[syzbot] WARNING in anon_vma_name
7 views
Skip to first unread message
syzbot
Nov 14, 2022, 1:28:40 AM11/14/22
to ak...@linux-foundation.org, ar...@arndb.de, bra...@kernel.org, ccr...@google.com, cor...@lwn.net, da...@redhat.com, han...@cmpxchg.org, hu...@google.com, linu...@vger.kernel.org, linux-...@vger.kernel.org, linux-...@vger.kernel.org, linu...@kvack.org, pasha.t...@soleen.com, paul.go...@windriver.com, pet...@redhat.com, shy8...@gmail.com, syzkall...@googlegroups.com, vba...@suse.cz, wi...@infradead.org
Hello,
syzbot found the following issue on:
HEAD commit: f8f60f322f06 Add linux-next specific files for 20221111
git tree: linux-next
console+strace: https://syzkaller.appspot.com/x/log.txt?x=12f0f3fe880000
kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=171f6c49880000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16fdfd99880000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6008df424195/disk-f8f60f32.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/394340525f66/vmlinux-f8f60f32.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b13604a3343a/bzImage-f8f60f32.xz
The issue was bisected to:
commit 2220e3a8953e86b87adfc753fc57c2a5e0b0a032
Author: Pasha Tatashin <pasha.t...@soleen.com>
Date: Mon Nov 7 18:47:15 2022 +0000
mm: anonymous shared memory naming
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=16d32f66880000
final oops: https://syzkaller.appspot.com/x/report.txt?x=15d32f66880000
console output: https://syzkaller.appspot.com/x/log.txt?x=11d32f66880000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+62ed95...@syzkaller.appspotmail.com
Fixes: 2220e3a8953e ("mm: anonymous shared memory naming")
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5239 at include/linux/mmap_lock.h:155 mmap_assert_locked include/linux/mmap_lock.h:155 [inline]
WARNING: CPU: 0 PID: 5239 at include/linux/mmap_lock.h:155 anon_vma_name+0x11c/0x170 mm/madvise.c:97
Modules linked in:
CPU: 1 PID: 5239 Comm: syz-executor276 Not tainted 6.1.0-rc4-next-20221111-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:mmap_assert_locked include/linux/mmap_lock.h:155 [inline]
RIP: 0010:anon_vma_name+0x11c/0x170 mm/madvise.c:97
Code: 8d bd 58 01 00 00 be ff ff ff ff e8 1e fc e0 07 31 ff 41 89 c4 89 c6 e8 c2 27 bc ff 45 85 e4 0f 85 5c ff ff ff e8 e4 2a bc ff <0f> 0b e9 50 ff ff ff e8 d8 2a bc ff 48 89 ef e8 00 e7 f2 ff 0f 0b
RSP: 0018:ffffc90003c7f810 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffffffff8b9ae000 RCX: 0000000000000000
RDX: ffff88801d5fba80 RSI: ffffffff81c0a28c RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff8b9ae008 R14: ffffffff8b9ae010 R15: 0000000000000000
FS: 0000555556387300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000061ba0c CR3: 000000007d6c4000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
show_map_vma+0x22d/0x620 fs/proc/task_mmu.c:297
show_smap+0xe4/0x490 fs/proc/task_mmu.c:866
traverse.part.0+0xcf/0x5f0 fs/seq_file.c:111
traverse fs/seq_file.c:101 [inline]
seq_read_iter+0x90f/0x1280 fs/seq_file.c:195
seq_read+0x16d/0x210 fs/seq_file.c:162
do_loop_readv_writev fs/read_write.c:756 [inline]
do_loop_readv_writev fs/read_write.c:743 [inline]
do_iter_read+0x4f8/0x750 fs/read_write.c:798
vfs_readv+0xe5/0x150 fs/read_write.c:916
do_preadv fs/read_write.c:1008 [inline]
__do_sys_preadv fs/read_write.c:1058 [inline]
__se_sys_preadv fs/read_write.c:1053 [inline]
__x64_sys_preadv+0x22b/0x310 fs/read_write.c:1053
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f545e62b239
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffed9c02fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f545e62b239
RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000003
RBP: 00007ffed9c02ff0 R08: 0000000000000000 R09: 65732f636f72702f
R10: 00000000fffffffe R11: 0000000000000246 R12: 00007f545e5ef120
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: f8f60f322f06 Add linux-next specific files for 20221111
git tree: linux-next
console+strace: https://syzkaller.appspot.com/x/log.txt?x=12f0f3fe880000
kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=171f6c49880000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16fdfd99880000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6008df424195/disk-f8f60f32.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/394340525f66/vmlinux-f8f60f32.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b13604a3343a/bzImage-f8f60f32.xz
The issue was bisected to:
commit 2220e3a8953e86b87adfc753fc57c2a5e0b0a032
Author: Pasha Tatashin <pasha.t...@soleen.com>
Date: Mon Nov 7 18:47:15 2022 +0000
mm: anonymous shared memory naming
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=16d32f66880000
final oops: https://syzkaller.appspot.com/x/report.txt?x=15d32f66880000
console output: https://syzkaller.appspot.com/x/log.txt?x=11d32f66880000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+62ed95...@syzkaller.appspotmail.com
Fixes: 2220e3a8953e ("mm: anonymous shared memory naming")
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5239 at include/linux/mmap_lock.h:155 mmap_assert_locked include/linux/mmap_lock.h:155 [inline]
WARNING: CPU: 0 PID: 5239 at include/linux/mmap_lock.h:155 anon_vma_name+0x11c/0x170 mm/madvise.c:97
Modules linked in:
CPU: 1 PID: 5239 Comm: syz-executor276 Not tainted 6.1.0-rc4-next-20221111-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:mmap_assert_locked include/linux/mmap_lock.h:155 [inline]
RIP: 0010:anon_vma_name+0x11c/0x170 mm/madvise.c:97
Code: 8d bd 58 01 00 00 be ff ff ff ff e8 1e fc e0 07 31 ff 41 89 c4 89 c6 e8 c2 27 bc ff 45 85 e4 0f 85 5c ff ff ff e8 e4 2a bc ff <0f> 0b e9 50 ff ff ff e8 d8 2a bc ff 48 89 ef e8 00 e7 f2 ff 0f 0b
RSP: 0018:ffffc90003c7f810 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffffffff8b9ae000 RCX: 0000000000000000
RDX: ffff88801d5fba80 RSI: ffffffff81c0a28c RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff8b9ae008 R14: ffffffff8b9ae010 R15: 0000000000000000
FS: 0000555556387300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000061ba0c CR3: 000000007d6c4000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
show_map_vma+0x22d/0x620 fs/proc/task_mmu.c:297
show_smap+0xe4/0x490 fs/proc/task_mmu.c:866
traverse.part.0+0xcf/0x5f0 fs/seq_file.c:111
traverse fs/seq_file.c:101 [inline]
seq_read_iter+0x90f/0x1280 fs/seq_file.c:195
seq_read+0x16d/0x210 fs/seq_file.c:162
do_loop_readv_writev fs/read_write.c:756 [inline]
do_loop_readv_writev fs/read_write.c:743 [inline]
do_iter_read+0x4f8/0x750 fs/read_write.c:798
vfs_readv+0xe5/0x150 fs/read_write.c:916
do_preadv fs/read_write.c:1008 [inline]
__do_sys_preadv fs/read_write.c:1058 [inline]
__se_sys_preadv fs/read_write.c:1053 [inline]
__x64_sys_preadv+0x22b/0x310 fs/read_write.c:1053
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f545e62b239
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffed9c02fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f545e62b239
RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000003
RBP: 00007ffed9c02ff0 R08: 0000000000000000 R09: 65732f636f72702f
R10: 00000000fffffffe R11: 0000000000000246 R12: 00007f545e5ef120
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Hillf Danton
Nov 14, 2022, 4:49:15 AM11/14/22
to syzbot, linux-...@vger.kernel.org, syzkall...@googlegroups.com
On 13 Nov 2022 22:28:39 -0800
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git f8f60f322f06
--- x/fs/proc/task_mmu.c
+++ t/fs/proc/task_mmu.c
@@ -277,7 +277,7 @@ show_map_vma(struct seq_file *m, struct
struct mm_struct *mm = vma->vm_mm;
struct file *file = vma->vm_file;
vm_flags_t flags = vma->vm_flags;
- struct anon_vma_name *anon_name;
+ struct anon_vma_name *anon_name = NULL;
unsigned long ino = 0;
unsigned long long pgoff = 0;
unsigned long start, end;
@@ -294,7 +294,13 @@ show_map_vma(struct seq_file *m, struct
start = vma->vm_start;
end = vma->vm_end;
show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino);
- anon_name = anon_vma_name(vma);
+ if (mm) {
+ if (mmap_read_lock_killable(mm))
+ goto done;
+ anon_name = anon_vma_name(vma);
+ anon_vma_name_get(anon_name);
+ mmap_read_unlock(mm);
+ }
/*
* Print the dentry name for named mappings, and a
@@ -349,6 +355,7 @@ done:
seq_puts(m, name);
}
seq_putc(m, '\n');
+ anon_vma_name_put(anon_name);
}
static int show_map(struct seq_file *m, void *v)
--
> syzbot found the following issue on:
>
> HEAD commit: f8f60f322f06 Add linux-next specific files for 20221111
> git tree: linux-next
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=12f0f3fe880000
> kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
> dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=171f6c49880000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16fdfd99880000
Take mmap_lock for read for getting anon_vma_name in a bid to quiesce the warning.
>
> HEAD commit: f8f60f322f06 Add linux-next specific files for 20221111
> git tree: linux-next
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=12f0f3fe880000
> kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
> dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=171f6c49880000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16fdfd99880000
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git f8f60f322f06
--- x/fs/proc/task_mmu.c
+++ t/fs/proc/task_mmu.c
@@ -277,7 +277,7 @@ show_map_vma(struct seq_file *m, struct
struct mm_struct *mm = vma->vm_mm;
struct file *file = vma->vm_file;
vm_flags_t flags = vma->vm_flags;
- struct anon_vma_name *anon_name;
+ struct anon_vma_name *anon_name = NULL;
unsigned long ino = 0;
unsigned long long pgoff = 0;
unsigned long start, end;
@@ -294,7 +294,13 @@ show_map_vma(struct seq_file *m, struct
start = vma->vm_start;
end = vma->vm_end;
show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino);
- anon_name = anon_vma_name(vma);
+ if (mm) {
+ if (mmap_read_lock_killable(mm))
+ goto done;
+ anon_name = anon_vma_name(vma);
+ anon_vma_name_get(anon_name);
+ mmap_read_unlock(mm);
+ }
/*
* Print the dentry name for named mappings, and a
@@ -349,6 +355,7 @@ done:
seq_puts(m, name);
}
seq_putc(m, '\n');
+ anon_vma_name_put(anon_name);
}
static int show_map(struct seq_file *m, void *v)
--
syzbot
Nov 14, 2022, 5:55:23 AM11/14/22
to hda...@sina.com, linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
possible deadlock in show_map_vma
============================================
WARNING: possible recursive locking detected
6.1.0-rc4-next-20221111-syzkaller-dirty #0 Not tainted
--------------------------------------------
syz-executor.0/5772 is trying to acquire lock:
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: show_map_vma+0x1dd/0x8a0 fs/proc/task_mmu.c:298
but task is already holding lock:
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: m_start+0x1d6/0x670 fs/proc/task_mmu.c:162
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&mm->mmap_lock);
lock(&mm->mmap_lock);
*** DEADLOCK ***
May be due to missing lock nesting notation
2 locks held by syz-executor.0/5772:
#0: ffff88801d4c28b8 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xdf/0x1280 fs/seq_file.c:182
#1: ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
#1: ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: m_start+0x1d6/0x670 fs/proc/task_mmu.c:162
stack backtrace:
CPU: 1 PID: 5772 Comm: syz-executor.0 Not tainted 6.1.0-rc4-next-20221111-syzkaller-dirty #0
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_deadlock_bug kernel/locking/lockdep.c:2990 [inline]
check_deadlock kernel/locking/lockdep.c:3033 [inline]
validate_chain kernel/locking/lockdep.c:3818 [inline]
__lock_acquire.cold+0x116/0x3a7 kernel/locking/lockdep.c:5055
lock_acquire kernel/locking/lockdep.c:5668 [inline]
lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633
down_read_killable+0x9b/0x490 kernel/locking/rwsem.c:1532
mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
show_map_vma+0x1dd/0x8a0 fs/proc/task_mmu.c:298
show_smap+0xe4/0x490 fs/proc/task_mmu.c:873
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdc28980168 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
RAX: ffffffffffffffda RBX: 00007fdc27dabf80 RCX: 00007fdc27c8b639
R10: 00000000fffffffe R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc20c7d9af R14: 00007fdc28980300 R15: 0000000000022000
</TASK>
Tested on:
commit: f8f60f32 Add linux-next specific files for 20221111
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
console output: https://syzkaller.appspot.com/x/log.txt?x=13a0e2f1880000
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
possible deadlock in show_map_vma
============================================
WARNING: possible recursive locking detected
6.1.0-rc4-next-20221111-syzkaller-dirty #0 Not tainted
--------------------------------------------
syz-executor.0/5772 is trying to acquire lock:
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: show_map_vma+0x1dd/0x8a0 fs/proc/task_mmu.c:298
but task is already holding lock:
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: m_start+0x1d6/0x670 fs/proc/task_mmu.c:162
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&mm->mmap_lock);
lock(&mm->mmap_lock);
*** DEADLOCK ***
May be due to missing lock nesting notation
2 locks held by syz-executor.0/5772:
#0: ffff88801d4c28b8 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xdf/0x1280 fs/seq_file.c:182
#1: ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
#1: ffff88807dd89b98 (&mm->mmap_lock){++++}-{3:3}, at: m_start+0x1d6/0x670 fs/proc/task_mmu.c:162
stack backtrace:
CPU: 1 PID: 5772 Comm: syz-executor.0 Not tainted 6.1.0-rc4-next-20221111-syzkaller-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_deadlock_bug kernel/locking/lockdep.c:2990 [inline]
check_deadlock kernel/locking/lockdep.c:3033 [inline]
validate_chain kernel/locking/lockdep.c:3818 [inline]
__lock_acquire.cold+0x116/0x3a7 kernel/locking/lockdep.c:5055
lock_acquire kernel/locking/lockdep.c:5668 [inline]
lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633
down_read_killable+0x9b/0x490 kernel/locking/rwsem.c:1532
mmap_read_lock_killable include/linux/mmap_lock.h:126 [inline]
show_map_vma+0x1dd/0x8a0 fs/proc/task_mmu.c:298
show_smap+0xe4/0x490 fs/proc/task_mmu.c:873
traverse.part.0+0xcf/0x5f0 fs/seq_file.c:111
traverse fs/seq_file.c:101 [inline]
seq_read_iter+0x90f/0x1280 fs/seq_file.c:195
seq_read+0x16d/0x210 fs/seq_file.c:162
do_loop_readv_writev fs/read_write.c:756 [inline]
do_loop_readv_writev fs/read_write.c:743 [inline]
do_iter_read+0x4f8/0x750 fs/read_write.c:798
vfs_readv+0xe5/0x150 fs/read_write.c:916
do_preadv fs/read_write.c:1008 [inline]
__do_sys_preadv fs/read_write.c:1058 [inline]
__se_sys_preadv fs/read_write.c:1053 [inline]
__x64_sys_preadv+0x22b/0x310 fs/read_write.c:1053
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fdc27c8b639
traverse fs/seq_file.c:101 [inline]
seq_read_iter+0x90f/0x1280 fs/seq_file.c:195
seq_read+0x16d/0x210 fs/seq_file.c:162
do_loop_readv_writev fs/read_write.c:756 [inline]
do_loop_readv_writev fs/read_write.c:743 [inline]
do_iter_read+0x4f8/0x750 fs/read_write.c:798
vfs_readv+0xe5/0x150 fs/read_write.c:916
do_preadv fs/read_write.c:1008 [inline]
__do_sys_preadv fs/read_write.c:1058 [inline]
__se_sys_preadv fs/read_write.c:1053 [inline]
__x64_sys_preadv+0x22b/0x310 fs/read_write.c:1053
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdc28980168 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
RAX: ffffffffffffffda RBX: 00007fdc27dabf80 RCX: 00007fdc27c8b639
RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000003
RBP: 00007fdc27ce67e1 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000fffffffe R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc20c7d9af R14: 00007fdc28980300 R15: 0000000000022000
</TASK>
Tested on:
commit: f8f60f32 Add linux-next specific files for 20221111
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
console output: https://syzkaller.appspot.com/x/log.txt?x=13a0e2f1880000
kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
patch: https://syzkaller.appspot.com/x/patch.diff?x=1069e0f1880000
dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
Hillf Danton
Nov 14, 2022, 8:19:43 AM11/14/22
to syzbot, linux-...@vger.kernel.org, syzkall...@googlegroups.com
On 13 Nov 2022 22:28:39 -0800
> syzbot found the following issue on:
>
> HEAD commit: f8f60f322f06 Add linux-next specific files for 20221111
> git tree: linux-next
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=12f0f3fe880000
> kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
> dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=171f6c49880000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16fdfd99880000
In a bid to quiesce the warning, check mm to hold the right mmap_lock.
>
> HEAD commit: f8f60f322f06 Add linux-next specific files for 20221111
> git tree: linux-next
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=12f0f3fe880000
> kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
> dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=171f6c49880000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16fdfd99880000
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git f8f60f322f06
--- x/fs/proc/task_mmu.c
+++ t/fs/proc/task_mmu.c
static void
show_map_vma(struct seq_file *m, struct vm_area_struct *vma)
{
+ struct proc_maps_private *priv = m->private;
struct mm_struct *mm = vma->vm_mm;
struct file *file = vma->vm_file;
vm_flags_t flags = vma->vm_flags;
@@ -294,7 +295,11 @@ show_map_vma(struct seq_file *m, struct
struct file *file = vma->vm_file;
vm_flags_t flags = vma->vm_flags;
start = vma->vm_start;
end = vma->vm_end;
show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino);
- anon_name = anon_vma_name(vma);
+
+ if (mm == priv->mm)
end = vma->vm_end;
show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino);
- anon_name = anon_vma_name(vma);
+
+ anon_name = anon_vma_name(vma);
+ else
+ anon_name = NULL;
/*
* Print the dentry name for named mappings, and a
syzbot
Nov 14, 2022, 3:45:27 PM11/14/22
to hda...@sina.com, linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+62ed95...@syzkaller.appspotmail.com
Tested on:
commit: f8f60f32 Add linux-next specific files for 20221111
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
console output: https://syzkaller.appspot.com/x/log.txt?x=175b0e35880000
Note: testing is done by a robot and is best-effort only.
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+62ed95...@syzkaller.appspotmail.com
Tested on:
commit: f8f60f32 Add linux-next specific files for 20221111
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
kernel config: https://syzkaller.appspot.com/x/.config?x=85ba52c07cd97289
dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
patch: https://syzkaller.appspot.com/x/patch.diff?x=1751b9d1880000
dashboard link: https://syzkaller.appspot.com/bug?extid=62ed954113bf02c79f74
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
Note: testing is done by a robot and is best-effort only.
syzbot
Apr 21, 2023, 1:50:36 PM4/21/23
to syzkall...@googlegroups.com
Auto-closing this bug as obsolete.
No recent activity, existing reproducers are no longer triggering the issue.
No recent activity, existing reproducers are no longer triggering the issue.
Reply all
Reply to author
Forward
0 new messages