From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
To: Jeongjun Park <aha310510@gmail.com>
Cc: syzbot+b165fc2e11771c66d8ba@syzkaller.appspotmail.com,
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [mm?] WARNING in folio_remove_rmap_ptes
Date: Thu, 1 Jan 2026 17:43:51 +0000 [thread overview]
Message-ID: <5f652e34-eb38-4aa5-a422-8bcbe97ddbbc@lucifer.local> (raw)
In-Reply-To: <20260101083311.838910-1-aha310510@gmail.com>
On Thu, Jan 01, 2026 at 05:33:11PM +0900, Jeongjun Park wrote:
> #syz test upstream master
>
> ---
> mm/mremap.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/mm/mremap.c b/mm/mremap.c
> index 672264807db6..9d823ac8ebd3 100644
> --- a/mm/mremap.c
> +++ b/mm/mremap.c
> @@ -1604,6 +1604,9 @@ static bool vrm_move_only(struct vma_remap_struct *vrm)
> if (!(vrm->flags & MREMAP_FIXED))
> return false;
>
> + if (vrm->flags & MREMAP_DONTUNMAP)
> + return false;
> +
> if (vrm->old_len != vrm->new_len)
> return false;
>
> --
How useful is this when it's a heisenbug that Harry can't repro, I can't
repro and you repro'd just once I think?
Unless syzbot happens to always hit this (I see one single report in the
dashboard so presumably no), it'll potentially say any patch fixes it
right?
Also - this bug might already exist even without the move functionality -
which should be equivalent to a series of mremap() calls, just done all at
once for convenience.
So this patch wouldn't necessarily fix the underlying problem, even if
MREMAP_DONTUNMAP is the issue (the syzbot script is presumably relying on
the batched move logic, but it doesn't mean that is necessary for this bug
to be hit, it maybe alters timing?)
Thanks, Lorenzo
next prev parent reply other threads:[~2026-01-01 17:43 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-23 5:23 [syzbot] [mm?] WARNING in folio_remove_rmap_ptes syzbot
2025-12-23 8:24 ` David Hildenbrand (Red Hat)
2025-12-24 2:48 ` Hillf Danton
2025-12-23 9:42 ` Hillf Danton
2025-12-23 10:10 ` syzbot
2025-12-24 5:35 ` Harry Yoo
2025-12-30 22:02 ` David Hildenbrand (Red Hat)
2025-12-31 6:59 ` Harry Yoo
2026-01-01 13:09 ` Jeongjun Park
2026-01-01 13:45 ` Harry Yoo
2026-01-01 14:30 ` Jeongjun Park
2026-01-01 16:32 ` Lorenzo Stoakes
2026-01-01 17:06 ` David Hildenbrand (Red Hat)
2026-01-01 21:28 ` Lorenzo Stoakes
2026-01-02 8:14 ` Harry Yoo
2026-01-02 11:31 ` Lorenzo Stoakes
2026-01-02 15:49 ` Lorenzo Stoakes
2026-01-02 16:30 ` Lorenzo Stoakes
2026-01-02 17:46 ` Lorenzo Stoakes
2026-01-01 16:54 ` Lorenzo Stoakes
2026-01-01 8:33 ` Jeongjun Park
2026-01-01 8:53 ` syzbot
2026-01-01 17:43 ` Lorenzo Stoakes [this message]
2026-01-03 3:13 ` Jeongjun Park
2026-01-03 3:35 ` syzbot
2026-01-06 14:39 ` Jeongjun Park
2026-01-06 15:00 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5f652e34-eb38-4aa5-a422-8bcbe97ddbbc@lucifer.local \
--to=lorenzo.stoakes@oracle.com \
--cc=aha310510@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=syzbot+b165fc2e11771c66d8ba@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox