All of lore.kernel.org
 help / color / mirror / Atom feed
* [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
@ 2024-06-04  2:23 syzbot
  2024-06-04 13:41 ` Liam R. Howlett
                   ` (3 more replies)
  0 siblings, 4 replies; 7+ messages in thread
From: syzbot @ 2024-06-04  2:23 UTC (permalink / raw)
  To: Liam.Howlett, akpm, linux-kernel, linux-mm, maple-tree, syzkaller-bugs

Hello,

syzbot found the following issue on:

HEAD commit:    4a4be1ad3a6e Revert "vfs: Delete the associated dentry whe..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=128638ba980000
kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106f71aa980000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16b4ffc6980000

Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-4a4be1ad.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/75957361122b/vmlinux-4a4be1ad.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6c766b0ec377/Image-4a4be1ad.gz.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com

Unable to handle kernel paging request at virtual address 00700000077b9b78
Mem abort info:
  ESR = 0x0000000096000004
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x04: level 0 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[00700000077b9b78] address between user and kernel address ranges
Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 3186 Comm: syz-executor162 Not tainted 6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
Hardware name: linux,dummy-virt (DT)
pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : ma_data_end lib/maple_tree.c:1419 [inline]
pc : mtree_range_walk lib/maple_tree.c:2771 [inline]
pc : mas_state_walk lib/maple_tree.c:3678 [inline]
pc : mas_walk+0x194/0x328 lib/maple_tree.c:4909
lr : lock_vma_under_rcu+0x58/0x134 mm/memory.c:5840
sp : ffff800088cabd50
x29: ffff800088cabd50 x28: f2f0000005e50000 x27: 0000000000000000
x26: 0000000000000004 x25: f7f0000005c03900 x24: 0000000082000007
x23: 0000ffff82687800 x22: 0000000000000354 x21: 0000ffff82687800
x20: 0000ffff82687800 x19: ffff800088cabeb0 x18: ff7ffffffffffbff
x17: 0000aaaadab2dc00 x16: 1e4e000000ef7371 x15: 0000000000000001
x14: ffffffffffffffff x13: 0000000000000000 x12: ffff800081e3d1e8
x11: 0000000000000001 x10: f2700000077b9b8c x9 : f2700000077b9b00
x8 : 0000ffff82687800 x7 : 0000000000000001 x6 : 000000000000000e
x5 : 0000000000000001 x4 : ffff800088cabd78 x3 : 0000aaaadab2dc00
x2 : 000000000000000e x1 : 000000000000000f x0 : f2700000077b9b08
Call trace:
 ma_data_end lib/maple_tree.c:1418 [inline]
 mtree_range_walk lib/maple_tree.c:2771 [inline]
 mas_state_walk lib/maple_tree.c:3678 [inline]
 mas_walk+0x194/0x328 lib/maple_tree.c:4909
 do_page_fault+0xd4/0x480 arch/arm64/mm/fault.c:567
 do_translation_fault+0xac/0xbc arch/arm64/mm/fault.c:690
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:826
 el0_ia+0xa4/0x118 arch/arm64/kernel/entry-common.c:598
 el0t_64_sync_handler+0xd0/0x12c arch/arm64/kernel/entry-common.c:736
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598
Code: 91002120 51000426 92401cc2 12001cc6 (f8627802) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	91002120 	add	x0, x9, #0x8
   4:	51000426 	sub	w6, w1, #0x1
   8:	92401cc2 	and	x2, x6, #0xff
   c:	12001cc6 	and	w6, w6, #0xff
* 10:	f8627802 	ldr	x2, [x0, x2, lsl #3] <-- trapping instruction


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
  2024-06-04  2:23 [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk syzbot
@ 2024-06-04 13:41 ` Liam R. Howlett
  2024-06-04 15:06 ` [syzbot] " syzbot
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 7+ messages in thread
From: Liam R. Howlett @ 2024-06-04 13:41 UTC (permalink / raw)
  To: syzbot; +Cc: akpm, linux-kernel, linux-mm, maple-tree, syzkaller-bugs

* syzbot <syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com> [240603 22:23]:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    4a4be1ad3a6e Revert "vfs: Delete the associated dentry whe..
> git tree:       upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=128638ba980000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
> dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
> compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> userspace arch: arm64
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106f71aa980000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16b4ffc6980000
> 
> Downloadable assets:
> disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-4a4be1ad.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/75957361122b/vmlinux-4a4be1ad.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/6c766b0ec377/Image-4a4be1ad.gz.xz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com
> 
> Unable to handle kernel paging request at virtual address 00700000077b9b78

Never a good thing.

I'm looking into this but it's not easily recreated because I keep
hitting another but with the reproducer [1].  I tried the HEAD commit
and the more recent v6.10-rc2.

I have a decent idea of what is going on here, but need to prove the
fix.

[1] https://syzkaller.appspot.com/bug?extid=7eaa0d7b9fccf21052f1

Thanks,
Liam

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [syzbot] Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
  2024-06-04  2:23 [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk syzbot
  2024-06-04 13:41 ` Liam R. Howlett
@ 2024-06-04 15:06 ` syzbot
  2024-06-04 16:42 ` Liam R. Howlett
  2024-06-04 18:08 ` Liam R. Howlett
  3 siblings, 0 replies; 7+ messages in thread
From: syzbot @ 2024-06-04 15:06 UTC (permalink / raw)
  To: linux-kernel, syzkaller-bugs

For archival purposes, forwarding an incoming command email to
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com.

***

Subject: Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
Author: liam.howlett@oracle.com

* syzbot <syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com> [240603 22:23]:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    4a4be1ad3a6e Revert "vfs: Delete the associated dentry whe..
> git tree:       upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=128638ba980000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
> dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
> compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> userspace arch: arm64
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106f71aa980000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16b4ffc6980000
> 
> Downloadable assets:
> disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-4a4be1ad.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/75957361122b/vmlinux-4a4be1ad.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/6c766b0ec377/Image-4a4be1ad.gz.xz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com
> 
> Unable to handle kernel paging request at virtual address 00700000077b9b78

#syz test: git://git.infradead.org/users/jedix/linux-maple.git syz_20240603

> Mem abort info:
>   ESR = 0x0000000096000004
>   EC = 0x25: DABT (current EL), IL = 32 bits
>   SET = 0, FnV = 0
>   EA = 0, S1PTW = 0
>   FSC = 0x04: level 0 translation fault
> Data abort info:
>   ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
>   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
>   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
> [00700000077b9b78] address between user and kernel address ranges
> Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
> Modules linked in:
> CPU: 1 PID: 3186 Comm: syz-executor162 Not tainted 6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
> Hardware name: linux,dummy-virt (DT)
> pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
> pc : ma_data_end lib/maple_tree.c:1419 [inline]
> pc : mtree_range_walk lib/maple_tree.c:2771 [inline]
> pc : mas_state_walk lib/maple_tree.c:3678 [inline]
> pc : mas_walk+0x194/0x328 lib/maple_tree.c:4909
> lr : lock_vma_under_rcu+0x58/0x134 mm/memory.c:5840
> sp : ffff800088cabd50
> x29: ffff800088cabd50 x28: f2f0000005e50000 x27: 0000000000000000
> x26: 0000000000000004 x25: f7f0000005c03900 x24: 0000000082000007
> x23: 0000ffff82687800 x22: 0000000000000354 x21: 0000ffff82687800
> x20: 0000ffff82687800 x19: ffff800088cabeb0 x18: ff7ffffffffffbff
> x17: 0000aaaadab2dc00 x16: 1e4e000000ef7371 x15: 0000000000000001
> x14: ffffffffffffffff x13: 0000000000000000 x12: ffff800081e3d1e8
> x11: 0000000000000001 x10: f2700000077b9b8c x9 : f2700000077b9b00
> x8 : 0000ffff82687800 x7 : 0000000000000001 x6 : 000000000000000e
> x5 : 0000000000000001 x4 : ffff800088cabd78 x3 : 0000aaaadab2dc00
> x2 : 000000000000000e x1 : 000000000000000f x0 : f2700000077b9b08
> Call trace:
>  ma_data_end lib/maple_tree.c:1418 [inline]
>  mtree_range_walk lib/maple_tree.c:2771 [inline]
>  mas_state_walk lib/maple_tree.c:3678 [inline]
>  mas_walk+0x194/0x328 lib/maple_tree.c:4909
>  do_page_fault+0xd4/0x480 arch/arm64/mm/fault.c:567
>  do_translation_fault+0xac/0xbc arch/arm64/mm/fault.c:690
>  do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:826
>  el0_ia+0xa4/0x118 arch/arm64/kernel/entry-common.c:598
>  el0t_64_sync_handler+0xd0/0x12c arch/arm64/kernel/entry-common.c:736
>  el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598
> Code: 91002120 51000426 92401cc2 12001cc6 (f8627802) 
> ---[ end trace 0000000000000000 ]---
> ----------------
> Code disassembly (best guess):
>    0:	91002120 	add	x0, x9, #0x8
>    4:	51000426 	sub	w6, w1, #0x1
>    8:	92401cc2 	and	x2, x6, #0xff
>    c:	12001cc6 	and	w6, w6, #0xff
> * 10:	f8627802 	ldr	x2, [x0, x2, lsl #3] <-- trapping instruction
> 
> 
> ---
> This report is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
> 
> syzbot will keep track of this issue. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> 
> If the report is already addressed, let syzbot know by replying with:
> #syz fix: exact-commit-title
> 
> If you want syzbot to run the reproducer, reply with:
> #syz test: git://repo/address.git branch-or-commit-hash
> If you attach or paste a git patch, syzbot will apply it before testing.
> 
> If you want to overwrite report's subsystems, reply with:
> #syz set subsystems: new-subsystem
> (See the list of subsystem names on the web dashboard)
> 
> If the report is a duplicate of another one, reply with:
> #syz dup: exact-subject-of-another-report
> 
> If you want to undo deduplication, reply with:
> #syz undup

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
  2024-06-04  2:23 [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk syzbot
  2024-06-04 13:41 ` Liam R. Howlett
  2024-06-04 15:06 ` [syzbot] " syzbot
@ 2024-06-04 16:42 ` Liam R. Howlett
  2024-06-04 18:08 ` Liam R. Howlett
  3 siblings, 0 replies; 7+ messages in thread
From: Liam R. Howlett @ 2024-06-04 16:42 UTC (permalink / raw)
  To: syzbot; +Cc: akpm, linux-kernel, linux-mm, maple-tree, syzkaller-bugs

* syzbot <syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com> [240603 22:23]:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    4a4be1ad3a6e Revert "vfs: Delete the associated dentry whe..
> git tree:       upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=128638ba980000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
> dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
> compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> userspace arch: arm64
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106f71aa980000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16b4ffc6980000
> 
> Downloadable assets:
> disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-4a4be1ad.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/75957361122b/vmlinux-4a4be1ad.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/6c766b0ec377/Image-4a4be1ad.gz.xz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com
> 
> Unable to handle kernel paging request at virtual address 00700000077b9b78

#sys test git://git.infradead.org/users/jedix/linux-maple.git syz_20240603


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
  2024-06-04  2:23 [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk syzbot
                   ` (2 preceding siblings ...)
  2024-06-04 16:42 ` Liam R. Howlett
@ 2024-06-04 18:08 ` Liam R. Howlett
  2024-06-13 19:02   ` Liam R. Howlett
  3 siblings, 1 reply; 7+ messages in thread
From: Liam R. Howlett @ 2024-06-04 18:08 UTC (permalink / raw)
  To: syzbot; +Cc: akpm, linux-kernel, linux-mm, maple-tree, syzkaller-bugs

* syzbot <syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com> [240603 22:23]:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    4a4be1ad3a6e Revert "vfs: Delete the associated dentry whe..
> git tree:       upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=128638ba980000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
> dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
> compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> userspace arch: arm64
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106f71aa980000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16b4ffc6980000
> 
> Downloadable assets:
> disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-4a4be1ad.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/75957361122b/vmlinux-4a4be1ad.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/6c766b0ec377/Image-4a4be1ad.gz.xz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com
> 
> Unable to handle kernel paging request at virtual address 00700000077b9b78

I don't think the bot is testing my forced update of the tree, so I'll
try again.

#sys test git://git.infradead.org/users/jedix/linux-maple.git syz_20240603_v2

This is a revert a some patches - which seems to stop all the crashing
for me.

Looks to be the same as this [1] syzbot report.  All seem to be related
to madvise and these patches are the last to modify the area (besides
mseal() specifically calling out madvise, but that would not cause the
issue).

The patches I revered also name arm64 as special.

[1] https://syzkaller.appspot.com/bug?extid=7eaa0d7b9fccf21052f1

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
  2024-06-04 18:08 ` Liam R. Howlett
@ 2024-06-13 19:02   ` Liam R. Howlett
  0 siblings, 0 replies; 7+ messages in thread
From: Liam R. Howlett @ 2024-06-13 19:02 UTC (permalink / raw)
  To: syzbot, akpm, linux-kernel, linux-mm, maple-tree, syzkaller-bugs

* Liam R. Howlett <Liam.Howlett@oracle.com> [240604 14:08]:
> * syzbot <syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com> [240603 22:23]:
> > Hello,
> > 
> > syzbot found the following issue on:
> > 
> > HEAD commit:    4a4be1ad3a6e Revert "vfs: Delete the associated dentry whe..
> > git tree:       upstream
> > console output: https://syzkaller.appspot.com/x/log.txt?x=128638ba980000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
> > dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
> > compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> > userspace arch: arm64
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106f71aa980000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16b4ffc6980000
> > 
> > Downloadable assets:
> > disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-4a4be1ad.raw.xz
> > vmlinux: https://storage.googleapis.com/syzbot-assets/75957361122b/vmlinux-4a4be1ad.xz
> > kernel image: https://storage.googleapis.com/syzbot-assets/6c766b0ec377/Image-4a4be1ad.gz.xz
> > 
> > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > Reported-by: syzbot+c67d06ab25a9bc4adf35@syzkaller.appspotmail.com
> > 
> > Unable to handle kernel paging request at virtual address 00700000077b9b78
> 
> I don't think the bot is testing my forced update of the tree, so I'll
> try again.
> 
> #sys test git://git.infradead.org/users/jedix/linux-maple.git syz_20240603_v2
> 
> This is a revert a some patches - which seems to stop all the crashing
> for me.
> 
> Looks to be the same as this [1] syzbot report.  All seem to be related
> to madvise and these patches are the last to modify the area (besides
> mseal() specifically calling out madvise, but that would not cause the
> issue).
> 
> The patches I revered also name arm64 as special.
> 
> [1] https://syzkaller.appspot.com/bug?extid=7eaa0d7b9fccf21052f1

This should be fixed in 6.10-rc3 because of the arm fix in the area I
suspected.  I have no way of verifying that since the bot decided to
stop responding.

This puts us in a difficult situation of needing to jump on bot bugs for
security concerns and wasting copious amounts of time chasing our own
tails.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk
       [not found] <ifehf7xjxklocicvvbsidy65zidgtkfofc34s7y7eopbkokpmn@or2u6znvtren>
@ 2024-06-04 15:18 ` syzbot
  0 siblings, 0 replies; 7+ messages in thread
From: syzbot @ 2024-06-04 15:18 UTC (permalink / raw)
  To: liam.howlett, linux-kernel, syzkaller-bugs

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
BUG: unable to handle kernel paging request in corrupted

Unable to handle kernel paging request at virtual address 007f8000826099b8
Mem abort info:
  ESR = 0x0000000096000004
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x04: level 0 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[007f8000826099b8] address between user and kernel address ranges


Tested on:

commit:         63ab6007 maple_tree: Check dead node in mas_walk() whe..
git tree:       git://git.infradead.org/users/jedix/linux-maple.git syz_20240603
console output: https://syzkaller.appspot.com/x/log.txt?x=14842a16980000
kernel config:  https://syzkaller.appspot.com/x/.config?x=bd6024aedb15e15c
dashboard link: https://syzkaller.appspot.com/bug?extid=c67d06ab25a9bc4adf35
compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64

Note: no patches were applied.

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2024-06-13 19:02 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-06-04  2:23 [syzbot] [maple-tree?] BUG: unable to handle kernel paging request in mas_walk syzbot
2024-06-04 13:41 ` Liam R. Howlett
2024-06-04 15:06 ` [syzbot] " syzbot
2024-06-04 16:42 ` Liam R. Howlett
2024-06-04 18:08 ` Liam R. Howlett
2024-06-13 19:02   ` Liam R. Howlett
     [not found] <ifehf7xjxklocicvvbsidy65zidgtkfofc34s7y7eopbkokpmn@or2u6znvtren>
2024-06-04 15:18 ` syzbot

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.