[syzbot] WARNING in get_page_from_freelist
From: syzbot
Date: Thu Mar 25 2021 - 05:11:26 EST
Hello,
syzbot found the following issue on:
HEAD commit: a5406a7f riscv: Correct SPARSEMEM configuration
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes
console output: https://syzkaller.appspot.com/x/log.txt?x=154738bed00000
kernel config: https://syzkaller.appspot.com/x/.config?x=8436efa4b70702e6
dashboard link: https://syzkaller.appspot.com/bug?extid=ae79dc7907428bdb3fc9
userspace arch: riscv64
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ae79dc7907428bdb3fc9@xxxxxxxxxxxxxxxxxxxxxxxxx
------------[ cut here ]------------
WARNING: CPU: 0 PID: 3271 at mm/page_alloc.c:3488 rmqueue mm/page_alloc.c:3488 [inline]
WARNING: CPU: 0 PID: 3271 at mm/page_alloc.c:3488 get_page_from_freelist+0x286/0x1782 mm/page_alloc.c:3943
Modules linked in:
CPU: 0 PID: 3271 Comm: syz-executor.1 Not tainted 5.12.0-rc2-syzkaller-00474-ga5406a7ff56e #0
Hardware name: riscv-virtio,qemu (DT)
epc : rmqueue mm/page_alloc.c:3488 [inline]
epc : get_page_from_freelist+0x286/0x1782 mm/page_alloc.c:3943
ra : get_page_from_freelist+0x11a8/0x1782 mm/page_alloc.c:3943
epc : ffffffe00036abee ra : ffffffe00036bb10 sp : ffffffe01fd57480
gp : ffffffe004588910 tp : ffffffe01fa95f00 t0 : ffffffc403acde00
t1 : 0000000000000001 t2 : 0000003fffad1d06 s0 : ffffffe01fd57670
s1 : 0000000000000000 a0 : ffffffe01fd57688 a1 : 0000000000000003
a2 : 1ffffffc03faaed1 a3 : ffffffe00036bb10 a4 : 0000000000000003
a5 : 0000000000000001 a6 : 0000000000000008 a7 : 781560e8875b1000
s2 : ffffffe07fdf5d00 s3 : 0000000000000001 s4 : ffffffe07fdf5758
s5 : 0000000000047df2 s6 : 0000000000000000 s7 : ffffffe07fdf5740
s8 : ffffffe07fdf5740 s9 : ffffffe01fd57670 s10: 0000000000000001
s11: ffffffe07fdf5740 t3 : 781560e8875b1000 t4 : ffffffc40133fbf0
t5 : ffffffc40133fbf1 t6 : ffffffe01fd57af5
status: 0000000000000120 badaddr: 0000000000000000 cause: 0000000000000003
Call Trace:
[<ffffffe00036abee>] rmqueue mm/page_alloc.c:3488 [inline]
[<ffffffe00036abee>] get_page_from_freelist+0x286/0x1782 mm/page_alloc.c:3943
[<ffffffe00036d996>] __alloc_pages_nodemask+0x19a/0x480 mm/page_alloc.c:4996
[<ffffffe00039fd8e>] alloc_pages_current+0x114/0x234 mm/mempolicy.c:2277
[<ffffffe0003b092e>] alloc_pages include/linux/gfp.h:561 [inline]
[<ffffffe0003b092e>] alloc_slab_page mm/slub.c:1638 [inline]
[<ffffffe0003b092e>] allocate_slab+0x282/0x406 mm/slub.c:1778
[<ffffffe0003b4638>] new_slab mm/slub.c:1841 [inline]
[<ffffffe0003b4638>] new_slab_objects mm/slub.c:2587 [inline]
[<ffffffe0003b4638>] ___slab_alloc+0x2fc/0x4d8 mm/slub.c:2750
[<ffffffe0003b4b72>] __slab_alloc.constprop.0+0xa4/0xce mm/slub.c:2790
[<ffffffe0003b627e>] slab_alloc_node mm/slub.c:2871 [inline]
[<ffffffe0003b627e>] slab_alloc mm/slub.c:2915 [inline]
[<ffffffe0003b627e>] kmem_cache_alloc_trace+0x29a/0x2bc mm/slub.c:2932
[<ffffffe00079bb14>] kmalloc include/linux/slab.h:554 [inline]
[<ffffffe00079bb14>] tomoyo_print_header security/tomoyo/audit.c:156 [inline]
[<ffffffe00079bb14>] tomoyo_init_log+0xb4/0x1402 security/tomoyo/audit.c:255
[<ffffffe0007a4648>] tomoyo_supervisor+0x1b0/0xaaa security/tomoyo/common.c:2097
[<ffffffe0007ae608>] tomoyo_audit_path_number_log security/tomoyo/file.c:235 [inline]
[<ffffffe0007ae608>] tomoyo_path_number_perm+0x2ae/0x33c security/tomoyo/file.c:734
[<ffffffe0007b630a>] tomoyo_file_ioctl+0x28/0x34 security/tomoyo/tomoyo.c:329
[<ffffffe000790950>] security_file_ioctl+0x48/0x90 security/security.c:1495
[<ffffffe00041f2a8>] __do_sys_ioctl fs/ioctl.c:747 [inline]
[<ffffffe00041f2a8>] sys_ioctl+0x76/0xd56 fs/ioctl.c:739
[<ffffffe000005572>] ret_from_syscall+0x0/0x2
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@xxxxxxxxxxxxxxxx.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.