[v5.15] WARNING in split_huge_page_to_list
2 views
Skip to first unread message
syzbot
Mar 12, 2023, 4:31:01 AM3/12/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: d214f240b0f6 Linux 5.15.100
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=16b14684c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=2ce2e44a77402c69
dashboard link: https://syzkaller.appspot.com/bug?extid=2a002f9b698254803925
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/16b7e741b1bc/disk-d214f240.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/d659bc0db8bc/vmlinux-d214f240.xz
kernel image: https://storage.googleapis.com/syzbot-assets/64813dcb1631/Image-d214f240.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2a002f...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5455 at mm/huge_memory.c:2626 split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
Modules linked in:
CPU: 1 PID: 5455 Comm: syz-executor.2 Not tainted 5.15.100-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
lr : split_huge_page_to_list+0x890/0x2d88 mm/huge_memory.c:2626
sp : ffff80001fe87460
x29: ffff80001fe87610 x28: 1fffff80006ef000 x27: 0000000000000000
x26: 0000000000000000 x25: ffff80001fe87580 x24: ffff0001ff052d80
x23: dfff800000000000 x22: 05ffc00000410001 x21: fffffc0003778000
x20: ffff800016dd0000 x19: 00000000fffffff0 x18: 1fffe0003690058e
x17: 1fffe0003690058e x16: ffff800011a0911c x15: ffff800014a5f8e0
x14: 1ffff0000293806a x13: ffffffffffffffff x12: 0000000000040000
x11: 00000000000087ac x10: ffff80001e8ea000 x9 : a8bc91da639e5500
x8 : 0000000000000001 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000a9bcc40
x2 : ffff0001b4802d10 x1 : 0000000100000000 x0 : 0000000000000031
Call trace:
split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
split_huge_page include/linux/huge_mm.h:192 [inline]
try_to_split_thp_page+0xf0/0x1d4 mm/memory-failure.c:1454
memory_failure+0x828/0x2038 mm/memory-failure.c:1821
madvise_inject_error mm/madvise.c:973 [inline]
do_madvise+0x514/0x2c70 mm/madvise.c:1166
__do_sys_madvise mm/madvise.c:1233 [inline]
__se_sys_madvise mm/madvise.c:1231 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1231
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
irq event stamp: 298
hardirqs last enabled at (297): [<ffff80000826cb4c>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1337 [inline]
hardirqs last enabled at (297): [<ffff80000826cb4c>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4777
hardirqs last disabled at (298): [<ffff800011a047b0>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (242): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (242): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (233): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (233): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (233): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace f829c7748c769762 ]---
Memory Failure: 0x11de00: thp split failed
Memory failure: 0x11de00: recovery action for unsplit thp: Ignored
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: d214f240b0f6 Linux 5.15.100
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=16b14684c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=2ce2e44a77402c69
dashboard link: https://syzkaller.appspot.com/bug?extid=2a002f9b698254803925
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/16b7e741b1bc/disk-d214f240.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/d659bc0db8bc/vmlinux-d214f240.xz
kernel image: https://storage.googleapis.com/syzbot-assets/64813dcb1631/Image-d214f240.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2a002f...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5455 at mm/huge_memory.c:2626 split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
Modules linked in:
CPU: 1 PID: 5455 Comm: syz-executor.2 Not tainted 5.15.100-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
lr : split_huge_page_to_list+0x890/0x2d88 mm/huge_memory.c:2626
sp : ffff80001fe87460
x29: ffff80001fe87610 x28: 1fffff80006ef000 x27: 0000000000000000
x26: 0000000000000000 x25: ffff80001fe87580 x24: ffff0001ff052d80
x23: dfff800000000000 x22: 05ffc00000410001 x21: fffffc0003778000
x20: ffff800016dd0000 x19: 00000000fffffff0 x18: 1fffe0003690058e
x17: 1fffe0003690058e x16: ffff800011a0911c x15: ffff800014a5f8e0
x14: 1ffff0000293806a x13: ffffffffffffffff x12: 0000000000040000
x11: 00000000000087ac x10: ffff80001e8ea000 x9 : a8bc91da639e5500
x8 : 0000000000000001 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000a9bcc40
x2 : ffff0001b4802d10 x1 : 0000000100000000 x0 : 0000000000000031
Call trace:
split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
split_huge_page include/linux/huge_mm.h:192 [inline]
try_to_split_thp_page+0xf0/0x1d4 mm/memory-failure.c:1454
memory_failure+0x828/0x2038 mm/memory-failure.c:1821
madvise_inject_error mm/madvise.c:973 [inline]
do_madvise+0x514/0x2c70 mm/madvise.c:1166
__do_sys_madvise mm/madvise.c:1233 [inline]
__se_sys_madvise mm/madvise.c:1231 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1231
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
irq event stamp: 298
hardirqs last enabled at (297): [<ffff80000826cb4c>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1337 [inline]
hardirqs last enabled at (297): [<ffff80000826cb4c>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4777
hardirqs last disabled at (298): [<ffff800011a047b0>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (242): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (242): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (233): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (233): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (233): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace f829c7748c769762 ]---
Memory Failure: 0x11de00: thp split failed
Memory failure: 0x11de00: recovery action for unsplit thp: Ignored
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 12, 2023, 4:42:54 AM3/12/23
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: d214f240b0f6 Linux 5.15.100
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=138e55d4c80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1423547cc80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/16b7e741b1bc/disk-d214f240.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/d659bc0db8bc/vmlinux-d214f240.xz
kernel image: https://storage.googleapis.com/syzbot-assets/64813dcb1631/Image-d214f240.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2a002f...@syzkaller.appspotmail.com
raw: 05ffc00000410001 0000000000000000 dead000000000122 0000000000000000
raw: 0000000000000000 0000000000000000 00000002ffffffff 0000000000000000
page dumped because: VM_WARN_ON_ONCE_PAGE(is_hzp)
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4052 at mm/huge_memory.c:2626 split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
Modules linked in:
CPU: 0 PID: 4052 Comm: syz-executor364 Not tainted 5.15.100-syzkaller #0
x29: ffff80001ca77610 x28: 1fffff8000697000 x27: 0000000000000000
x26: 0000000000000000 x25: ffff80001ca77580 x24: ffff0001ff052d80
x23: dfff800000000000 x22: 05ffc00000410001 x21: fffffc00034b8000
x20: ffff800016dd0000 x19: 00000000fffffff0 x18: 0000000000000001
x17: ff808000083386a0 x16: ffff800011a0911c x15: ffff8000083386a0
x14: 00000000ffffffff x13: ffffffffffffffff x12: 0000000000000000
x11: ff808000087afbd0 x10: 0000000000000000 x9 : 25f46fd3687cd600
x8 : 0000000000000001 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff80001ca768d8 x4 : ffff800014aa0700 x3 : ffff80000a9bcc40
x2 : ffff0001b47e2d10 x1 : 0000000100000000 x0 : 0000000000000031
hardirqs last enabled at (13711): [<ffff80000832e2e0>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:257
hardirqs last disabled at (13712): [<ffff800011a047b0>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (13700): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (13700): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (13689): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (13689): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (13689): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace 3c9ef2f0e3e56b98 ]---
Memory Failure: 0x112e00: thp split failed
Memory failure: 0x112e00: recovery action for unsplit thp: Ignored
HEAD commit: d214f240b0f6 Linux 5.15.100
git tree: linux-5.15.y
kernel config: https://syzkaller.appspot.com/x/.config?x=2ce2e44a77402c69
dashboard link: https://syzkaller.appspot.com/bug?extid=2a002f9b698254803925
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1324fa5cc80000
dashboard link: https://syzkaller.appspot.com/bug?extid=2a002f9b698254803925
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1423547cc80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/16b7e741b1bc/disk-d214f240.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/d659bc0db8bc/vmlinux-d214f240.xz
kernel image: https://storage.googleapis.com/syzbot-assets/64813dcb1631/Image-d214f240.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2a002f...@syzkaller.appspotmail.com
raw: 0000000000000000 0000000000000000 00000002ffffffff 0000000000000000
page dumped because: VM_WARN_ON_ONCE_PAGE(is_hzp)
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4052 at mm/huge_memory.c:2626 split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
Modules linked in:
CPU: 0 PID: 4052 Comm: syz-executor364 Not tainted 5.15.100-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
lr : split_huge_page_to_list+0x890/0x2d88 mm/huge_memory.c:2626
sp : ffff80001ca77460
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
lr : split_huge_page_to_list+0x890/0x2d88 mm/huge_memory.c:2626
x29: ffff80001ca77610 x28: 1fffff8000697000 x27: 0000000000000000
x26: 0000000000000000 x25: ffff80001ca77580 x24: ffff0001ff052d80
x23: dfff800000000000 x22: 05ffc00000410001 x21: fffffc00034b8000
x20: ffff800016dd0000 x19: 00000000fffffff0 x18: 0000000000000001
x17: ff808000083386a0 x16: ffff800011a0911c x15: ffff8000083386a0
x14: 00000000ffffffff x13: ffffffffffffffff x12: 0000000000000000
x11: ff808000087afbd0 x10: 0000000000000000 x9 : 25f46fd3687cd600
x8 : 0000000000000001 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff80001ca768d8 x4 : ffff800014aa0700 x3 : ffff80000a9bcc40
x2 : ffff0001b47e2d10 x1 : 0000000100000000 x0 : 0000000000000031
Call trace:
split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
split_huge_page include/linux/huge_mm.h:192 [inline]
try_to_split_thp_page+0xf0/0x1d4 mm/memory-failure.c:1454
memory_failure+0x828/0x2038 mm/memory-failure.c:1821
madvise_inject_error mm/madvise.c:973 [inline]
do_madvise+0x514/0x2c70 mm/madvise.c:1166
__do_sys_madvise mm/madvise.c:1233 [inline]
__se_sys_madvise mm/madvise.c:1231 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1231
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
irq event stamp: 13712
split_huge_page_to_list+0x89c/0x2d88 mm/huge_memory.c:2626
split_huge_page include/linux/huge_mm.h:192 [inline]
try_to_split_thp_page+0xf0/0x1d4 mm/memory-failure.c:1454
memory_failure+0x828/0x2038 mm/memory-failure.c:1821
madvise_inject_error mm/madvise.c:973 [inline]
do_madvise+0x514/0x2c70 mm/madvise.c:1166
__do_sys_madvise mm/madvise.c:1233 [inline]
__se_sys_madvise mm/madvise.c:1231 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1231
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
hardirqs last enabled at (13711): [<ffff80000832e2e0>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:257
hardirqs last disabled at (13712): [<ffff800011a047b0>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (13700): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (13700): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (13689): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (13689): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (13689): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace 3c9ef2f0e3e56b98 ]---
Memory Failure: 0x112e00: thp split failed
Memory failure: 0x112e00: recovery action for unsplit thp: Ignored
syzbot
Mar 12, 2023, 10:08:11 AM3/12/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 1cc3fcf63192 Linux 6.1.18
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=150c3ac6c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=157296d36f92ea19
dashboard link: https://syzkaller.appspot.com/bug?extid=8b6a8c605f81c2f60cad
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14d32e24c80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/0e4c0d43698b/disk-1cc3fcf6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/a4de39d735de/vmlinux-1cc3fcf6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/82bab928f6e3/Image-1cc3fcf6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+8b6a8c...@syzkaller.appspotmail.com
raw: 05ffc00000410001 0000000000000000 dead000000000122 0000000000000000
raw: 0000000000000000 0000000000000000 00000002ffffffff 0000000000000000
page dumped because: VM_WARN_ON_ONCE_FOLIO(is_hzp)
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4307 at mm/huge_memory.c:2648 split_huge_page_to_list+0x820/0x3280 mm/huge_memory.c:2648
Modules linked in:
CPU: 1 PID: 4307 Comm: syz-executor228 Not tainted 6.1.18-syzkaller #0
pc : split_huge_page_to_list+0x820/0x3280 mm/huge_memory.c:2648
lr : split_huge_page_to_list+0x814/0x3280 mm/huge_memory.c:2648
sp : ffff80001db373e0
x29: ffff80001db375b0 x28: fffffc0003798018 x27: ffff80001db37518
x26: ffff80001db37560 x25: 1fffff80006f3001 x24: dfff800000000000
x23: 00000000fffffff0 x22: fffffc0003798008 x21: fffffc0003798000
x20: 05ffc00000410001 x19: ffff800018053000 x18: ffff80001db36a60
x17: 0000000000000000 x16: ffff800012253e5c x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001
x11: ff8080000883ee50 x10: 0000000000000000 x9 : ffff80000883ee50
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000032
Call trace:
split_huge_page_to_list+0x820/0x3280 mm/huge_memory.c:2648
split_huge_page include/linux/huge_mm.h:188 [inline]
try_to_split_thp_page+0x110/0x19c mm/memory-failure.c:1537
memory_failure+0x490/0x2190 mm/memory-failure.c:2087
madvise_inject_error mm/madvise.c:1132 [inline]
do_madvise+0x51c/0x2fa8 mm/madvise.c:1417
__do_sys_madvise mm/madvise.c:1442 [inline]
__se_sys_madvise mm/madvise.c:1440 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1440
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
irq event stamp: 15914
hardirqs last enabled at (15913): [<ffff80000834aa64>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:261
hardirqs last disabled at (15914): [<ffff80001224fb14>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (15864): [<ffff800008020ee8>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last enabled at (15864): [<ffff800008020ee8>] __do_softirq+0xd88/0xff4 kernel/softirq.c:600
softirqs last disabled at (15855): [<ffff80000802b598>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
---[ end trace 0000000000000000 ]---
Memory failure: 0x11e600: recovery action for unsplit thp: Ignored
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 1cc3fcf63192 Linux 6.1.18
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=150c3ac6c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=157296d36f92ea19
dashboard link: https://syzkaller.appspot.com/bug?extid=8b6a8c605f81c2f60cad
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=174b540cc80000
userspace arch: arm64
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14d32e24c80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/0e4c0d43698b/disk-1cc3fcf6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/a4de39d735de/vmlinux-1cc3fcf6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/82bab928f6e3/Image-1cc3fcf6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
raw: 05ffc00000410001 0000000000000000 dead000000000122 0000000000000000
raw: 0000000000000000 0000000000000000 00000002ffffffff 0000000000000000
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4307 at mm/huge_memory.c:2648 split_huge_page_to_list+0x820/0x3280 mm/huge_memory.c:2648
Modules linked in:
CPU: 1 PID: 4307 Comm: syz-executor228 Not tainted 6.1.18-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : split_huge_page_to_list+0x820/0x3280 mm/huge_memory.c:2648
lr : split_huge_page_to_list+0x814/0x3280 mm/huge_memory.c:2648
sp : ffff80001db373e0
x29: ffff80001db375b0 x28: fffffc0003798018 x27: ffff80001db37518
x26: ffff80001db37560 x25: 1fffff80006f3001 x24: dfff800000000000
x23: 00000000fffffff0 x22: fffffc0003798008 x21: fffffc0003798000
x20: 05ffc00000410001 x19: ffff800018053000 x18: ffff80001db36a60
x17: 0000000000000000 x16: ffff800012253e5c x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001
x11: ff8080000883ee50 x10: 0000000000000000 x9 : ffff80000883ee50
x8 : 0000000000000001 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff80001db36c58 x4 : ffff800015813880 x3 : ffff800008590318
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000032
Call trace:
split_huge_page_to_list+0x820/0x3280 mm/huge_memory.c:2648
split_huge_page include/linux/huge_mm.h:188 [inline]
try_to_split_thp_page+0x110/0x19c mm/memory-failure.c:1537
memory_failure+0x490/0x2190 mm/memory-failure.c:2087
madvise_inject_error mm/madvise.c:1132 [inline]
do_madvise+0x51c/0x2fa8 mm/madvise.c:1417
__do_sys_madvise mm/madvise.c:1442 [inline]
__se_sys_madvise mm/madvise.c:1440 [inline]
__arm64_sys_madvise+0xa4/0xc0 mm/madvise.c:1440
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
irq event stamp: 15914
hardirqs last enabled at (15913): [<ffff80000834aa64>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:261
hardirqs last disabled at (15914): [<ffff80001224fb14>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (15864): [<ffff800008020ee8>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last enabled at (15864): [<ffff800008020ee8>] __do_softirq+0xd88/0xff4 kernel/softirq.c:600
softirqs last disabled at (15855): [<ffff80000802b598>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
---[ end trace 0000000000000000 ]---
Memory failure: 0x11e600: recovery action for unsplit thp: Ignored
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
https://goo.gl/tpsmEJ#testing-patches
syzbot
May 29, 2023, 5:48:35 AM5/29/23
to syzkaller...@googlegroups.com
syzbot suspects this issue was fixed by commit:
commit e8a7bdb6f76cdaef4183669554ad76e5ed197d92
Author: Naoya Horiguchi <naoya.h...@nec.com>
Date: Thu Apr 6 08:20:04 2023 +0000
mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15204a5d280000
start commit: 1cc3fcf63192 Linux 6.1.18
git tree: linux-6.1.y
#syz fix: mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit e8a7bdb6f76cdaef4183669554ad76e5ed197d92
Author: Naoya Horiguchi <naoya.h...@nec.com>
Date: Thu Apr 6 08:20:04 2023 +0000
mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15204a5d280000
start commit: 1cc3fcf63192 Linux 6.1.18
git tree: linux-6.1.y
kernel config: https://syzkaller.appspot.com/x/.config?x=157296d36f92ea19
dashboard link: https://syzkaller.appspot.com/bug?extid=8b6a8c605f81c2f60cad
dashboard link: https://syzkaller.appspot.com/bug?extid=8b6a8c605f81c2f60cad
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=174b540cc80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14d32e24c80000
If the result looks correct, please mark the issue as fixed by replying with:
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=174b540cc80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14d32e24c80000
#syz fix: mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
Reply all
Reply to author
Forward
0 new messages