From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D618C47077 for ; Thu, 11 Jan 2024 20:20:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EDF766B009F; Thu, 11 Jan 2024 15:20:37 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E8ECD6B00A2; Thu, 11 Jan 2024 15:20:37 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D2FB66B00A3; Thu, 11 Jan 2024 15:20:37 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id C17E66B009F for ; Thu, 11 Jan 2024 15:20:37 -0500 (EST) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 8CC39140D0C for ; Thu, 11 Jan 2024 20:20:37 +0000 (UTC) X-FDA: 81668148114.05.BD7156A Received: from mail-yb1-f170.google.com (mail-yb1-f170.google.com [209.85.219.170]) by imf28.hostedemail.com (Postfix) with ESMTP id AF69EC0026 for ; Thu, 11 Jan 2024 20:20:34 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=tcx1uUDW; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf28.hostedemail.com: domain of surenb@google.com designates 209.85.219.170 as permitted sender) smtp.mailfrom=surenb@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1705004434; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7xPybHcp93lzwM1bLAUfynUVuWNEPwDOj9925UdBh2g=; b=d/s5U+MuyeT/mt8vNpLpsfg2Y343/QfoBEMv8aTY1HiljVyr27eqr3keS6UlV+J5LA/PLN o7K8IfjJjKistY+P45STqEdP74Gsr2z/Cb2+W3zKqY3Het+QUkPLZAQFOdVta/4bWcnewL /Q/Op6E7JwCuWFSLjYyACCjerwAp8fs= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=tcx1uUDW; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf28.hostedemail.com: domain of surenb@google.com designates 209.85.219.170 as permitted sender) smtp.mailfrom=surenb@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1705004434; a=rsa-sha256; cv=none; b=QH+SVszlsB1dUbPf7nUY9BaVr5rwtSsVr3trA5mMW7nMw8nRm8x8nUBsHxxJcCvNXYMUQ7 Iw+Jtep3J6vyaFZKM49al+nPGrt7cNdguHf4VswpIbJXeTgUT8HQWtMENhEz8XwB53ott4 Ts6KrZI0mNtPMWkC/NLldnJPS/e0SAk= Received: by mail-yb1-f170.google.com with SMTP id 3f1490d57ef6-dbdbfaab70eso4958260276.3 for ; Thu, 11 Jan 2024 12:20:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1705004434; x=1705609234; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7xPybHcp93lzwM1bLAUfynUVuWNEPwDOj9925UdBh2g=; b=tcx1uUDWZZmti57blRjFFvf1DI4wEGl29w4AZ0RX8RIMMOKG+hh7rkx68mouVPWYKm Nl9O4W5MIP5dBwtAKZTFa/qw1yvtuizPtekda0pqr3joUgoVek//qcltgkW/8thSC2bL dEn50PGOHD/STM+Zos+5mGLK84qy4i1JIqASSPvL+ANENcyVnTVPOX9gj+YxdmXjLVBQ LsddOLr2ifZwrsdee7PiJM5A+Og6f2NTGyy4+we7RjrRz8eTnXyodB4ExtOXJahUVuW2 0boMO4EKlOCuQkQc79ovFlgDFph6XDdI3wFvyc14EUt8kd77yRwcKNUOQ2d0I/MZJXUV 9Y0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705004434; x=1705609234; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7xPybHcp93lzwM1bLAUfynUVuWNEPwDOj9925UdBh2g=; b=cNsIP/NAVOWpV+lpogYIgvYX7L94r8NYBhMqFwPLfmox5RN/dNmOABKODqJ7+v6mMk fYm1Iuta6r1jFsDhCJzURjYTDfHpVd0ryfqht40RFSKqEz3cZWz/YOwXqTGci2LtiHG5 18KePB0iYDn3ONtbPFx0MExYJ2gV9YZZTUWQ1jGo97m6X5Vd4PRAmnzL1e67deffz0MU g63GweYYNhcskO8QHBWXvDUJ6e67b08SSnybVxhfdYlXX/486J0N2YaHBhBM+9Fpp7vZ MyWN87sRFv4EYbQ8aPGrOCvt55mhng66xKsq+OdYMUVT//Ex4Pp4xBCx4cMN5MSDZxYy GY0Q== X-Gm-Message-State: AOJu0YzZoE4cf7pjWgwUA4M1mKHuW4lJ+LP8RVZpKDpqFNJhs/6+Di+o KYm7+AFoMDBESlC09bLBXuDapyqcFLxHR7qIDeQUuWYqzHqe X-Google-Smtp-Source: AGHT+IFnf5K7jXL040LPP1QXXMkEv7U2vIEPXfF0Y7eHkd0/aPJhkMirhvKAcUmn6SzJk+VHGF8BndNyZGcLusKsAgI= X-Received: by 2002:a25:2e06:0:b0:dbd:c2bf:a622 with SMTP id u6-20020a252e06000000b00dbdc2bfa622mr194548ybu.23.1705004433532; Thu, 11 Jan 2024 12:20:33 -0800 (PST) MIME-Version: 1.0 References: <00000000000011d709060eadffd3@google.com> <5ed23cf3-eedd-44aa-a498-d2a9ab046535@redhat.com> In-Reply-To: <5ed23cf3-eedd-44aa-a498-d2a9ab046535@redhat.com> From: Suren Baghdasaryan Date: Thu, 11 Jan 2024 20:20:22 +0000 Message-ID: Subject: Re: [syzbot] [mm?] kernel BUG in move_pages To: David Hildenbrand Cc: syzbot , Peter Xu , aarcange@redhat.com, akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: AF69EC0026 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: ubzrfjdrjsbe4di7wj7manh9ic9po3nz X-HE-Tag: 1705004434-184066 X-HE-Meta: U2FsdGVkX1//dUULlaqlM021u7nvlvaDO60ZJ6Q2Z6jDWJld/xwvVVH6vHA4N/TDnoZntfClcj25RPIWSOIhHrRiLGTGiUXK04jyb0VQZX5HObYAi7bNsr0ACPFoCexqX19kR1bkhIkjuJ2177Rd9xqIfm2O4jy/aCSGRe70tD1TuL9o/8hG2c+7JJpA75fRnaVmXB4CIjcVcc+sopC1NZYU9FnT7Tui+dl4jVDiu826Djl0eu5PdubgAWyK5KDIsv1wUnvkP+kP+KIwVd87k6QFq2GoT5Fek7M4bnw0iNsoyLZvexdT+qJC1mv8677Mpz/itSYSsWyAoTbTe5zgmUO+DsTbxYdcOVUTGAANZV+Pq3+XrCx6PizxBDhdrKlOwHZPKYMTBGLhyRJBa57+RtIlL9Hn9dTbGoVPiFb1acTBlcPRinqwbeaTxgpOafkXfVPwyyZppPbgsnqjSh7eZFQ81xYGKuLCyKnPRZcDUjHXgl++F2+K9bXmHzS3KDpNDwqntPuXCbWJ83j5z009aM9SMN71JBfJziMFWP4TkVaWQkM/FFJ11UeRQDpqv4UwkGPP5b6GplmfNFCcn0CmTpgkj7w0lomytJD7SDzSxZ9yUi4fBjCNYby00fOhuvzYw9pX2GsUk7mK7CAWOgmtwAJLbSIzpeW7/kPhbaFhw4LRV34k2erMsEn+z+LhmN565RVuVgzAZq3CZNwsqRbZEXyqAQ3J3KMpYXhqD66hKcaETaZUuiFtuhMpPVKN5mSaRQ3865/io+OTxsK+bQQguQdUfoCLEtcnBcwwbhw7ELggOG0W6QV0iYJaauAJqW0o/qkJu4Hgbe87fFxnhZcDVIHz2Cb8tRIo87M4Y5LRjcjGicVuWMVC3yoJ3jZxnytuREImtyi6IvbbFBMdDhUw4s8MG5aPujKXYXCA+Jf/PuKCBBATGl6xsjxnZ8vYlhnWKaNyrhbFkCQMK+37F0f 5zMFrjD5 1L3kEuOX3sFffD3p7R8WFl1hzomtWIFhaWestevLfOPQ6Msvvpe4ax31AAyjDqJtcXw5qOn2xvi+VHAxyPtsbRdPPEH0GTFhytk6xFobqbBuiEsBvfYaDAWAXU1q2w4fzJEh712//4mlPoCLPxwzcpC8fMW/KOergOldS4JeANc3yN4nz06vPKBFsWD8nLJfFwRKhp4uKcXHs4VfxDxPEEpyfywUXkH6ttC/lkuu9Oxeg8Xs1IsbkeleE2k16PbLmyUYo/nLoKrzi1zifztBy17RU7xeIJCeXL7i1Q2Dyp+yvIqw95Tq93nePezKFvxcEBtuRiBOEasHmELMN/qyckz4QlyevqQfRa1QGr5vDOGSLNvfdUSPxJ424hz9HTcnbI3u28r7mbKuhlsj5rA0b7jLnbAH+quLGZoi4jsNmCxk0ilUdwJuXlTSGX5ftWPVA4/A/d4XWuuQyWNm3aGY5yH3dCjzEQnb7MA86mFy5pCzHPMqqrP5T+f2ykUD46wVxHOjwtpnYs3GzjEKzQWpNAOdBkN3DVciW1vyyeqLUL7WBx06A+ABp1RYWPWzV8YTQE5uvi6/3QqbjuZXt//5W2nZSWhCpeTSBZWcRvAmLMJcLLABPOUUOOmuprQjqVO4UnoiSPNqTby9L7r9GidgGOqoAvl6aGe5cCxoOs1DKvCzvXts7EBsMEnNEGKazr5XO/syOKtyiV4ErzqJ8zimS+ANki9UhA5b1YUVWZvLravddAqtoOMbK4oHIGWOXsZqxv8iNRIVymMalVp+5cjNqOkALEDnff8Q1ZjB2ux7nHduU0L3Oi4JL+pRix0LQKM9SffoZyQxCZQprdlmavTdlrgQryTtKTMOzbBJSQh8KS6/LmSYAPdCNmuK+n3aSSnHHk0plU0nG6q3a2Lo= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Jan 11, 2024 at 6:58=E2=80=AFPM David Hildenbrand wrote: > > On 11.01.24 19:34, Suren Baghdasaryan wrote: > > On Thu, Jan 11, 2024 at 8:44=E2=80=AFAM Suren Baghdasaryan wrote: > >> > >> On Thu, Jan 11, 2024 at 8:40=E2=80=AFAM Suren Baghdasaryan wrote: > >>> > >>> On Thu, Jan 11, 2024 at 8:25=E2=80=AFAM syzbot > >>> wrote: > >>>> > >>>> Hello, > >>>> > >>>> syzbot found the following issue on: > >>>> > >>>> HEAD commit: e2425464bc87 Add linux-next specific files for 20240= 105 > >>>> git tree: linux-next > >>>> console+strace: https://syzkaller.appspot.com/x/log.txt?x=3D14941cde= e80000 > >>>> kernel config: https://syzkaller.appspot.com/x/.config?x=3D4056b934= 9f3da8c9 > >>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3D705209281e= 36404998f6 > >>>> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils = for Debian) 2.40 > >>>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=3D125d0a= 09e80000 > >>>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=3D15bc7331= e80000 > >>>> > >>>> Downloadable assets: > >>>> disk image: https://storage.googleapis.com/syzbot-assets/2f738185e2c= f/disk-e2425464.raw.xz > >>>> vmlinux: https://storage.googleapis.com/syzbot-assets/b248fcf4ea46/v= mlinux-e2425464.xz > >>>> kernel image: https://storage.googleapis.com/syzbot-assets/a9945c822= 3f4/bzImage-e2425464.xz > >>>> > >>>> The issue was bisected to: > >>>> > >>>> commit adef440691bab824e39c1b17382322d195e1fab0 > >>>> Author: Andrea Arcangeli > >>>> Date: Wed Dec 6 10:36:56 2023 +0000 > >>>> > >>>> userfaultfd: UFFDIO_MOVE uABI > >>>> > >>>> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=3D11cb6= ea9e80000 > >>>> final oops: https://syzkaller.appspot.com/x/report.txt?x=3D13cb6= ea9e80000 > >>>> console output: https://syzkaller.appspot.com/x/log.txt?x=3D15cb6ea9= e80000 > >>>> > >>>> IMPORTANT: if you fix the issue, please add the following tag to the= commit: > >>>> Reported-by: syzbot+705209281e36404998f6@syzkaller.appspotmail.com > >>>> Fixes: adef440691ba ("userfaultfd: UFFDIO_MOVE uABI") > >>>> > >>>> do_one_initcall+0x128/0x680 init/main.c:1237 > >>>> do_initcall_level init/main.c:1299 [inline] > >>>> do_initcalls init/main.c:1315 [inline] > >>>> do_basic_setup init/main.c:1334 [inline] > >>>> kernel_init_freeable+0x692/0xc30 init/main.c:1552 > >>>> kernel_init+0x1c/0x2a0 init/main.c:1442 > >>>> ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 > >>>> ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242 > >>>> ------------[ cut here ]------------ > >>>> kernel BUG at include/linux/page-flags.h:1035! > >>>> invalid opcode: 0000 [#1] PREEMPT SMP KASAN > >>>> CPU: 0 PID: 5068 Comm: syz-executor191 Not tainted 6.7.0-rc8-next-20= 240105-syzkaller #0 > >>>> Hardware name: Google Google Compute Engine/Google Compute Engine, B= IOS Google 11/17/2023 > >>>> RIP: 0010:PageAnonExclusive include/linux/page-flags.h:1035 [inline] > >>> > >>> From a quick look, I think the new ioctl is being used against a > >>> file-backed page and that's why PageAnonExclusive() throws this error= . > >>> I'll confirm if this is indeed the case and will add checks for that > >>> case. Thanks! > >> > >> Hmm. Looking at the reproducer it does not look like a file-backed > >> memory... Anyways, I'm on it. > > > > Looks like the test is trying to move the huge_zero_page. Wonder how > > we should handle this. Just fail or do something else? Adding David > > and Peter for feedback. > > You'll need some special-casing to handle that. But it should be fairly > easy. Ok, so should we treat zeropage the same as PAE and map destination PTE/PMD to zeropage while clearing source PTE/PMD? > > -- > Cheers, > > David / dhildenb >