lowmem_reserve[]: 0 0 3503 3503 Node 0 Normal free:190408kB min:37352kB low:46688kB high:56024kB active_anon:2217536kB inactive_anon:448kB active_file:3484kB inactive_file:4716kB unevictable:0kB writepending:296kB present:4718592kB managed:3588044kB mlocked:0kB kernel_stack:64672kB pagetables:193512kB bounce:0kB free_pcp:2676kB local_pcp:1264kB free_cma:0kB swap_info_get: Bad swap file entry 2003ffffff7fffff BUG: Bad page map in process syz-executor1 pte:8000000100000000 pmd:18248f067 addr:0000000089ca5424 vm_flags:180400fb anon_vma: (null) mapping:000000000d7d5d79 index:16c file:kcov fault: (null) mmap:kcov_mmap readpage: (null) CPU: 1 PID: 15074 Comm: syz-executor1 Not tainted 4.19.0-rc7+ #55 kauditd_printk_skb: 127 callbacks suppressed audit: type=1400 audit(1539229914.104:877): avc: denied { map } for pid=23946 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 audit: type=1400 audit(1539229914.134:878): avc: denied { map } for pid=23946 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Call Trace: audit: type=1400 audit(1539229914.154:879): avc: denied { map } for pid=23946 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c4/0x2b4 lib/dump_stack.c:113 print_bad_pte.cold.110+0x1e6/0x24b mm/memory.c:773 zap_pte_range mm/memory.c:1385 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0x1998/0x2030 mm/memory.c:1511 unmap_single_vma+0x19b/0x310 mm/memory.c:1556 unmap_vmas+0x125/0x200 mm/memory.c:1586 exit_mmap+0x2be/0x590 mm/mmap.c:3093 __mmput kernel/fork.c:1001 [inline] mmput+0x247/0x610 kernel/fork.c:1022 exit_mm kernel/exit.c:545 [inline] do_exit+0xe6f/0x2610 kernel/exit.c:854 do_group_exit+0x177/0x440 kernel/exit.c:970 get_signal+0x8b0/0x1980 kernel/signal.c:2513 do_signal+0x9c/0x21e0 arch/x86/kernel/signal.c:816 exit_to_usermode_loop+0x2e5/0x380 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x6be/0x820 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457519 Code: Bad RIP value. RSP: 002b:00007f94ebc74c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffdfc RBX: 0000000000000006 RCX: 0000000000457519 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002000cffc RBP: 000000000072bf00 R08: 0000000020000040 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 00007f94ebc756d4 R13: 00000000004bde0e R14: 00000000004ccca0 R15: 00000000ffffffff BUG: unable to handle kernel paging request at ffffea000ee25b88 PGD 2187ef067 P4D 2187ef067 PUD 2187ee067 PMD 0 Oops: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 15074 Comm: syz-executor1 Tainted: G B 4.19.0-rc7+ #55 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] RIP: 0010:migration_entry_to_page+0x106/0x550 include/linux/swapops.h:215 Code: 06 48 01 c3 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 08 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 69 03 00 00 4d 8d a6 40 ff ff ff <4c> 8b 7b 08 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 RSP: 0000:ffff880173a06ae0 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffffea000ee25b80 RCX: ffffffff81b2144f RDX: 1ffffd4001dc4b71 RSI: ffffffff81b17636 RDI: ffffea000ee25b88 RBP: ffff880173a06c38 R08: ffff8801bc8f66c0 R09: fffff94000e44b0e R10: fffff94000e44b0e R11: ffffea0007225873 R12: ffff880173a06b50 R13: 1ffff1002e740d5e R14: ffff880173a06c10 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffea000ee25b88 CR3: 0000000185b43000 CR4: 00000000001426e0 Call Trace: zap_pte_range mm/memory.c:1381 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0x10e6/0x2030 mm/memory.c:1511 unmap_single_vma+0x19b/0x310 mm/memory.c:1556 unmap_vmas+0x125/0x200 mm/memory.c:1586 exit_mmap+0x2be/0x590 mm/mmap.c:3093 __mmput kernel/fork.c:1001 [inline] mmput+0x247/0x610 kernel/fork.c:1022 exit_mm kernel/exit.c:545 [inline] do_exit+0xe6f/0x2610 kernel/exit.c:854 do_group_exit+0x177/0x440 kernel/exit.c:970 get_signal+0x8b0/0x1980 kernel/signal.c:2513 do_signal+0x9c/0x21e0 arch/x86/kernel/signal.c:816 exit_to_usermode_loop+0x2e5/0x380 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x6be/0x820 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457519 Code: Bad RIP value. RSP: 002b:00007f94ebc74c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffdfc RBX: 0000000000000006 RCX: 0000000000457519 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002000cffc RBP: 000000000072bf00 R08: 0000000020000040 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 00007f94ebc756d4 R13: 00000000004bde0e R14: 00000000004ccca0 R15: 00000000ffffffff Modules linked in: CR2: ffffea000ee25b88 ---[ end trace 274e28f94e672496 ]--- RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] RIP: 0010:migration_entry_to_page+0x106/0x550 include/linux/swapops.h:215 Code: 06 48 01 c3 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 08 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 69 03 00 00 4d 8d a6 40 ff ff ff <4c> 8b 7b 08 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 RSP: 0000:ffff880173a06ae0 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffffea000ee25b80 RCX: ffffffff81b2144f RDX: 1ffffd4001dc4b71 RSI: ffffffff81b17636 RDI: ffffea000ee25b88 RBP: ffff880173a06c38 R08: ffff8801bc8f66c0 R09: fffff94000e44b0e R10: fffff94000e44b0e R11: ffffea0007225873 R12: ffff880173a06b50 R13: 1ffff1002e740d5e R14: ffff880173a06c10 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000004574ef CR3: 0000000185b43000 CR4: 00000000001426e0