syzbot


BUG: unable to handle kernel paging request in list_lru_add

Status: upstream: reported syz repro on 2023/09/04 16:00
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+2403e3909382fbdeaf6c@syzkaller.appspotmail.com
First crash: 238d, last: 28d
Discussions (5)
Title Replies (including bot) Last reply
[syzbot] Monthly mm report (Mar 2024) 0 (1) 2024/03/19 21:40
[syzbot] Monthly mm report (Feb 2024) 0 (1) 2024/02/17 20:23
[syzbot] Monthly mm report (Jan 2024) 0 (1) 2024/01/17 09:21
[syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add 0 (2) 2023/12/27 15:50
[syzbot] Monthly mm report (Sep 2023) 0 (1) 2023/09/11 10:07
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in list_lru_add mm C done 1125 469d 757d 22/26 fixed on 2023/02/24 13:51
android-5-10 BUG: Dentry still in use in unmount C done 1184 786d 798d 2/2 fixed on 2022/02/25 03:20
Last patch testing requests (5)
Created Duration User Patch Repo Result
2024/04/05 11:14 26m retest repro upstream OK log
2024/04/05 09:41 22m retest repro upstream OK log
2024/04/05 09:41 23m retest repro upstream OK log
2024/04/05 09:41 23m retest repro upstream OK log
2024/04/05 09:41 23m retest repro upstream OK log

Sample crash report:
Unable to handle kernel paging request at virtual address dfff800000000001
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
Mem abort info:
  ESR = 0x0000000096000005
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x05: level 1 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000001] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 2959 Comm: udevd Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : list_add_tail include/linux/list.h:183 [inline]
pc : list_lru_add+0x138/0x314 mm/list_lru.c:97
lr : list_lru_from_memcg_idx mm/list_lru.c:56 [inline]
lr : list_lru_from_memcg_idx mm/list_lru.c:53 [inline]
lr : list_lru_add+0x284/0x314 mm/list_lru.c:96
sp : ffff80008dd27b80
x29: ffff80008dd27b80 x28: 0000000000000001 x27: 0000000000000000
x26: 0000000000000000 x25: ffff00000dd8a778 x24: 1fffe00003843dd9
x23: ffff00000eece000 x22: 0000000000000000 x21: 0000000000000000
x20: ffff000013bfd100 x19: ffff00001c21eec8 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000000 x12: 000000000000f1f1
x11: dfff800000000000 x10: 00000000f3000000 x9 : 00000000f3f3f3f3
x8 : ffff700011ba4f42 x7 : 00000000f1f1f1f1 x6 : dfff800000000000
x5 : ffff700011ba4f46 x4 : 00000000f204f1f1 x3 : 1fffe0000d514138
x2 : 0000000000000000 x1 : 0000000000000008 x0 : dfff800000000000
Call trace:
 list_add_tail include/linux/list.h:183 [inline]
 list_lru_add+0x138/0x314 mm/list_lru.c:97
 list_lru_add_obj+0xd4/0x13c mm/list_lru.c:116
 d_lru_add+0x180/0x31c fs/dcache.c:430
 retain_dentry fs/dcache.c:712 [inline]
 fast_dput fs/dcache.c:799 [inline]
 dput.part.0+0x4f8/0x608 fs/dcache.c:839
 dput+0x14/0x24 fs/dcache.c:834
 __fput+0x268/0x92c fs/file_table.c:384
 __fput_sync+0x74/0x84 fs/file_table.c:461
 __do_sys_close fs/open.c:1554 [inline]
 __se_sys_close fs/open.c:1539 [inline]
 __arm64_sys_close+0x6c/0xbc fs/open.c:1539
 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]
 invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:51
 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:136
 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:155
 el0_svc+0x58/0x140 arch/arm64/kernel/entry-common.c:678
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595
Code: d2d00000 f2fbffe0 f90037e1 d343fc3c (38e06b80) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	d2d00000 	mov	x0, #0x800000000000        	// #140737488355328
   4:	f2fbffe0 	movk	x0, #0xdfff, lsl #48
   8:	f90037e1 	str	x1, [sp, #104]
   c:	d343fc3c 	lsr	x28, x1, #3
* 10:	38e06b80 	ldrsb	w0, [x28, x0] <-- trapping instruction

Crashes (48):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/14 22:34 upstream 052d534373b7 551587c1 .config console log report syz [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2024/02/24 04:47 upstream b6d69282db55 8d446f15 .config console log report syz [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/20 13:59 upstream 9d64bf433c53 9bd8dcda .config console log report syz [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2023/12/30 12:12 upstream f016f7547aee fb427a07 .config console log report syz [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2023/12/27 15:49 upstream fbafc3e621c3 fb427a07 .config console log report syz [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/03/22 09:40 upstream 8e938e398669 7a239ce7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/03/14 01:41 upstream e5e038b7ae9d f919f202 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2024/03/13 03:36 upstream 1f440397665f db5b7ff0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2024/03/06 20:08 upstream 5847c9777c30 f39a7eed .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2024/03/05 20:19 upstream 90d35da658da 9ed46f64 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/02/26 09:05 upstream 70ff1fe626a1 8d446f15 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/02/24 02:45 upstream b6d69282db55 8d446f15 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2024/02/19 05:34 upstream b401b621758e 578f7538 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2024/02/10 21:29 upstream 4a7bbe7519b6 77b23aa1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/02/05 08:03 upstream 54be6c6c5ae8 a67b2c42 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/02/01 02:06 upstream 6764c317b6bb 373b66cd .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/01/16 06:15 upstream 052d534373b7 2a7bcc7f .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/01/13 04:32 upstream 38814330fedd 551587c1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/01/02 23:47 upstream 610a9b8f49fb fb427a07 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2023/12/26 09:19 upstream fbafc3e621c3 fb427a07 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/12/25 19:17 upstream 861deac3b092 fb427a07 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2023/12/12 07:23 upstream 26aff849438c 28b24332 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/12/07 00:02 upstream bee0e7762ad2 e3299f55 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/12/03 10:10 upstream 1b8af6552cb7 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/11/30 08:22 upstream 3b47bc037bd4 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/11/15 14:38 upstream 86d11b0e20c0 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/10/17 02:50 upstream 213f891525c2 342b9c55 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2023/09/28 02:47 upstream 633b47cb009d c2ab1e5d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/09/12 05:44 upstream 0bb80ecc33a8 59da8366 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2023/09/06 04:53 upstream 65d6e954e378 0b6286dc .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2023/09/04 15:59 upstream 708283abf896 db3306a6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64 BUG: unable to handle kernel paging request in list_lru_add
2023/09/03 15:44 upstream 92901222f83d 696ea0d2 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/09/02 01:51 upstream 99d99825fc07 696ea0d2 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/09/01 06:42 upstream df57721f9a63 696ea0d2 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2023/08/25 06:41 upstream f8d6ff449094 49be837e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-compat BUG: unable to handle kernel paging request in list_lru_add
2024/03/18 17:25 upstream f6cef5f8c37f baa80228 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/03/09 23:05 upstream 09e5c48fea17 6ee49f2e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/03/02 15:33 upstream 5ad3cb0ed525 25905f5d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/02/14 05:58 upstream 7e90b5c295ec d902085f .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/26 02:45 upstream 6098d87eaf31 cc4a4020 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/26 01:01 upstream 6098d87eaf31 cc4a4020 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/21 13:39 upstream 7a396820222d 9bd8dcda .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/19 12:24 upstream 9d1694dc91ce 21772ce4 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/14 01:10 upstream 052d534373b7 551587c1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2024/01/03 01:16 upstream 610a9b8f49fb fb427a07 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2023/12/30 13:11 upstream f016f7547aee fb427a07 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2023/12/16 12:24 upstream 3bd7d7488169 3222d10c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
2023/11/15 23:27 upstream c42d9eeef8e5 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte BUG: unable to handle kernel NULL pointer dereference in list_lru_add
* Struck through repros no longer work on HEAD.