From: "Kirill A. Shutemov" <kirill@shutemov.name>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-mm@kvack.org, Mark Rutland <mark.rutland@arm.com>
Subject: Re: Fw: [Bug 202919] New: Bad page map in process syz-executor.5 pte:9100000081 pmd:47c67067
Date: Mon, 25 Mar 2019 13:40:07 +0300 [thread overview]
Message-ID: <20190325104007.hyvsnv2laqkfc7sc@kshutemo-mobl1> (raw)
In-Reply-To: <20190320170151.2ed757a48e892ebc05922389@linux-foundation.org>
On Wed, Mar 20, 2019 at 05:01:51PM -0700, Andrew Morton wrote:
>
> kcov_mmap()/kcov_fault_in_area() appear to have produced a pte which
> confused _vm_normal_page(). Could someone please take a look?
>
>
> Begin forwarded message:
>
> Date: Thu, 14 Mar 2019 15:06:47 +0000
> From: bugzilla-daemon@bugzilla.kernel.org
> To: akpm@linux-foundation.org
> Subject: [Bug 202919] New: Bad page map in process syz-executor.5 pte:9100000081 pmd:47c67067
>
>
> https://bugzilla.kernel.org/show_bug.cgi?id=202919
>
> Bug ID: 202919
> Summary: Bad page map in process syz-executor.5 pte:9100000081
> pmd:47c67067
> Product: Memory Management
> Version: 2.5
> Kernel Version: 5.0.2
> Hardware: All
> OS: Linux
> Tree: Mainline
> Status: NEW
> Severity: normal
> Priority: P1
> Component: Page Allocator
> Assignee: akpm@linux-foundation.org
> Reporter: zhanggen12@hotmail.com
> Regression: No
>
> Created attachment 281823
> --> https://bugzilla.kernel.org/attachment.cgi?id=281823&action=edit
> bad page map
>
> BUG: Bad page map in process syz-executor.5 pte:9100000081 pmd:47c67067
> addr:00000000768464c8 vm_flags:100400fb anon_vma: (null)
> mapping:000000009265a729 index:18f
> file:kcov fault: (null) mmap:kcov_mmap readpage: (null)
> CPU: 0 PID: 30290 Comm: syz-executor.5 Not tainted 5.0.2 #1
> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
> Call Trace:
> __dump_stack lib/dump_stack.c:77 [inline]
> dump_stack+0xca/0x13e lib/dump_stack.c:113
> print_bad_pte.cold.120+0x2c7/0x2f0 mm/memory.c:526
> _vm_normal_page+0x111/0x2b0 mm/memory.c:612
Hm. This is print_bad_pte() under 'if (IS_ENABLED(CONFIG_ARCH_HAS_PTE_SPECIAL))'.
I don't see how would we get there since pte (0x9100000081) doesn't have
special flag set (0x200). 'if (likely(!pte_special(pte)))' should not
not allow us to get there.
Very strange.
--
Kirill A. Shutemov
prev parent reply other threads:[~2019-03-25 10:40 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-21 0:01 Andrew Morton
2019-03-21 18:58 ` Qian Cai
2019-03-25 10:40 ` Kirill A. Shutemov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190325104007.hyvsnv2laqkfc7sc@kshutemo-mobl1 \
--to=kirill@shutemov.name \
--cc=akpm@linux-foundation.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox