBCIkaoMTXgIQHZJw6e/IsuWbxgXrZ1 Y9AkcXtoQCHTPwpXYnyLTTlgwCAcFVc89DSIHyAtHX729zhlVyb48z/P9XtLr9xtLlliHDFLx70 3WBihY89P/Xt6n6kGzwrBHpbsu1k= X-Gm-Gg: ASbGncsEMuqxCAkoZqcONRgKPFYmoJa0+p++WBAZ2oUOS+XOWZ40R975kMIo4xnqqho 36UVvLNBVmdVxVhN663hKljXuew4+9dc= X-Google-Smtp-Source: AGHT+IECbrR/RKqYx0WwIfaQHHGUdvq5OlSjBzIT0TNkfAtflV0NfSZOd3+sqqnNwpMJFYBLFkkQcPY29swY2uHXOfY= X-Received: by 2002:a17:907:3689:b0:a99:fcbe:c96b with SMTP id a640c23a62f3a-aa4efea7a9emr1372752466b.25.1732518999820; Sun, 24 Nov 2024 23:16:39 -0800 (PST) MIME-Version: 1.0 References: <674184c9.050a0220.1cc393.0001.GAE@google.com> In-Reply-To: <674184c9.050a0220.1cc393.0001.GAE@google.com> From: Suraj Sonawane Date: Mon, 25 Nov 2024 12:46:01 +0530 Message-ID: Subject: Re: [syzbot] [mm?] kernel BUG in const_folio_flags (2) To: syzbot Cc: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: multipart/mixed; boundary="0000000000008d94910627b783bb" X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: C108EA0005 X-Stat-Signature: u586jj1xxzcag4sbuficjxmcbcj6cs9p X-HE-Tag: 1732518998-829658 X-HE-Meta: U2FsdGVkX1+fidmxSf4Pu1fHe9bWFEICAgeCBwzuUz8UOyki2F2KYPZFYJaqZH6qAKBRUGraPie/VLWPxRwGf3t/ijchZM71TrpzEkycwQ/lLbsZlsl6ddULoylxrXvEb47uIwyBWmYAWUou/sfRFJe0eYewf7igFrKyu8bJl2Z99+LmchLEMnkL40HPgXigK5JE7YE6c2DY7jU1aUZGMB8vTIZ4gQ+UEwrkLrUQMwr4V+EtCnniKqeHjU/8LeQXfhx1QpI67zJhcCFcLMr/scQhKZv4H0jRTvNMwnnztXY1j4+yTg/lEILkNBcTLQoEglRGjXg/Vqe7N0IRvQXR9Y9vGsl+HcjeEoG39il8QzAHRoHxG2O6CJN6WMlOfwrg7FLbD8gni1XxkXjxHOJ8Kah1UKpSihBfitQREbHCXoAcuT/50U0n20zKwxLRTgTSTAblf9tsW81UMlQi5luxZ8lCHuwCo7CDv/7gOoQiuh+w3G3dPmgxn6KZB9ed7I2+o1lLIbAguHLB/Ikzd4AkKLlF2BWr3PE6eCqU0O8Fyfet58VoS2OYnt2PbXK0atraJIj7cx4sgaAhzjdqc43MSUiD+pTlP+RMJxDh5Ok2vRY1OTOOWeBQIVWzittjQJNXe+aiUTcB34wwjmvJ/XhJKDqalNmkvTxV7rbmHkgt/OdssRdMDeMHGqeeR+yAQ/kuqbZ/GUzKB7q39Oqzt0Jsq76t6Wc5sS1DbgwZGkt8SG/BPOl1Bp+Ac55bX2pk21UJH057vP3aPOErmADByVrZzX5Wy0cM5bgnXXB1/MO0bzQsROGqe4Q8eXw6knC89urxgSm+WjM9vnjfJ3Vp+K1GAW+r35/W2LP9tZZ1ZO6nHKWXRodtEz7M8Wp/WdcrzROKFYGVK1yoQmWQ5Nyx/fJqSrjjAHtdqhkOGKVyO6ixpnIP4U3JIOQ8TlqhyrinWOu+njjCsgCROm//Zy8cM8V /OD578oG Zm88McYsCUyjAdKD7q2Ko3cKN2MQ34pKObbNN4D4e5cgkHK18vywHPslV5uhP7CrWWFpUFGO2tgBoHlpPM4exoQYYg8llw1Y3o6hKyn3/n5Ig2TaMrhJ6hb9Ndp4nVs7hstl3TfMP9iKAHIdsQ9Sc/qCgSJ3VFXGel2GhCmUDKzo+zV8Y3dl1ia0FQktNigx6GseRYYw9XI+zinRlhZmnpug7K5AxFgYrIX5VKEKpFrZHDRcwE/MKwcyR2pYCRO1e/XTIQog2rAFvqZqPOQb2xXcSxsbVOEvV4Lo5C4FooEpNS/KGK1nkLJMJBR31UzHMcMvTl7fC9G3Hv+Pg9aZ5hLzAAUSEVAAuNDeyDMx/OjmwXOkYJT2o80Wu/0unwfCBp/5LO6W+JY9a8/ET/nd4TDFB3aBwdPkxHCAYMD7jH7IE/aB5fyCT6xjjtVgMnvD9s0XxIjtF1ODlb6IQpHwni6b9oluqceu81N4UYA8YTbaL14gqC0PYfgrdvmVz3UbmqJ0fgKY5YaBX2oYWvid7aZNLh9pFBtRSb8eN0/cyiJbvBMNJX64bjDT5iXwAEZP5HCsdbEgQB0rB73HoNCZU1g9RMPLHQquUT5EqSB2JlYSxrYbqFzJjDstiTAyqfCVCDx7ITUwumIQWbUNxyRU5pxNkjToH0CmNnNBHr6znqLzg98+MDrtT8rzWbEdmWf/UueL60t0shrRyovGDCIULRNyh0Rnhnpt0crQP+N9Xku7PaNo29gHQcQEHJpldvO2y1mD6DGOyUxPEframxXYsTVlQoe9Ntcp3u80OHZfs8H8VdDZl6cgYG8/pRhWgVRVO79dLBAG+hEsqaC8Hr0WHO3VTMzyeVztUbQ6FiXwKmMwTlU8Z0cwy+bwcqMUlA++uPMbU3mj/4jbR1gn4O6bzQ91WD/uj1Zd+kpT8fYsNqln+rDu4hB1LkU4cY5uZJRhwFoQh+926DWeaA3v5CwLQJpNavuLN izTa5w7y Wnf1luAEB6YMHYjlpj8uJS1zSD8QVCTS3JjtGNNXEZjpbRr6EXiQSYrMcTixrU0URcv7XahFCErqKTi0+0NHA/HOp5ZhyQLE7w638cNYIp45Q/KdIK7RTXn0HVxXGM02seXh3VC0dsLMSNevS+j26ugCHFW58vhNqVxYQZtxDmB9h28/hXVMsjKHbEn8HIEIcZkdfZIQpPJSXUrBsx5hh7iXkpHXuabmpzWwscbwRUnMy2SVk/i0Gxo80AaMF37vcgxdTqlQw1AZHc2IcRNdKtw2yR9Tn7vEwY1UaE9OX43VVpzFmWiae/qsDn5RpbQH+ghF/CaXqSUd7oyTWjwZ8fxL70CZ9JXjWBCNIO9goJ+doOKOPeNEJlyYZ1GIOPwKrd/XjbIEKHEnpz9HZxKn9mAyGBFxP3Fhb3ijP2m/iB3Y0g5OwhTVypBES0ho6nXvX/iUcU/rg/9R387U/meIaqvCqnCGRiVQ22AlpAhHAVzhcWDKVsYhVzJjtAnP8anXChgh8CMU6I86UCKUfjilbli19iY005P1SCd5yMJovVAnIb8bBb6S5FyDk7sh3l84/hRLU8P5s/WXoZM4Gczth2W12Cg09twFMcqf0mSfvBt1GAS6YBhgVIyle0qCcEX5 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: --0000000000008d94910627b783bb Content-Type: multipart/alternative; boundary="0000000000008d948f0627b783b9" --0000000000008d948f0627b783b9 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable #syz test On Sat, Nov 23, 2024 at 1:01=E2=80=AFPM syzbot < syzbot+9f9a7f73fb079b2387a6@syzkaller.appspotmail.com> wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: 9fb2cfa4635a Merge tag 'pull-ufs' of git://git.kernel.org= / > .. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=3D1004293058000= 0 > kernel config: https://syzkaller.appspot.com/x/.config?x=3Dc4515f1b6a4e5= 0b7 > dashboard link: > https://syzkaller.appspot.com/bug?extid=3D9f9a7f73fb079b2387a6 > compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for > Debian) 2.40 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=3D105ff2e8580= 000 > > Downloadable assets: > disk image: > https://storage.googleapis.com/syzbot-assets/7c0c61a15f60/disk-9fb2cfa4.r= aw.xz > vmlinux: > https://storage.googleapis.com/syzbot-assets/3363d84eeb74/vmlinux-9fb2cfa= 4.xz > kernel image: > https://storage.googleapis.com/syzbot-assets/2b1a270af550/bzImage-9fb2cfa= 4.xz > > IMPORTANT: if you fix the issue, please add the following tag to the > commit: > Reported-by: syzbot+9f9a7f73fb079b2387a6@syzkaller.appspotmail.com > > madvise_pageout_page_range mm/madvise.c:609 [inline] > madvise_pageout+0x326/0x820 mm/madvise.c:636 > madvise_vma_behavior+0x58c/0x19e0 mm/madvise.c:1045 > madvise_walk_vmas+0x1cf/0x2c0 mm/madvise.c:1274 > do_madvise+0x29d/0x700 mm/madvise.c:1461 > __do_sys_madvise mm/madvise.c:1477 [inline] > __se_sys_madvise mm/madvise.c:1475 [inline] > __x64_sys_madvise+0xa9/0x110 mm/madvise.c:1475 > do_syscall_x64 arch/x86/entry/common.c:52 [inline] > do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 > ------------[ cut here ]------------ > kernel BUG at include/linux/page-flags.h:309! > Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI > CPU: 0 UID: 0 PID: 7269 Comm: syz.1.183 Not tainted > 6.12.0-syzkaller-00233-g9fb2cfa4635a #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS > Google 10/30/2024 > RIP: 0010:const_folio_flags.constprop.0+0x12e/0x150 > include/linux/page-flags.h:309 > Code: 86 cb ff e8 f4 86 cb ff 48 8d 45 ff 48 39 c3 0f 84 38 ff ff ff e8 e= 2 > 86 cb ff 48 c7 c6 00 19 58 8b 48 89 df e8 e3 4b 11 00 90 <0f> 0b e8 6b 0d > 2d 00 e9 f1 fe ff ff e8 61 0d 2d 00 eb a3 48 89 df > RSP: 0018:ffffc9000c55ee30 EFLAGS: 00010293 > RAX: 0000000000000000 RBX: ffffea0000496f80 RCX: ffffc9000c55ecd8 > RDX: ffff88805f401e00 RSI: ffffffff81c1362d RDI: ffff88805f402244 > RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff203a591 > R10: ffffffff901d2c8f R11: 0000000000000001 R12: 00000000000014df > R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920018abdf4 > FS: 00007f08b31bc6c0(0000) GS:ffff8880b8600000(0000) > knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 000000c0025ff000 CR3: 00000000341ce000 CR4: 00000000003526f0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > Call Trace: > > folio_test_locked include/linux/page-flags.h:509 [inline] > next_uptodate_folio+0xac/0x4b0 mm/filemap.c:3505 > filemap_map_pages+0x1c6/0x16a0 mm/filemap.c:3647 > do_fault_around mm/memory.c:5255 [inline] > do_read_fault mm/memory.c:5288 [inline] > do_fault mm/memory.c:5431 [inline] > do_pte_missing+0xdae/0x3e70 mm/memory.c:3965 > handle_pte_fault mm/memory.c:5766 [inline] > __handle_mm_fault+0x100a/0x2a10 mm/memory.c:5909 > handle_mm_fault+0x3fa/0xaa0 mm/memory.c:6077 > faultin_page mm/gup.c:1187 [inline] > __get_user_pages+0x8d9/0x3b50 mm/gup.c:1485 > __get_user_pages_locked mm/gup.c:1751 [inline] > get_dump_page+0xfb/0x220 mm/gup.c:2269 > dump_user_range+0x135/0x8c0 fs/coredump.c:943 > elf_core_dump+0x2766/0x3840 fs/binfmt_elf.c:2121 > do_coredump+0x2c42/0x4160 fs/coredump.c:758 > get_signal+0x237c/0x26d0 kernel/signal.c:2903 > arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337 > exit_to_user_mode_loop kernel/entry/common.c:111 [inline] > exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] > irqentry_exit_to_user_mode+0x13f/0x280 kernel/entry/common.c:231 > asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 > RIP: 0033:0x1000 > Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0= 0 > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > RSP: 002b:000000000000010c EFLAGS: 00010246 > RAX: 0000000000000000 RBX: 00007f08b41363b8 RCX: 00007f08b3f7e759 > RDX: ffffffffff600000 RSI: 0000000000000104 RDI: 8000000000000000 > RBP: 00007f08b3ff175e R08: 0000000100000000 R09: 0000000000000000 > R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 > R13: 0000000000000000 R14: 00007f08b41363b8 R15: 00007fff7656a008 > > Modules linked in: > ---[ end trace 0000000000000000 ]--- > RIP: 0010:const_folio_flags.constprop.0+0x12e/0x150 > include/linux/page-flags.h:309 > Code: 86 cb ff e8 f4 86 cb ff 48 8d 45 ff 48 39 c3 0f 84 38 ff ff ff e8 e= 2 > 86 cb ff 48 c7 c6 00 19 58 8b 48 89 df e8 e3 4b 11 00 90 <0f> 0b e8 6b 0d > 2d 00 e9 f1 fe ff ff e8 61 0d 2d 00 eb a3 48 89 df > RSP: 0018:ffffc9000c55ee30 EFLAGS: 00010293 > RAX: 0000000000000000 RBX: ffffea0000496f80 RCX: ffffc9000c55ecd8 > RDX: ffff88805f401e00 RSI: ffffffff81c1362d RDI: ffff88805f402244 > RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff203a591 > R10: ffffffff901d2c8f R11: 0000000000000001 R12: 00000000000014df > R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920018abdf4 > FS: 00007f08b31bc6c0(0000) GS:ffff8880b8700000(0000) > knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007fff76568ff8 CR3: 00000000341ce000 CR4: 00000000003526f0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > > > --- > This report is generated by a bot. It may contain errors. > See https://goo.gl/tpsmEJ for more information about syzbot. > syzbot engineers can be reached at syzkaller@googlegroups.com. > > syzbot will keep track of this issue. See: > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > > If the report is already addressed, let syzbot know by replying with: > #syz fix: exact-commit-title > > If you want syzbot to run the reproducer, reply with: > #syz test: git://repo/address.git branch-or-commit-hash > If you attach or paste a git patch, syzbot will apply it before testing. > > If you want to overwrite report's subsystems, reply with: > #syz set subsystems: new-subsystem > (See the list of subsystem names on the web dashboard) > > If the report is a duplicate of another one, reply with: > #syz dup: exact-subject-of-another-report > > If you want to undo deduplication, reply with: > #syz undup > > -- > You received this message because you are subscribed to the Google Groups > "syzkaller-bugs" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to syzkaller-bugs+unsubscribe@googlegroups.com. > To view this discussion visit > https://groups.google.com/d/msgid/syzkaller-bugs/674184c9.050a0220.1cc393= .0001.GAE%40google.com > . > --0000000000008d948f0627b783b9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
#syz test

On Sat, Nov 23, 2024 at 1:01=E2=80=AFPM syzbo= t <syzbot+9f9a7f73fb079b2387a6@syzkaller.appspotmail.com> wrote:<= br>
Hello,

syzbot found the following issue on:

HEAD commit:=C2=A0 =C2=A0 9fb2cfa4635a Merge tag 'pull-ufs' of git:= //g= it.kernel.org/..
git tree:=C2=A0 =C2=A0 =C2=A0 =C2=A0upstream
console output: https://syzkaller.appspot.= com/x/log.txt?x=3D10042930580000
kernel config:=C2=A0 https://syzkaller= .appspot.com/x/.config?x=3Dc4515f1b6a4e50b7
dashboard link: https://syzkaller.apps= pot.com/bug?extid=3D9f9a7f73fb079b2387a6
compiler:=C2=A0 =C2=A0 =C2=A0 =C2=A0gcc (Debian 12.2.0-14) 12.2.0, GNU ld (= GNU Binutils for Debian) 2.40
syz repro:=C2=A0 =C2=A0 =C2=A0 https://s= yzkaller.appspot.com/x/repro.syz?x=3D105ff2e8580000

Downloadable assets:
disk image: https://st= orage.googleapis.com/syzbot-assets/7c0c61a15f60/disk-9fb2cfa4.raw.xz vmlinux: https://storag= e.googleapis.com/syzbot-assets/3363d84eeb74/vmlinux-9fb2cfa4.xz
kernel image: https://s= torage.googleapis.com/syzbot-assets/2b1a270af550/bzImage-9fb2cfa4.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit= :
Reported-by: syzbot+9f9a7f73fb079b2387a6@syzkaller.appspo= tmail.com

=C2=A0madvise_pageout_page_range mm/madvise.c:609 [inline]
=C2=A0madvise_pageout+0x326/0x820 mm/madvise.c:636
=C2=A0madvise_vma_behavior+0x58c/0x19e0 mm/madvise.c:1045
=C2=A0madvise_walk_vmas+0x1cf/0x2c0 mm/madvise.c:1274
=C2=A0do_madvise+0x29d/0x700 mm/madvise.c:1461
=C2=A0__do_sys_madvise mm/madvise.c:1477 [inline]
=C2=A0__se_sys_madvise mm/madvise.c:1475 [inline]
=C2=A0__x64_sys_madvise+0xa9/0x110 mm/madvise.c:1475
=C2=A0do_syscall_x64 arch/x86/entry/common.c:52 [inline]
=C2=A0do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
------------[ cut here ]------------
kernel BUG at include/linux/page-flags.h:309!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 7269 Comm: syz.1.183 Not tainted 6.12.0-syzkaller-00233-= g9fb2cfa4635a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Goo= gle 10/30/2024
RIP: 0010:const_folio_flags.constprop.0+0x12e/0x150 include/linux/page-flag= s.h:309
Code: 86 cb ff e8 f4 86 cb ff 48 8d 45 ff 48 39 c3 0f 84 38 ff ff ff e8 e2 = 86 cb ff 48 c7 c6 00 19 58 8b 48 89 df e8 e3 4b 11 00 90 <0f> 0b e8 6= b 0d 2d 00 e9 f1 fe ff ff e8 61 0d 2d 00 eb a3 48 89 df
RSP: 0018:ffffc9000c55ee30 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffffea0000496f80 RCX: ffffc9000c55ecd8
RDX: ffff88805f401e00 RSI: ffffffff81c1362d RDI: ffff88805f402244
RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff203a591
R10: ffffffff901d2c8f R11: 0000000000000001 R12: 00000000000014df
R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920018abdf4
FS:=C2=A0 00007f08b31bc6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000= 000000
CS:=C2=A0 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c0025ff000 CR3: 00000000341ce000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
=C2=A0<TASK>
=C2=A0folio_test_locked include/linux/page-flags.h:509 [inline]
=C2=A0next_uptodate_folio+0xac/0x4b0 mm/filemap.c:3505
=C2=A0filemap_map_pages+0x1c6/0x16a0 mm/filemap.c:3647
=C2=A0do_fault_around mm/memory.c:5255 [inline]
=C2=A0do_read_fault mm/memory.c:5288 [inline]
=C2=A0do_fault mm/memory.c:5431 [inline]
=C2=A0do_pte_missing+0xdae/0x3e70 mm/memory.c:3965
=C2=A0handle_pte_fault mm/memory.c:5766 [inline]
=C2=A0__handle_mm_fault+0x100a/0x2a10 mm/memory.c:5909
=C2=A0handle_mm_fault+0x3fa/0xaa0 mm/memory.c:6077
=C2=A0faultin_page mm/gup.c:1187 [inline]
=C2=A0__get_user_pages+0x8d9/0x3b50 mm/gup.c:1485
=C2=A0__get_user_pages_locked mm/gup.c:1751 [inline]
=C2=A0get_dump_page+0xfb/0x220 mm/gup.c:2269
=C2=A0dump_user_range+0x135/0x8c0 fs/coredump.c:943
=C2=A0elf_core_dump+0x2766/0x3840 fs/binfmt_elf.c:2121
=C2=A0do_coredump+0x2c42/0x4160 fs/coredump.c:758
=C2=A0get_signal+0x237c/0x26d0 kernel/signal.c:2903
=C2=A0arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337
=C2=A0exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
=C2=A0exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] =C2=A0irqentry_exit_to_user_mode+0x13f/0x280 kernel/entry/common.c:231
=C2=A0asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0033:0x1000
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 0= 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
RSP: 002b:000000000000010c EFLAGS: 00010246
RAX: 0000000000000000 RBX: 00007f08b41363b8 RCX: 00007f08b3f7e759
RDX: ffffffffff600000 RSI: 0000000000000104 RDI: 8000000000000000
RBP: 00007f08b3ff175e R08: 0000000100000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f08b41363b8 R15: 00007fff7656a008
=C2=A0</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:const_folio_flags.constprop.0+0x12e/0x150 include/linux/page-flag= s.h:309
Code: 86 cb ff e8 f4 86 cb ff 48 8d 45 ff 48 39 c3 0f 84 38 ff ff ff e8 e2 = 86 cb ff 48 c7 c6 00 19 58 8b 48 89 df e8 e3 4b 11 00 90 <0f> 0b e8 6= b 0d 2d 00 e9 f1 fe ff ff e8 61 0d 2d 00 eb a3 48 89 df
RSP: 0018:ffffc9000c55ee30 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffffea0000496f80 RCX: ffffc9000c55ecd8
RDX: ffff88805f401e00 RSI: ffffffff81c1362d RDI: ffff88805f402244
RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff203a591
R10: ffffffff901d2c8f R11: 0000000000000001 R12: 00000000000014df
R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920018abdf4
FS:=C2=A0 00007f08b31bc6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000= 000000
CS:=C2=A0 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff76568ff8 CR3: 00000000341ce000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400


---
This report is generated by a bot. It may contain errors.
See = https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

--
You received this message because you are subscribed to the Google Groups &= quot;syzkaller-bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to syzkaller-bugs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/syzkaller-bugs/6= 74184c9.050a0220.1cc393.0001.GAE%40google.com.
--0000000000008d948f0627b783b9-- --0000000000008d94910627b783bb Content-Type: text/x-patch; charset="US-ASCII"; name="0001-fix-kernel-BUG-in-const_folio_flags-2.patch" Content-Disposition: attachment; filename="0001-fix-kernel-BUG-in-const_folio_flags-2.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_m3wp1yv20 RnJvbSAyNmI4OTJkMTE2ZmFiZDAzOTVkZTRkY2RkYmViMmRmZGJkNGE3NDI2IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBTdXJhaiBTb25hd2FuZSA8c3VyYWpzb25hd2FuZTAyMTVAZ21h aWwuY29tPgpEYXRlOiBNb24sIDI1IE5vdiAyMDI0IDEyOjIyOjEyICswNTMwClN1YmplY3Q6IFtQ QVRDSF0gZml4IGtlcm5lbCBCVUcgaW4gY29uc3RfZm9saW9fZmxhZ3MgKDIpCgpzeXogdGVzdAoK U2lnbmVkLW9mZi1ieTogU3VyYWogU29uYXdhbmUgPHN1cmFqc29uYXdhbmUwMjE1QGdtYWlsLmNv bT4KLS0tCiBpbmNsdWRlL2xpbnV4L3BhZ2UtZmxhZ3MuaCB8IDYgKysrKysrCiAxIGZpbGUgY2hh bmdlZCwgNiBpbnNlcnRpb25zKCspCgpkaWZmIC0tZ2l0IGEvaW5jbHVkZS9saW51eC9wYWdlLWZs YWdzLmggYi9pbmNsdWRlL2xpbnV4L3BhZ2UtZmxhZ3MuaAppbmRleCA5MDhlZTBhYWQuLmFiNTYy ZmY0NSAxMDA2NDQKLS0tIGEvaW5jbHVkZS9saW51eC9wYWdlLWZsYWdzLmgKKysrIGIvaW5jbHVk ZS9saW51eC9wYWdlLWZsYWdzLmgKQEAgLTMwNiw2ICszMDYsMTIgQEAgc3RhdGljIGNvbnN0IHVu c2lnbmVkIGxvbmcgKmNvbnN0X2ZvbGlvX2ZsYWdzKGNvbnN0IHN0cnVjdCBmb2xpbyAqZm9saW8s CiB7CiAJY29uc3Qgc3RydWN0IHBhZ2UgKnBhZ2UgPSAmZm9saW8tPnBhZ2U7CiAKKwlsb25nIG5y X3BhZ2VzID0gZm9saW9fbnJfcGFnZXMoZm9saW8pOworCWlmIChuID49IG5yX3BhZ2VzKSB7CisJ CXByX2VycigiSW52YWxpZCBmb2xpbyBpbmRleDogbj0ldSwgZm9saW9fbnJfcGFnZXM9JXVcbiIs IG4sIGZvbGlvX25yX3BhZ2VzKGZvbGlvKSk7CisJCXJldHVybiAtRUlOVkFMOworCX0KKwogCVZN X0JVR19PTl9QR0ZMQUdTKFBhZ2VUYWlsKHBhZ2UpLCBwYWdlKTsKIAlWTV9CVUdfT05fUEdGTEFH UyhuID4gMCAmJiAhdGVzdF9iaXQoUEdfaGVhZCwgJnBhZ2UtPmZsYWdzKSwgcGFnZSk7CiAJcmV0 dXJuICZwYWdlW25dLmZsYWdzOwotLSAKMi4zNC4xCgo= --0000000000008d94910627b783bb--