Hastebin

1
=============================
[ BUG: Invalid wait context ]
6.12.18-android16-1-maybe-dirty-4k #1 Tainted: G            E     
-----------------------------
syz.2.208/837 is trying to lock:
ffffffc08531ae58 (&zone->lock){..-.}-{3:3}, at: rmqueue_bulk proc/self/cwd/common/mm/page_alloc.c:2546 [inline]
ffffffc08531ae58 (&zone->lock){..-.}-{3:3}, at: ___rmqueue_pcplist+0x3b0/0x236c proc/self/cwd/common/mm/page_alloc.c:3276
other info that might help us debug this:
context-{2:2}
3 locks held by syz.2.208/837:
 #0: ffffff8025a12978 (&mm->mmap_lock){++++}-{4:4}, at: mmap_read_lock proc/self/cwd/common/include/linux/mmap_lock.h:184 [inline]
 #0: ffffff8025a12978 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0xb8/0x9e0 proc/self/cwd/common/mm/mmap.c:1928
 #1: ffffff80da986668 (lock#4){+.+.}-{3:3}, at: local_lock_acquire+0x1c/0x198 proc/self/cwd/common/include/linux/local_lock_internal.h:28
 #2: ffffff80da991798 (&pcp->lock){+.+.}-{3:3}, at: spin_trylock proc/self/cwd/common/include/linux/spinlock.h:361 [inline]
 #2: ffffff80da991798 (&pcp->lock){+.+.}-{3:3}, at: rmqueue_pcplist proc/self/cwd/common/mm/page_alloc.c:3331 [inline]
 #2: ffffff80da991798 (&pcp->lock){+.+.}-{3:3}, at: rmqueue proc/self/cwd/common/mm/page_alloc.c:3375 [inline]
 #2: ffffff80da991798 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x434/0x2a30 proc/self/cwd/common/mm/page_alloc.c:3799
stack backtrace:
CPU: 1 UID: 0 PID: 837 Comm: syz.2.208 Tainted: G            E      6.12.18-android16-1-maybe-dirty-4k #1 a658102f48f19a734e30b0acdc5a0416302e32b1
Tainted: [E]=UNSIGNED_MODULE
Hardware name: linux,dummy-virt (DT)
Call trace:
 dump_backtrace+0x17c/0x1ac proc/self/cwd/common/arch/arm64/kernel/stacktrace.c:320
 show_stack+0x2c/0x40 proc/self/cwd/common/arch/arm64/kernel/stacktrace.c:328
 __dump_stack proc/self/cwd/common/lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0xc0/0x10c proc/self/cwd/common/lib/dump_stack.c:120
 dump_stack+0x1c/0x28 proc/self/cwd/common/lib/dump_stack.c:129
 print_lock_invalid_wait_context proc/self/cwd/common/kernel/locking/lockdep.c:4802 [inline]
 check_wait_context proc/self/cwd/common/kernel/locking/lockdep.c:4874 [inline]
 __lock_acquire+0x19f4/0x6ccc proc/self/cwd/common/kernel/locking/lockdep.c:5152
 lock_acquire+0x1d0/0x564 proc/self/cwd/common/kernel/locking/lockdep.c:5825
 __raw_spin_lock_irqsave proc/self/cwd/common/include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x8c/0xcc proc/self/cwd/common/kernel/locking/spinlock.c:162
 rmqueue_bulk proc/self/cwd/common/mm/page_alloc.c:2546 [inline]
 ___rmqueue_pcplist+0x3b0/0x236c proc/self/cwd/common/mm/page_alloc.c:3276
 __rmqueue_pcplist proc/self/cwd/common/mm/page_alloc.c:3315 [inline]
 rmqueue_pcplist proc/self/cwd/common/mm/page_alloc.c:3344 [inline]
 rmqueue proc/self/cwd/common/mm/page_alloc.c:3375 [inline]
 get_page_from_freelist+0x580/0x2a30 proc/self/cwd/common/mm/page_alloc.c:3799
 __alloc_pages_noprof+0x1dc/0x5dc proc/self/cwd/common/mm/page_alloc.c:5118
 __alloc_pages_node_noprof proc/self/cwd/common/include/linux/gfp.h:267 [inline]
 alloc_pages_node_noprof proc/self/cwd/common/include/linux/gfp.h:294 [inline]
 alloc_pages_noprof proc/self/cwd/common/include/linux/gfp.h:311 [inline]
 stack_depot_save_flags+0x5bc/0x688 proc/self/cwd/common/lib/stackdepot.c:627
 kasan_save_stack+0x54/0x70 proc/self/cwd/common/mm/kasan/common.c:48
 __kasan_record_aux_stack+0xb0/0xcc proc/self/cwd/common/mm/kasan/generic.c:541
 kasan_record_aux_stack+0x14/0x20 proc/self/cwd/common/mm/kasan/generic.c:546
 task_work_add+0x88/0x38c proc/self/cwd/common/kernel/task_work.c:77
 __run_posix_cpu_timers proc/self/cwd/common/kernel/time/posix-cpu-timers.c:1218 [inline]
 run_posix_cpu_timers+0x514/0x6d0 proc/self/cwd/common/kernel/time/posix-cpu-timers.c:1417
 update_process_times+0x1b4/0x1f8 proc/self/cwd/common/kernel/time/timer.c:2530
 tick_sched_handle proc/self/cwd/common/kernel/time/tick-sched.c:279 [inline]
 tick_nohz_handler+0x398/0x66c proc/self/cwd/common/kernel/time/tick-sched.c:300
 __run_hrtimer proc/self/cwd/common/kernel/time/hrtimer.c:1756 [inline]
 __hrtimer_run_queues+0x454/0xce4 proc/self/cwd/common/kernel/time/hrtimer.c:1820
 hrtimer_interrupt+0x2dc/0xaa8 proc/self/cwd/common/kernel/time/hrtimer.c:1882
 timer_handler proc/self/cwd/common/drivers/clocksource/arm_arch_timer.c:674 [inline]
 arch_timer_handler_virt+0x8c/0xa4 proc/self/cwd/common/drivers/clocksource/arm_arch_timer.c:685
 handle_percpu_devid_irq+0x2a8/0x744 proc/self/cwd/common/kernel/irq/chip.c:957
 generic_handle_irq_desc proc/self/cwd/common/include/linux/irqdesc.h:175 [inline]
 handle_irq_desc proc/self/cwd/common/kernel/irq/irqdesc.c:690 [inline]
 generic_handle_domain_irq+0xf8/0x15c proc/self/cwd/common/kernel/irq/irqdesc.c:746
 gic_handle_irq+0x134/0x1dc proc/self/cwd/common/drivers/irqchip/irq-gic.c:371
 call_on_irq_stack+0x3c/0x74 proc/self/cwd/common/arch/arm64/kernel/entry.S:889
 do_interrupt_handler+0xa0/0x100 proc/self/cwd/common/arch/arm64/kernel/entry-common.c:312
 __el1_irq proc/self/cwd/common/arch/arm64/kernel/entry-common.c:539 [inline]
 el1_interrupt+0x34/0x58 proc/self/cwd/common/arch/arm64/kernel/entry-common.c:554
 el1h_64_irq_handler+0x18/0x24 proc/self/cwd/common/arch/arm64/kernel/entry-common.c:559
 el1h_64_irq+0x68/0x6c proc/self/cwd/common/arch/arm64/kernel/entry.S:594
 __daif_local_irq_restore proc/self/cwd/common/arch/arm64/include/asm/irqflags.h:175 [inline]
 arch_local_irq_restore proc/self/cwd/common/arch/arm64/include/asm/irqflags.h:195 [inline]
 __raw_spin_unlock_irqrestore proc/self/cwd/common/include/linux/spinlock_api_smp.h:151 [inline]
 _raw_spin_unlock_irqrestore+0x48/0xac proc/self/cwd/common/kernel/locking/spinlock.c:194
 spin_unlock_irqrestore proc/self/cwd/common/include/linux/spinlock.h:406 [inline]
 unlock_page_lruvec_irqrestore proc/self/cwd/common/include/linux/memcontrol.h:1567 [inline]
 folio_lruvec_relock_irqsave proc/self/cwd/common/include/linux/memcontrol.h:1600 [inline]
 folio_batch_move_lru+0x150/0x2f8 proc/self/cwd/common/mm/swap.c:201
 lru_add_drain_cpu+0xb8/0x32c proc/self/cwd/common/mm/swap.c:677
 lru_add_drain+0x80/0x144 proc/self/cwd/common/mm/swap.c:765
 exit_mmap+0x140/0x9e0 proc/self/cwd/common/mm/mmap.c:1939
 __mmput+0xbc/0x3ac proc/self/cwd/common/kernel/fork.c:1344
 mmput+0x70/0xa8 proc/self/cwd/common/kernel/fork.c:1366
 exit_mm proc/self/cwd/common/kernel/exit.c:574 [inline]
 do_exit+0x6a0/0x2140 proc/self/cwd/common/kernel/exit.c:931
 do_group_exit+0x194/0x230 proc/self/cwd/common/kernel/exit.c:1093
 __do_sys_exit_group proc/self/cwd/common/kernel/exit.c:1104 [inline]
 __se_sys_exit_group proc/self/cwd/common/kernel/exit.c:1102 [inline]
 __arm64_sys_exit_group+0x44/0x48 proc/self/cwd/common/kernel/exit.c:1102
 __invoke_syscall proc/self/cwd/common/arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x9c/0x274 proc/self/cwd/common/arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x240 proc/self/cwd/common/arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 proc/self/cwd/common/arch/arm64/kernel/syscall.c:151
 el0_svc+0x50/0xa8 proc/self/cwd/common/arch/arm64/kernel/entry-common.c:715
 el0t_64_sync_handler+0x70/0xbc proc/self/cwd/common/arch/arm64/kernel/entry-common.c:733
 el0t_64_sync+0x19c/0x1a0 proc/self/cwd/common/arch/arm64/kernel/entry.S:598

For immediate assistance, please email our customer support: [email protected]

Download RAW File