On 18.09.23 05:57, syzbot wrote:
Hello, syzbot found the following issue on: HEAD commit: 98897dc735cf Add linux-next specific files for 20230914 git tree: linux-next console+strace: https://syzkaller.appspot.com/x/log.txt?x=1214a152680000 kernel config: https://syzkaller.appspot.com/x/.config?x=1502c503717ada5c dashboard link: https://syzkaller.appspot.com/bug?extid=6e4f59235036c3c2e296 compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15869ea0680000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15f1b952680000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/00e4c0af5a8a/disk-98897dc7.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/7b54a00eee56/vmlinux-98897dc7.xz kernel image: https://storage.googleapis.com/syzbot-assets/100094353b8e/bzImage-98897dc7.xz The issue was bisected to: commit b8575fa4abaa1dee1a61f1f27a86a02757310a7e Author: David Hildenbrand <david@xxxxxxxxxx> Date: Wed Sep 13 12:51:12 2023 +0000 mm/rmap: simplify PageAnonExclusive sanity checks when adding anon rmap
Right, when PTE-mapping a THP we temporarily have an entire mapping and a sub-page mapping. It would even be clearer when passing RMAP_EXCLUSIVE from __split_huge_pmd_locked(), then setting it manually. But that's a different story; lets' fixup that sanity check first.
-- Cheers, David / dhildenb