[PATCH OLK-5.10 2/3] zcopy: Fix softlockup while attach PUD-SIZE page

9 Dec 2025

hulk inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IDBQKW

--------------------------------

Fix softlockup while attach PUD-SIZE page. Because we are
not supported to PUD-SIZE page, just ignore to handle it.
Also unsupported to filemapping PTE-PAGE to attach.

 watchdog: BUG: soft lockup - CPU#22 stuck for 23s!
 [ioctl_zcopy_too:2604618]
 CPU: 22 PID: 2604618 Comm: ioctl_zcopy_too Kdump:
 loaded Tainted: G           OE     5.10.0+ #12
 Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.79 12/28/2022
 pstate: 00000005 (nzcv daif -PAN -UAO -TCO BTYPE=--)
 pc : native_queued_spin_lock_slowpath+0x15c/0x390
 lr : attach_huge_pmd+0x654/0x6b8 [zcopy]
 sp : ffff80002d76bc20
 x29: ffff80002d76bc20 x28: fffffe0050e00028
 x27: fffffe006dadadc0 x26: ffff001b778e81e8
 x25: ffff001440000000 x24: fffffe006dbe3a28
 x23: ffff00898038da48 x22: ffff800011b8a1e0
 x21: 0000ffff47a00000 x20: ffff0018038c3740
 x19: fffffe006dbe3a00 x18: 0000000000000000
 x17: 0000000000000000 x16: 0000000000000020
 x15: 0000000000000000 x14: 0000000000000020
 x13: 0000000000000008 x12: ffff001ffbffa2c0
 x11: 0000000000000008 x10: 0000000000000002
 x9 : ffff80000946c818 x8 : ffff80001182f5ee
 x7 : 0000000000000000 x6 : 0000000000000000
 x5 : ffff80001182f5f7 x4 : 0000000000000002
 x3 : fffffe0050e00028 x2 : 0000000000000000
 x1 : 0000000000000000 x0 : 0000000000000002
 Call trace:
  native_queued_spin_lock_slowpath+0x15c/0x390
  attach_page_range+0x214/0x4f0 [zcopy]
  attach_pages+0xf8/0x3a0 [zcopy]
  zcopy_ioctl.part.0+0x98/0xf0 [zcopy]
  zcopy_ioctl+0x2c/0xa4 [zcopy]
  __arm64_sys_ioctl+0xb0/0x110
  invoke_syscall+0x50/0x134
  el0_svc_common.constprop.0+0x68/0x124
  do_el0_svc+0x34/0xe0
  el0_svc+0x20/0x30
  el0_sync_handler+0xb8/0xc0
  fast_work_pending464+0x178/0x18c
 Kernel panic - not syncing: softlockup: hung tasks

Fixes: 975ef0f7a508 ("zcopy: Introduce the pageattach interface")
Signed-off-by: Liu Mingrui <liumingrui@huawei.com>
---
 drivers/misc/zcopy/zcopy.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/misc/zcopy/zcopy.c b/drivers/misc/zcopy/zcopy.c
index c17ef99a2ccc..d903365154cd 100644
--- a/drivers/misc/zcopy/zcopy.c
+++ b/drivers/misc/zcopy/zcopy.c
@@ -145,6 +145,9 @@ static pud_t *zcopy_get_pud(struct mm_struct *mm, unsigned long addr)
 	if (pud_none(*pud))
 		return NULL;
 
+	if (!pud_table(*pud))
+		return NULL;
+
 	return pud;
 }
 
@@ -335,6 +338,9 @@ static int attach_ptes(struct vm_area_struct *dst_vma, struct vm_area_struct *sr
 	unsigned long src_addr_end = src_addr + len;
 	int ret = 0;
 
+	if (!vma_is_anonymous(dst_vma) || !vma_is_anonymous(src_vma))
+		return -EINVAL;
+
 	memset(rss, 0, sizeof(int) * NR_MM_COUNTERS);
 
 	src_ptep = pte_offset_map(src_pmdp, src_addr);
-- 
2.25.1

    