Hello,
syzbot found the following issue on:
HEAD commit: d214f240b0f6 Linux 5.15.100
git tree: linux-5.15.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=16b14684c80000
kernel config:
https://syzkaller.appspot.com/x/.config?x=2ce2e44a77402c69
dashboard link:
https://syzkaller.appspot.com/bug?extid=2a002f9b698254803925
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/16b7e741b1bc/disk-d214f240.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/d659bc0db8bc/vmlinux-d214f240.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/64813dcb1631/Image-d214f240.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+2a002f...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5455 at mm/huge_memory.c:2626 split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
Modules linked in:
CPU: 1 PID: 5455 Comm: syz-executor.2 Not tainted 5.15.100-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
lr : split_huge_page_to_list+0x890/0x2d88 mm/huge_memory.c:2626
sp : ffff80001fe87460
x29: ffff80001fe87610 x28: 1fffff80006ef000 x27: 0000000000000000
x26: 0000000000000000 x25: ffff80001fe87580 x24: ffff0001ff052d80
x23: dfff800000000000 x22: 05ffc00000410001 x21: fffffc0003778000
x20: ffff800016dd0000 x19: 00000000fffffff0 x18: 1fffe0003690058e
x17: 1fffe0003690058e x16: ffff800011a0911c x15: ffff800014a5f8e0
x14: 1ffff0000293806a x13: ffffffffffffffff x12: 0000000000040000
x11: 00000000000087ac x10: ffff80001e8ea000 x9 : a8bc91da639e5500
x8 : 0000000000000001 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000a9bcc40
x2 : ffff0001b4802d10 x1 : 0000000100000000 x0 : 0000000000000031
Call trace:
split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
split_huge_page include/linux/huge_mm.h:192 [inline]
try_to_split_thp_page+0xf0/0x1d4 mm/memory-failure.c:1454
memory_failure+0x828/0x2038 mm/memory-failure.c:1821
madvise_inject_error mm/madvise.c:973 [inline]
do_madvise+0x514/0x2c70 mm/madvise.c:1166
__do_sys_madvise mm/madvise.c:1233 [inline]
__se_sys_madvise mm/madvise.c:1231 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1231
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
irq event stamp: 298
hardirqs last enabled at (297): [<ffff80000826cb4c>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1337 [inline]
hardirqs last enabled at (297): [<ffff80000826cb4c>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4777
hardirqs last disabled at (298): [<ffff800011a047b0>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (242): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (242): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (233): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (233): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (233): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace f829c7748c769762 ]---
Memory Failure: 0x11de00: thp split failed
Memory failure: 0x11de00: recovery action for unsplit thp: Ignored
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.