From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DC8D4CCF9E7 for ; Wed, 25 Sep 2024 16:59:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 687876B008C; Wed, 25 Sep 2024 12:59:31 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 619F56B0092; Wed, 25 Sep 2024 12:59:31 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 461E16B0095; Wed, 25 Sep 2024 12:59:31 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 275FD6B008C for ; Wed, 25 Sep 2024 12:59:31 -0400 (EDT) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id D873B1A0FBD for ; Wed, 25 Sep 2024 16:59:30 +0000 (UTC) X-FDA: 82603871700.01.9F2D697 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf24.hostedemail.com (Postfix) with ESMTP id 7A869180004 for ; Wed, 25 Sep 2024 16:59:28 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=KzfusU9m; spf=pass (imf24.hostedemail.com: domain of peterx@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=peterx@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727283448; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=UUA9LXbkN391EUYxjsESS3z+vG+hLybL/x8qsNWRo6s=; b=FYMfVkr0Rare/wqXOao9Jivk1oPKHxg8Olt6K1DdkHrE/hnq+Vae9mRopVkPk0h5HLxyNf FRD70ipShORtVV9csTCqrtRP6R7oneo+mplIZrW973Li5UZYn49mOaPxmOMta//CYvhxYY THM/GNHs2YsX9hETpbK+Y0sl/0jrKps= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727283448; a=rsa-sha256; cv=none; b=N5gQPIoNlW4MiWSw16rmC7Egk7G+QxvboWlyyw+QMH1uOufddwcQR0bXWw/pgHgO6pbiPB JadQ6rp4UQQrQ7hWubOF09EncUglJ9RXWLzT+hhxN6ekyuMlgJwxiBiScT3Lk7f5rSQQfc 67gjb1MvCasDUoZWnpykBP+yMAs54v4= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=KzfusU9m; spf=pass (imf24.hostedemail.com: domain of peterx@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=peterx@redhat.com; dmarc=pass (policy=none) header.from=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1727283567; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=UUA9LXbkN391EUYxjsESS3z+vG+hLybL/x8qsNWRo6s=; b=KzfusU9meCAxZJmfJurZyL13ZojQ2BBEpnKYF+MLaON6idqRIptEbgF9Lp2oEbZF9sped7 6lwt2ixX8JEg1DxgxhqEiOKa2XGWVC/cA/CYHiUMnwF+Dl3DmI2evYeHwjcZ8ToFIhkaDr Q4oFLxbyfvdIxss7UThdf9hafx4EZfE= Received: from mail-pf1-f200.google.com (mail-pf1-f200.google.com [209.85.210.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-302-uMwIwX7NPJS9PMhOJ6AhbQ-1; Wed, 25 Sep 2024 12:59:24 -0400 X-MC-Unique: uMwIwX7NPJS9PMhOJ6AhbQ-1 Received: by mail-pf1-f200.google.com with SMTP id d2e1a72fcca58-7174c6cbdbaso180931b3a.2 for ; Wed, 25 Sep 2024 09:59:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727283561; x=1727888361; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=UUA9LXbkN391EUYxjsESS3z+vG+hLybL/x8qsNWRo6s=; b=VMIjGnXRAsw8OE7oWf7XZGO+TAT1esqpC4n656HYluITmy5bKvG8q8JpZPJ5af2NDt YoP6RCToehVE896yimol6C+IL20pW8OUMfnep176BKGByWybBsOphEmIJ6/khyhiElK4 iYEF5jev3ENRFEn6XnedOEkbDvbSZ+wZOHLDGssef9d8lc757fq28UkjjKh7y16M7d9o Vc15TP6lsKUBZCTFAPxH+kUiJJOBZFVHvCb/XUpM+vTs43Fay0a2Rlw7Kt1Q7Eu406oC 5hCgjVIxFkQmMexWa7r+FQdfl6Ws9EZ2OdtKAYXdmMvWDJK706UNhv9BNbZg2b+zuh0Y cOow== X-Forwarded-Encrypted: i=1; AJvYcCXXysZL97PoKYFjmh4V59owf6kmLPpAFHm1ljxoGnZcltet9CNSvKv4dEJwVDnpfd7W6TY0pMv/rA==@kvack.org X-Gm-Message-State: AOJu0Yx3GbNyPRLdrXv50auGoK6FedmIRglQsiX2fQ0PhbeeSYfAbrlN 4QjLQWPb+WToxbcg9T3UliFYpGtkn2y+xCjBUjXzGIoQL1yx56MU0MHbgIy+nZIDDfgGtneKXbN lqfAVpH4v1kR3n+J5uNc4outxVm//1lnljasOFRzYwWnaV/1S X-Received: by 2002:a05:6a00:23c3:b0:719:8f48:ff00 with SMTP id d2e1a72fcca58-71b0aadee07mr4329481b3a.15.1727283560948; Wed, 25 Sep 2024 09:59:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE5v6SWA5OsXCNldz7Hi+0GCMfYUPOK1lRv7vpdkJLj4uqGyXW3gFDGEVZxA9yeYM+T6sjk3Q== X-Received: by 2002:a05:6a00:23c3:b0:719:8f48:ff00 with SMTP id d2e1a72fcca58-71b0aadee07mr4329461b3a.15.1727283560596; Wed, 25 Sep 2024 09:59:20 -0700 (PDT) Received: from x1n (pool-99-254-121-117.cpe.net.cable.rogers.com. [99.254.121.117]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-7e6b7c30827sm2922964a12.18.2024.09.25.09.59.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Sep 2024 09:59:20 -0700 (PDT) Date: Wed, 25 Sep 2024 12:59:14 -0400 From: Peter Xu To: David Hildenbrand Cc: syzbot , akpm@linux-foundation.org, bp@alien8.de, dave.hansen@linux.intel.com, hpa@zytor.com, jgg@ziepe.ca, leitao@debian.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, mingo@redhat.com, rppt@kernel.org, syzkaller-bugs@googlegroups.com, tglx@linutronix.de, x86@kernel.org Subject: Re: [syzbot] [mm?] WARNING in copy_huge_pmd Message-ID: References: <66f15c8d.050a0220.c23dd.000f.GAE@google.com> <4f96130c-12b7-4afa-ada3-bec354576112@redhat.com> MIME-Version: 1.0 In-Reply-To: <4f96130c-12b7-4afa-ada3-bec354576112@redhat.com> X-Mimecast-Spam-Score: 1 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Disposition: inline X-Stat-Signature: rsibzqg9pjj6nd3fsm6qrdcju657r6mt X-Rspamd-Queue-Id: 7A869180004 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1727283568-249120 X-HE-Meta: U2FsdGVkX1/SLRcyerS0N+juXpa5tIFh32PnzSavBtmcGQeBvXykA6YMUSGyeyVTEowXHXlRQQ/TNtjeWEHmq6guETI7oZVOFpQv32yH0/Re6nG3G/JFIqq3I+D9Bf8AAXf2zN7wcyPwSP93PU1HgVWXHr3ElAmr6AY+X/HwD06axcMMP0WKZZ6B2Rbk0tmJC8DY1BF8Hhf7eHXxGJuu89Y2Urv16V+bhhdAdgTfTsrqsMLXwebP+ofZHS0yltZ8N0NPkmwDUBquOLsY5CPjRhLNFN+akPnfUFg/O4oshumz+G0bBAFBoPiROyYTAQF73aL4JB7eSC9XiiOmK/hB4ON0F9HjqVImxQK0QuaLSCJ5LaVgFsZWSv5HGP2ikyopn1d7RMMfk1vWjzhH/Ku7phEqP6TQjxWPynSMIC3TAnSgtOmWuZwkK03wJIims98Lvm2WBwFebt30xHEwtbvvZcQg1ie0p2Hi+dQzLNmltEDjwAylaTf5A40M891uAL3UWzHcqT6kQILhXUnwnw7cqmz6n0DLA2xTaTXfyWthIRTvJy1yAjuFuPRg2t1jTMV5FbxwATW+/kARYQsXHy1ET96bVBV7OF/Nvs0C2ENOFtjvz/Z0QeF5Z+U4IvsvqeJC2j+AQ2nZXrJyqHs4NVteICpGFJN4VFjlqV4a/8XUEaU7VJUR4XytEZXbKjfneaMpyHjHaM9W6G19WjgOFDyECwJN5smvuw71U5auTto9DA11XCVGz4daWO42Bx11moL5To/2RwYOfPmxiKzOVLbsisMZNJDqVXnwNrBdxUO08FJmsgtStmkKfCKIabggxnJBD+OfJXvXOknD0vEF0FOHQUVGT5Kl4CBKfKRL8lC+xm8FmL2WrIrkfj3fVEAgJU2k8xn1ZZs/DgruIebdWpythAQ1E1TpygRkQutD/X8pH7Ae0yeHfnO2jVb1sksAQuRc6NW38SuRmb9Jj01yHwM uG9m9M1k r4KdFU3v5VNW8I2kwQMK9vysS6lAOsEbuZqpwDgzeiMuSlE0bO/y49mlz5DhIuPDcBt9+QRl7vO2ID2im0cbiFWovg7YjvtX2inbd+zoNixXHQjHFYIiCX24bzKhrIqkYT0AqwOuMdpRGvN+lUCRMXsahxG7AM/Lmij6T8/nd0lheAuhXEVEPJuqnmt07hfh1ANp4TFtVDP87wn1W0A6WYc4FlJQD/NbcnJyeqiVDTbKrIe8yuQCefZMrT4AlfChNvzIntzOTgjL5JLe7Xkz1ViRKax4zvaS5oMuIAp56RKoLzApe2qmjJd6AFXykhp9mZGpRHLmNk5ncKY2Nvxv9dTnhAzbnnOTnoZDA0o8qSd2qrkDxLWfhXSdTzOzUPLzCceCUxXlAGDyWJBKeyis7bpKTiYQWkDlFFQlPNCsC6+Mg3uW7+V5SqvPFX2YH2vJOVZgxEcCwHqeqMhlWr8nbRh7RfKqZF7RlaSZWAk0sRFeRmpP3PWJD+drwugaJhad6MHCNUCX4A7IVqn3GehgpyzUAjqtlT6I1gGy+7XR38/VjNwo2FFtTJGTGB1y8Ks0lchqDZYz8SttO8rJdeP2R6WVynaG9Sa7aYUwlzUAmGjuVTsy6CyVb3vP/1hL1/H+im49nhqC+Vyw90KyQaQMn1P4+K1suiKdefblEGUq4iRUuJ6eZ0DRBzuEfBZJLBBgKrw/lh/T8oRkyYL9IprtSMKrn4HJ+tpeC7dcL92Mo62w0+z3AXgY4IxAfC6BBVMvkKUnFvI2bUEb3nf167z/CRWwgYot889aHInP9Wkarti9AODu3Lps8Oz3xh3geEmQlLxt69W/JlEggfBbF/6zznMrGV4P3vZMUGOZBQfuDNH3XMw13woJkEdG6o4ERlbxkxk3C3wz1hNtW1etYSwXd5xL8ckulAaCwg5P6L/d+qG+v5VAR98UNJGVBE/KQDrbRVCPCNdx6z+TfUw+NnU8BpwLo9nM2 mAAVnBIT rBbHPOvfCgiMJPgumYb6FoAldgMFbtQcNFnqGZ5LA2yR28QdbFXv6imuoMC1rt6InZLpfwPID3Y= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Sep 24, 2024 at 04:45:00PM +0200, David Hildenbrand wrote: > On 23.09.24 14:18, syzbot wrote: > > Hello, > > > > syzbot found the following issue on: > > > > HEAD commit: 88264981f208 Merge tag 'sched_ext-for-6.12' of git://git.k.. > > git tree: upstream > > console+strace: https://syzkaller.appspot.com/x/log.txt?x=16c36c27980000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=e851828834875d6f > > dashboard link: https://syzkaller.appspot.com/bug?extid=bf2c35fa302ebe3c7471 > > compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12773080580000 > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16ed5e9f980000 > > > > Downloadable assets: > > disk image: https://storage.googleapis.com/syzbot-assets/0e011ac37c93/disk-88264981.raw.xz > > vmlinux: https://storage.googleapis.com/syzbot-assets/f5c65577e19e/vmlinux-88264981.xz > > kernel image: https://storage.googleapis.com/syzbot-assets/984d963c8ea1/bzImage-88264981.xz > > > > The issue was bisected to: > > > > commit 75182022a0439788415b2dd1db3086e07aa506f7 > > Author: Peter Xu > > Date: Mon Aug 26 20:43:51 2024 +0000 > > > > mm/x86: support large pfn mappings > > > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=17df9c27980000 > > final oops: https://syzkaller.appspot.com/x/report.txt?x=143f9c27980000 > > console output: https://syzkaller.appspot.com/x/log.txt?x=103f9c27980000 > > > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > > Reported-by: syzbot+bf2c35fa302ebe3c7471@syzkaller.appspotmail.com > > Fixes: 75182022a043 ("mm/x86: support large pfn mappings") > > > > ------------[ cut here ]------------ > > WARNING: CPU: 1 PID: 5508 at mm/huge_memory.c:1602 copy_huge_pmd+0x102c/0x1c60 mm/huge_memory.c:1602 > > This is the > > VM_WARN_ON_ONCE(is_cow_mapping(src_vma->vm_flags) && pmd_write(pmd)) > > So we have a special-marked PMD in a COW mapping. > > The reproducer seems to involve fuse, but not sure if that makes a > difference here. That chunk of code seems to be there only making sure the test won't get blocked due to any fused based fs being stuck, via writting to the "abort" file: snprintf(abort, sizeof(abort), "/sys/fs/fuse/connections/%s/abort", ent->d_name); int fd = open(abort, O_WRONLY); if (fd == -1) { continue; } if (write(fd, abort, 1) < 0) { } close(fd); So far looks not relevant to this issue indeed. Unfortunately I cannot reproduce it even with the reproducer. So this one is a bit tricky.. What confuses me yet is how that special bit is set, if it's only used so far with vfio-pci, and this test doesn't seem to have it involved. The test keeps invoking processes, then threads, doing concurrent accesses over a few stuff (madvise, mremap, migrate_pages, munmap, etc.) on the pre-mapped areas, but none of them seem to create new memory that can provide hint on how special bit can start to occur. I wonder if some of these operations can race in a way that mm can wrongly create the special bit (alone with it being writable).. and then it could be a historical bug, only captured by this patchset due to the newly added WARN_ON_ONCE somehow, then it could mean that it's not the WRITE bit that is not intended, but the SPECIAL bit altogether. Thanks, -- Peter Xu