Re: [syzbot] [mm?] kernel BUG in sg_init_one

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+adbc983a1588b7805de3@syzkaller.appspotmail.com>
To: 21cnbao@gmail.com, akpm@linux-foundation.org,
	chengming.zhou@linux.dev,  hannes@cmpxchg.org,
	linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	 nphamcs@gmail.com, syzkaller-bugs@googlegroups.com,
	yosryahmed@google.com
Subject: Re: [syzbot] [mm?] kernel BUG in sg_init_one
Date: Mon, 18 Mar 2024 13:52:02 -0700	[thread overview]
Message-ID: <0000000000009221d60613f58726@google.com> (raw)
In-Reply-To: <20240318204212.36505-1-21cnbao@gmail.com>

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING in __kmap_to_page

------------[ cut here ]------------
WARNING: CPU: 0 PID: 3529 at mm/highmem.c:167 __kmap_to_page+0x100/0x194 mm/highmem.c:167
Modules linked in:
Kernel panic - not syncing: kernel: panic_on_warn set ...
CPU: 0 PID: 3529 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: 
[<8185fe64>] (dump_backtrace) from [<8185ff60>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:256)
 r7:00000000 r6:82622e44 r5:00000000 r4:81fc00fc
[<8185ff48>] (show_stack) from [<8187d720>] (__dump_stack lib/dump_stack.c:88 [inline])
[<8185ff48>] (show_stack) from [<8187d720>] (dump_stack_lvl+0x54/0x7c lib/dump_stack.c:114)
[<8187d6cc>] (dump_stack_lvl) from [<8187d760>] (dump_stack+0x18/0x1c lib/dump_stack.c:123)
 r5:00000000 r4:82857d18
[<8187d748>] (dump_stack) from [<81860a08>] (panic+0x120/0x358 kernel/panic.c:348)
[<818608e8>] (panic) from [<80243844>] (check_panic_on_warn kernel/panic.c:241 [inline])
[<818608e8>] (panic) from [<80243844>] (print_tainted+0x0/0xa0 kernel/panic.c:236)
 r3:8260c584 r2:00000001 r1:81fa8e48 r0:81fb09f0
 r7:80477264
[<802437d0>] (check_panic_on_warn) from [<80243a38>] (__warn+0x7c/0x180 kernel/panic.c:694)
[<802439bc>] (__warn) from [<80243cb4>] (warn_slowpath_fmt+0x178/0x1f4 kernel/panic.c:719)
 r8:00000009 r7:81fd71bc r6:df9b1bf4 r5:83682400 r4:00000000
[<80243b40>] (warn_slowpath_fmt) from [<80477264>] (__kmap_to_page+0x100/0x194 mm/highmem.c:167)
 r10:00000000 r9:ff7e7f14 r8:83e402c0 r7:dedf0b48 r6:800fd004 r5:ffefd000
 r4:7fefd004
[<80477164>] (__kmap_to_page) from [<804c248c>] (kmap_to_page include/linux/highmem-internal.h:63 [inline])
[<80477164>] (__kmap_to_page) from [<804c248c>] (zswap_decompress+0xc0/0x23c mm/zswap.c:1090)
 r9:ff7e7f14 r8:83e402c0 r7:dedf0b48 r6:ffefd004 r5:840fb8e8 r4:ff7e7ef4
[<804c23cc>] (zswap_decompress) from [<804c449c>] (zswap_load+0x15c/0x198 mm/zswap.c:1638)
 r9:846e3240 r8:846e3240 r7:846e3244 r6:dedf0b48 r5:00000010 r4:840fb8e8
[<804c4340>] (zswap_load) from [<804b9644>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:8420fa00 r8:83682400 r7:00000000 r6:df9b1d4c r5:00000000 r4:dedf0b48
[<804b959c>] (swap_read_folio) from [<804bb064>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000017 r8:df9b1d4b r7:00000000 r6:00000000 r5:00100cca
 r4:00000010
[<804baea0>] (swap_cluster_readahead) from [<804bb3b8>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:df9b1eb8 r9:00000000 r8:00100cca r7:8371e2a0 r6:00000012 r5:00000000
 r4:00000001
[<804bb350>] (swapin_readahead) from [<8047cde0>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000040 r9:00000000 r8:8420fa00 r7:8371e2a0 r6:00000012 r5:00000000
 r4:df9b1eb8
[<8047cbe0>] (do_swap_page) from [<8047e6c4>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047cbe0>] (do_swap_page) from [<8047e6c4>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047cbe0>] (do_swap_page) from [<8047e6c4>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000040 r9:83dfb900 r8:83682400 r7:8371e2a0 r6:001403b8 r5:83682400
 r4:00001254
[<8047e2ec>] (handle_mm_fault) from [<80215da8>] (do_page_fault+0x1c8/0x3a8 arch/arm/mm/fault.c:292)
 r10:00000007 r9:83dfb900 r8:83682400 r7:00000207 r6:00000254 r5:001403b8
 r4:df9b1fb0
[<80215be0>] (do_page_fault) from [<80216170>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:558)
 r10:7eded670 r9:00000000 r8:80215be0 r7:df9b1fb0 r6:001403b8 r5:00000207
 r4:8261d0e0
[<80216138>] (do_DataAbort) from [<80200e3c>] (__dabt_usr+0x5c/0x60 arch/arm/kernel/entry-armv.S:427)
Exception stack(0xdf9b1fb0 to 0xdf9b1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000002 7eded61c 00000000 000001f4 00140000 00000000 7eded670 00001238
1fe0: 00000000 7eded5a8 00000001 00021804 60000010 ffffffff
 r8:824a9044 r7:83682400 r6:ffffffff r5:60000010 r4:00021804
Rebooting in 86400 seconds..


Tested on:

commit:         e5eb28f6 Merge tag 'mm-nonmm-stable-2024-03-14-09-36' ..
git tree:       git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=1491ea6e180000
kernel config:  https://syzkaller.appspot.com/x/.config?x=19bb57c23dffc38e
dashboard link: https://syzkaller.appspot.com/bug?extid=adbc983a1588b7805de3
compiler:       arm-linux-gnueabi-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm
patch:          https://syzkaller.appspot.com/x/patch.diff?x=12651546180000

next prev parent reply	other threads:[~2024-03-18 20:52 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-18 16:58 [syzbot] [mm?] kernel BUG in sg_init_one syzbot
2024-03-18 18:00 ` Nhat Pham
2024-03-18 20:17   ` Yosry Ahmed
2024-03-18 21:09     ` Johannes Weiner
2024-03-18 21:15       ` Barry Song
2024-03-18 21:32         ` Johannes Weiner
2024-03-18 21:37           ` Barry Song
2024-03-18 21:18       ` Yosry Ahmed
2024-03-18 21:21         ` Barry Song
2024-03-18 20:25   ` Barry Song
2024-03-18 20:34     ` Yosry Ahmed
2024-03-18 20:50       ` Barry Song
2024-03-18 20:59         ` Yosry Ahmed
2024-03-18 21:12           ` Barry Song
2024-03-18 20:42 ` Barry Song
2024-03-18 20:52   ` syzbot [this message]
2024-03-18 21:03     ` Barry Song
2025-02-12 17:20       ` Yosry Ahmed
2025-02-22  0:48         ` Yosry Ahmed
2025-02-26 16:01           ` Ira Weiny
2025-02-26 16:45             ` Yosry Ahmed
2025-02-26 20:36               ` Ira Weiny
2024-03-18 22:27     ` Barry Song
2024-03-18 22:52       ` syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0000000000009221d60613f58726@google.com \
    --to=syzbot+adbc983a1588b7805de3@syzkaller.appspotmail.com \
    --cc=21cnbao@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=chengming.zhou@linux.dev \
    --cc=hannes@cmpxchg.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=nphamcs@gmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=yosryahmed@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.