Re: mm: kernel BUG at mm/memory.c:1230

From: Sasha Levin
Date: Thu May 24 2012 - 15:14:28 EST

Next message: Myklebust, Trond: "Re: 3.4. sunrpc oops during shutdown"
Previous message: Dave Jones: "Re: tracing ring_buffer_resize oops."
In reply to: Andrew Morton: "Re: mm: kernel BUG at mm/memory.c:1230"
Next in thread: Hugh Dickins: "Re: mm: kernel BUG at mm/memory.c:1230"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 24, 2012 at 9:07 PM, Andrew Morton
<akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Thu, 24 May 2012 20:27:34 +0200
> Sasha Levin <levinsasha928@xxxxxxxxx> wrote:
>
>> Hi all,
>>
>> During fuzzing with trinity inside a KVM tools guest, using latest linux-next, I've stumbled on the following:
>>
>> [ 2043.098949] ------------[ cut here ]------------
>> [ 2043.099014] kernel BUG at mm/memory.c:1230!
>
> That's
>
> VM_BUG_ON(!rwsem_is_locked(&tlb->mm->mmap_sem));
>
> in zap_pmd_range()?

Yup.

> The assertion was added in Jan 2011 by 14d1a55cd26f1860 ("thp: add
> debug checks for mapcount related invariants"). AFAICT it's just wrong
> on the exit path. Unclear why it's triggering now...

I'm not sure if that's indeed the issue or not, but note that this is
the first time I've managed to trigger that with the fuzzer, and it's
not that easy to reproduce. Which is a bit odd for code that was there
for 4 months...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Myklebust, Trond: "Re: 3.4. sunrpc oops during shutdown"
Previous message: Dave Jones: "Re: tracing ring_buffer_resize oops."
In reply to: Andrew Morton: "Re: mm: kernel BUG at mm/memory.c:1230"
Next in thread: Hugh Dickins: "Re: mm: kernel BUG at mm/memory.c:1230"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]