syzbot

 sign-in | mailing list | source | docs
🐞 Open [723]
🐞 Fixed [118]
🐞 Invalid [744]
Missing Backports [75]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in filemap_unaccount_folio

Status: upstream: reported C repro on 2023/12/13 08:56
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+3d218f7b6c5511a83a79@syzkaller.appspotmail.com
First crash: 516d, last: 1h21m
Fix commit to backport (bisect log) :
tree: upstream
commit 7d79cd784470395539bda91bf0b3505ff5b2ab6d
Author: Vivek Kasireddy <vivek.kasireddy@intel.com>
Date: Mon Jun 24 06:36:13 2024 +0000

  udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap

  
Fix bisection: the issue occurs on the latest tested release (bisect log)
Crash: kernel BUG in filemap_unaccount_folio (log)
Repro: C syz .config
  
Discussions (3)
Title Replies (including bot) Last reply
[PATCH v5.4-v6.1] udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap 1 (1) 2024/12/04 15:17
[PATCH v6.6] udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap 1 (1) 2024/12/04 15:17
Please, fix syzbot crash: kernel BUG in filemap_unaccount_folio 1 (1) 2024/12/04 15:17
Bug presence (3)
Date Name Commit Repro Result
2024/08/09 linux-6.1.y (ToT) 48d525b0e463 C [report] kernel BUG in filemap_unaccount_folio
2024/05/02 upstream (ToT) 0106679839f7 C [report] kernel BUG in filemap_unaccount_folio
2024/08/09 upstream (ToT) ee9a43b7cfe2 C Didn't crash
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in filemap_unaccount_folio mm C done 370 36d 614d 0/28 upstream: reported C repro on 2023/09/06 18:51
upstream kernel BUG in __filemap_get_folio kernel C done 814 947d 1118d 22/28 fixed on 2023/02/24 13:50
Fix bisection attempts (6)
Created Duration User Patch Repo Result
2024/08/18 13:55 5h29m fix candidate upstream OK (1) job log
2024/07/15 06:52 3h41m bisect fix linux-6.1.y OK (0) job log log
2024/06/03 05:26 1h30m bisect fix linux-6.1.y OK (0) job log log
2024/04/02 20:26 2h25m bisect fix linux-6.1.y OK (0) job log log
2024/03/03 11:50 1h22m bisect fix linux-6.1.y OK (0) job log log
2024/01/24 09:48 1h22m bisect fix linux-6.1.y OK (0) job log log

Sample crash report:
 exit_mmap+0x3b3/0x980 mm/mmap.c:3250
 __mmput+0x115/0x3c0 kernel/fork.c:1200
 exit_mm+0x226/0x300 kernel/exit.c:565
 do_exit+0x9f6/0x26a0 kernel/exit.c:858
 do_group_exit+0x202/0x2b0 kernel/exit.c:1021
 __do_sys_exit_group kernel/exit.c:1032 [inline]
 __se_sys_exit_group kernel/exit.c:1030 [inline]
 __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1030
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
------------[ cut here ]------------
kernel BUG at mm/filemap.c:153!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 4248 Comm: syz-executor373 Tainted: G        W          6.1.121-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:filemap_unaccount_folio+0x5c2/0xa60 mm/filemap.c:153
Code: 07 38 c1 0f 8c 21 fe ff ff 48 89 ef e8 e7 21 2b 00 e9 14 fe ff ff e8 6d 97 d3 ff 4c 89 ef 48 c7 c6 e0 ff 14 8b e8 7e 50 13 00 <0f> 0b e8 57 97 d3 ff 4c 89 ef 48 c7 c6 60 05 15 8b e8 68 50 13 00
RSP: 0018:ffffc90003b67578 EFLAGS: 00010046
RAX: d8398c7165fba200 RBX: ffff888077258368 RCX: ffffc90003b67303
RDX: 0000000000000002 RSI: ffffffff8b0c14c0 RDI: ffffffff8b5e6400
RBP: ffffc90003b67718 R08: dffffc0000000000 R09: fffffbfff1d3608e
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888077258368
R13: ffffea0001c71440 R14: ffffea0001c71440 R15: ffffea0001c71440
FS:  0000555568ec3380(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f564526c0d0 CR3: 0000000079347000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __filemap_remove_folio+0xc7/0xaa0 mm/filemap.c:222
 filemap_remove_folio+0x105/0x2e0 mm/filemap.c:255
 truncate_inode_folio+0x59/0x70 mm/truncate.c:195
 shmem_undo_range+0x570/0x2390 mm/shmem.c:942
 shmem_truncate_range mm/shmem.c:1062 [inline]
 shmem_evict_inode+0x265/0xa60 mm/shmem.c:1171
 evict+0x529/0x930 fs/inode.c:705
 __dentry_kill+0x436/0x650 fs/dcache.c:611
 dentry_kill+0xbb/0x290
 dput+0xfb/0x1d0 fs/dcache.c:918
 __fput+0x62e/0x8d0 fs/file_table.c:328
 task_work_run+0x246/0x300 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xde/0x100 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x60/0x270 kernel/entry/common.c:303
 do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f56451f3d70
Code: ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 80 3d 11 93 07 00 00 74 17 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c
RSP: 002b:00007ffc1acc4da8 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f56451f3d70
RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000000000000003
RBP: 00007f564523e0fd R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000028011 R11: 0000000000000202 R12: 00007f564524327c
R13: 00007f564523e082 R14: 0000000000000001 R15: 0000000000000001
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:filemap_unaccount_folio+0x5c2/0xa60 mm/filemap.c:153
Code: 07 38 c1 0f 8c 21 fe ff ff 48 89 ef e8 e7 21 2b 00 e9 14 fe ff ff e8 6d 97 d3 ff 4c 89 ef 48 c7 c6 e0 ff 14 8b e8 7e 50 13 00 <0f> 0b e8 57 97 d3 ff 4c 89 ef 48 c7 c6 60 05 15 8b e8 68 50 13 00
RSP: 0018:ffffc90003b67578 EFLAGS: 00010046
RAX: d8398c7165fba200 RBX: ffff888077258368 RCX: ffffc90003b67303
RDX: 0000000000000002 RSI: ffffffff8b0c14c0 RDI: ffffffff8b5e6400
RBP: ffffc90003b67718 R08: dffffc0000000000 R09: fffffbfff1d3608e
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888077258368
R13: ffffea0001c71440 R14: ffffea0001c71440 R15: ffffea0001c71440
FS:  0000555568ec3380(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f564526c0d0 CR3: 0000000079347000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (741):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/12/23 17:04 linux-6.1.y 29f02ec58a94 b4fbdbd4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2024/05/01 22:07 linux-6.1.y dcbc050cb0d3 3ba885bc .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/09 21:36 linux-6.1.y 3dfebb87d7eb 47d015b1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/07 03:18 linux-6.1.y 8e60a714ba3b 1c65791e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/03/04 11:32 linux-6.1.y 3a8358583626 c3901742 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/03/03 19:35 linux-6.1.y 3a8358583626 c3901742 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2024/11/11 22:41 linux-6.1.y d7039b844a1c 0c4b1325 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2024/05/01 19:55 linux-6.1.y dcbc050cb0d3 3ba885bc .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2023/12/25 06:39 linux-6.1.y 4aa6747d9352 fb427a07 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2023/12/13 08:56 linux-6.1.y e7cddbb41b63 ebcad15c .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/12 22:21 linux-6.1.y 02b72ccb5f9d f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/12 14:12 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/12 10:06 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/04 11:35 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/03 06:17 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/03 06:17 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/02 00:03 linux-6.1.y 535ec20c5027 51b137cd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/01 19:28 linux-6.1.y 535ec20c5027 51b137cd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/29 13:39 linux-6.1.y 535ec20c5027 aeb6ec69 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/28 10:04 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/28 08:34 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/28 05:09 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/27 09:55 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/27 02:46 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/26 02:57 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/26 01:15 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/25 00:28 linux-6.1.y 420102835862 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/23 09:24 linux-6.1.y 420102835862 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/22 17:18 linux-6.1.y 420102835862 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/22 06:10 linux-6.1.y 420102835862 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/04/21 23:14 linux-6.1.y 420102835862 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/05/12 08:46 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/11 23:57 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/11 19:49 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/11 13:40 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/11 11:18 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/10 08:23 linux-6.1.y 02b72ccb5f9d 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/06 00:42 linux-6.1.y ac7079a42ea5 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/05 09:04 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/04 20:05 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/03 13:29 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/05/01 21:04 linux-6.1.y 535ec20c5027 51b137cd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/29 09:10 linux-6.1.y 535ec20c5027 aeb6ec69 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/28 17:57 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/28 04:05 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/27 16:43 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/27 04:06 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/26 18:32 linux-6.1.y 535ec20c5027 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/24 02:43 linux-6.1.y 420102835862 73a168d0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/24 00:34 linux-6.1.y 420102835862 73a168d0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/23 10:45 linux-6.1.y 420102835862 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/23 07:34 linux-6.1.y 420102835862 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/23 06:22 linux-6.1.y 420102835862 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
* Struck through repros no longer work on HEAD.