vma corrupt with newer maple_tree crashes (6.12-rc3 crash)

[thehajime]

Thread 1 "vmlinux" received signal SIGSEGV, Segmentation fault.
                                                               acct_collect (exitcode=exitcode@entry=0, group_dead=group_dead@entry=1) at ../kernel/acct.c:565
565      vsize += vma->vm_end - vma->vm_start;
(gdb) p vma
$4 = (struct vm_area_struct *) 0x9
(gdb) bt
#0  acct_collect (exitcode=exitcode@entry=0, group_dead=group_dead@entry=1) at ../kernel/acct.c:565
#1  0x000000006003dca5 in do_exit (code=code@entry=0) at ../kernel/exit.c:918
#2  0x000000006003e64e in do_group_exit (exit_code=0) at ../kernel/exit.c:1088
#3  0x000000006003e668 in __do_sys_exit_group (error_code=<optimized out>) at ../kernel/exit.c:1099
#4  __se_sys_exit_group (error_code=<optimized out>) at ../kernel/exit.c:1097
#5  0x0000000060038793 in do_syscall_64 (regs=0x703d0690) at ../arch/x86/um/do_syscall_64.c:85
#6  0x0000000060038913 in __kernel_vsyscall () at ../arch/x86/um/entry_64.S:74
#7  0x23e8c78948302444 in ?? ()

[thehajime]

with v6.11 and cherry-picks, didn't reproduce. with v6.12-rc1, it reproduced. (will investigate more with bisect)

[thehajime]

result of (manual) bisect.

FAIL v6.12-rc1
FAIL 5a53623d0fe6 Documentation/cgroup-v2: clarify that zswap.writeback is ignored if zswap is disabled
FAIL 78788c3ede90 kasan: simplify and clarify Makefile
FAIL 3ac9999c5d6f MIPS: loongson64: drop HAVE_ARCH_NODEDATA_EXTENSION
FAIL 650975d2b181 mm: swap: skip slot cache on freeing for mTHP
FAIL d07a46a4ac18 mm: swap: mTHP allocate swap entries from nonfull list
FAIL 73ed0baae66d mm: swap: swap cluster switch to double link list
FAIL ed4dfd9aa1b1 maple_tree: make write helper functions void
FAIL c27e6183c654 maple_tree: remove unneeded mas_wr_walk() in mas_store_prealloc()
FAIL(panic) add60ea5f6d8 maple_tree: remove repeated sanity checks from write helper functions
FAIL(panic) 9155e8433498 maple_tree: remove node allocations from various write helper functions
PASS 4037d44f548f maple_tree: have mas_store() allocate nodes if needed
PASS 580fcbd67ce2 maple_tree: use store type in mas_wr_store_entry()
PASS 02f4bbefcada mm: kmem: add lockdep assertion to obj_cgroup_memcg
PASS f689a3ab7b8e dma-direct: optimize page freeing when it is not addressable
PASS 92193b3569ad vdpa_sim: don't select DMA_OPS
PASS v6.11

[thehajime]

if I revert commits below, the issue is gone.

• ed4dfd9aa1b1 maple_tree: make write helper functions void
• c27e6183c654 maple_tree: remove unneeded mas_wr_walk() in mas_store_prealloc()
• add60ea5f6d8 maple_tree: remove repeated sanity checks from write helper functions
• 9155e8433498 maple_tree: remove node allocations from various write helper functions

(maple tree is far beyond of my fav... takes time to investigate why/what happens)

[thehajime]

Will look into the exit_mmap() side of nommu code

[thehajime]

submitted a patch (https://lore.kernel.org/all/20241108222834.3625217-1-thehajime@gmail.com/T/#u)

ref: https://lists.infradead.org/pipermail/maple-tree/2024-November/003777.html