syzbot


BUG: spinlock bad magic in page_vma_mapped_walk

Status: auto-closed as invalid on 2019/05/09 16:29
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+96a7885536dfb99c17e1@syzkaller.appspotmail.com
First crash: 1965d, last: 1965d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream BUG: spinlock bad magic in page_vma_mapped_walk (2) mm 1 949d 945d 0/26 auto-closed as invalid on 2021/11/20 19:19

Sample crash report:
BUG: spinlock bad magic on CPU#1, syz-executor5/17666
 lock: 0xffff8801d95afe18, .magic: ffff8801, .owner: <none>/-1, .owner_cpu: -1
CPU: 1 PID: 17666 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #109
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
 spin_dump.cold.3+0x81/0xe7 kernel/locking/spinlock_debug.c:67
 spin_bug kernel/locking/spinlock_debug.c:75 [inline]
 debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]
 do_raw_spin_lock+0x2cc/0x350 kernel/locking/spinlock_debug.c:112
 __raw_spin_lock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_lock+0x35/0x40 kernel/locking/spinlock.c:144
 spin_lock include/linux/spinlock.h:329 [inline]
 map_pte mm/page_vma_mapped.c:51 [inline]
 page_vma_mapped_walk+0x1878/0x27c0 mm/page_vma_mapped.c:213
 page_referenced_one+0x2cb/0x840 mm/rmap.c:764
 rmap_walk_file+0x80a/0x1190 mm/rmap.c:1886
 rmap_walk+0x22c/0x350 mm/rmap.c:1904
 page_referenced+0x864/0xaa0 mm/rmap.c:874
 shrink_active_list+0x904/0x1f00 mm/vmscan.c:2140
 shrink_list mm/vmscan.c:2272 [inline]
 shrink_node_memcg+0x7fc/0x18d0 mm/vmscan.c:2541
 shrink_node+0x3bc/0x16b0 mm/vmscan.c:2756
 shrink_zones mm/vmscan.c:2988 [inline]
 do_try_to_free_pages+0x3e7/0x1290 mm/vmscan.c:3050
 try_to_free_pages+0x4cb/0xb90 mm/vmscan.c:3265
 __perform_reclaim mm/page_alloc.c:3769 [inline]
 __alloc_pages_direct_reclaim mm/page_alloc.c:3791 [inline]
 __alloc_pages_slowpath+0xa14/0x2e30 mm/page_alloc.c:4192
 __alloc_pages_nodemask+0xa7b/0xdd0 mm/page_alloc.c:4391
 alloc_pages_current+0x173/0x350 mm/mempolicy.c:2080
 alloc_pages include/linux/gfp.h:509 [inline]
 __page_cache_alloc+0x3ce/0x570 mm/filemap.c:924
 __do_page_cache_readahead+0x2af/0x810 mm/readahead.c:193
 ra_submit mm/internal.h:66 [inline]
 do_sync_mmap_readahead mm/filemap.c:2371 [inline]
 filemap_fault+0xf4e/0x25f0 mm/filemap.c:2447
 __do_fault+0x100/0x6b0 mm/memory.c:2996
 do_shared_fault mm/memory.c:3463 [inline]
 do_fault mm/memory.c:3538 [inline]
 handle_pte_fault mm/memory.c:3765 [inline]
 __handle_mm_fault+0x3ca6/0x5be0 mm/memory.c:3889
 handle_mm_fault+0x54f/0xc70 mm/memory.c:3926
 do_user_addr_fault arch/x86/mm/fault.c:1423 [inline]
 __do_page_fault+0x5d6/0xe40 arch/x86/mm/fault.c:1489
 do_page_fault+0xed/0x7d1 arch/x86/mm/fault.c:1520
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1139
RIP: 0033:0x43e851
Code: 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e 88 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e <66> 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c 8b 0e
RSP: 002b:00007fff26aaee18 EFLAGS: 00010202
RAX: 0000000020000100 RBX: 000000000072c900 RCX: 0000000000002f2e
RDX: 000000000000000e RSI: 0000000000732570 RDI: 0000000020000100
RBP: fffffffffffffffe R08: 0000000000000000 R09: 0000000000000000
R10: 00007fff26aaeee0 R11: 0000000000000246 R12: 000000000072bfac
R13: 00000000000003e8 R14: 0000000000074b0f R15: 0000000000074ae2

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/11/10 16:28 linux-next 442b8cea2477 f9815aaf .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.