syzbot

 sign-in | mailing list | source | docs
🐞 Open [786]
🐞 Fixed [135]
🐞 Invalid [903]
Missing Backports [76]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: Bad page state in __get_metapage

Status: upstream: reported C repro on 2024/10/23 12:46
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+5ef7590632a6b42d2b6c@syzkaller.appspotmail.com
First crash: 353d, last: 3d14h
Fix commit to backport (bisect log) :
tree: upstream
commit 9346476d211611f3c0d512cb6e942ab76f5376d8
Author: Matthew Wilcox (Oracle) <willy@infradead.org>
Date: Wed Apr 17 17:56:48 2024 +0000

  jfs: Convert insert_metapage() to take a folio

  
Bug presence (3)
Date Name Commit Repro Result
2024/12/16 linux-6.1.y (ToT) 52f863f820fd C [report] BUG: Bad page state in __get_metapage
2024/10/28 upstream (ToT) 819837584309 C [report] INFO: task hung in lmLogClose
2024/12/16 upstream (ToT) 78d4f34e2115 C Didn't crash
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 BUG: Bad page state in __get_metapage origin:upstream -1 C 833 1d09h 353d 0/3 upstream: reported C repro on 2024/10/23 03:58
linux-6.6 BUG: Bad page state in __get_metapage origin:upstream -1 C 190 4d23h 112d 0/2 upstream: reported C repro on 2025/06/20 20:02
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2025/02/03 18:07 5h54m fix candidate upstream OK (1) job log

Sample crash report:
BUG: Bad page state in process syz.1.31  pfn:2d620
page:ffffea0000b58800 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x2d620
flags: 0xfff10000002046(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff10000002046 ffffc900038d7980 ffffc900038d7980 0000000000000000
raw: 000000000000001c ffff888076b3f3e0 00000000ffffffff 0000000000000000
page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 4542, tgid 4541 (syz.1.31), ts 80101837094, free_ts 79643019562
 set_page_owner include/linux/page_owner.h:31 [inline]
 post_alloc_hook+0x173/0x1a0 mm/page_alloc.c:2532
 prep_new_page mm/page_alloc.c:2539 [inline]
 get_page_from_freelist+0x1a26/0x1ac0 mm/page_alloc.c:4328
 __alloc_pages+0x1df/0x4e0 mm/page_alloc.c:5614
 folio_alloc+0x1c/0x60 mm/mempolicy.c:2292
 filemap_alloc_folio+0xdb/0x460 mm/filemap.c:999
 do_read_cache_folio+0x1bb/0x760 mm/filemap.c:3591
 do_read_cache_page+0x32/0x220 mm/filemap.c:3669
 read_mapping_page include/linux/pagemap.h:791 [inline]
 __get_metapage+0x316/0xfa0 fs/jfs/jfs_metapage.c:620
 diRead+0x6f7/0xbb0 fs/jfs/jfs_imap.c:367
 jfs_iget+0x89/0x3c0 fs/jfs/inode.c:35
 jfs_fill_super+0x708/0xac0 fs/jfs/super.c:580
 mount_bdev+0x287/0x3c0 fs/super.c:1443
 legacy_get_tree+0xe6/0x180 fs/fs_context.c:632
 vfs_get_tree+0x88/0x270 fs/super.c:1573
 do_new_mount+0x24a/0xa40 fs/namespace.c:3069
 do_mount fs/namespace.c:3412 [inline]
 __do_sys_mount fs/namespace.c:3620 [inline]
 __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3597
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1459 [inline]
 free_pcp_prepare mm/page_alloc.c:1509 [inline]
 free_unref_page_prepare+0x8b4/0x9a0 mm/page_alloc.c:3384
 free_unref_page_list+0xbb/0x8e0 mm/page_alloc.c:3525
 release_pages+0x1f92/0x2200 mm/swap.c:1035
 __pagevec_release+0x6d/0xe0 mm/swap.c:1055
 pagevec_release include/linux/pagevec.h:71 [inline]
 folio_batch_release include/linux/pagevec.h:135 [inline]
 truncate_inode_pages_range+0x2f6/0xff0 mm/truncate.c:372
 kill_bdev block/bdev.c:76 [inline]
 blkdev_flush_mapping+0x12c/0x290 block/bdev.c:664
 blkdev_put_whole block/bdev.c:695 [inline]
 blkdev_put+0x47f/0x710 block/bdev.c:955
 deactivate_locked_super+0x93/0xf0 fs/super.c:332
 cleanup_mnt+0x463/0x4f0 fs/namespace.c:1182
 task_work_run+0x1ca/0x250 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
Modules linked in:
CPU: 0 PID: 4551 Comm: syz.1.31 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x168/0x22e lib/dump_stack.c:106
 bad_page+0x14b/0x170 mm/page_alloc.c:699
 free_page_is_bad mm/page_alloc.c:1291 [inline]
 free_pages_prepare mm/page_alloc.c:1452 [inline]
 free_pcp_prepare mm/page_alloc.c:1509 [inline]
 free_unref_page_prepare+0x42a/0x9a0 mm/page_alloc.c:3384
 free_unref_page_list+0xbb/0x8e0 mm/page_alloc.c:3525
 release_pages+0x1f92/0x2200 mm/swap.c:1035
 __pagevec_release+0x6d/0xe0 mm/swap.c:1055
 pagevec_release include/linux/pagevec.h:71 [inline]
 folio_batch_release include/linux/pagevec.h:135 [inline]
 truncate_inode_pages_range+0x2f6/0xff0 mm/truncate.c:372
 jfs_remount+0x337/0x5a0 fs/jfs/super.c:451
 reconfigure_super+0x219/0x880 fs/super.c:977
 do_remount fs/namespace.c:2732 [inline]
 path_mount+0xdfd/0x1010 fs/namespace.c:3391
 do_mount fs/namespace.c:3412 [inline]
 __do_sys_mount fs/namespace.c:3620 [inline]
 __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3597
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fb6c2b9034a
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fb6c21fde68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fb6c21fdef0 RCX: 00007fb6c2b9034a
RDX: 0000200000000180 RSI: 0000200000000100 RDI: 0000000000000000
RBP: 0000200000000180 R08: 00007fb6c21fdef0 R09: 0000000001a404ac
R10: 0000000001a404ac R11: 0000000000000246 R12: 0000200000000100
R13: 00007fb6c21fdeb0 R14: 0000000000000000 R15: 0000200000000a80
 </TASK>

Crashes (889):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/09/15 11:06 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/07/23 21:33 linux-6.1.y 3369c6df2fae e1dd4f22 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/04/12 06:34 linux-6.1.y 420102835862 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/01/01 11:24 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2024/11/12 19:14 linux-6.1.y d7039b844a1c 75bb1b32 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2024/10/27 12:30 linux-6.1.y 7ec6f9fa3d97 65e8686b .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/08 00:22 linux-6.1.y 882efbdd9d34 7e2882b3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/07 01:33 linux-6.1.y 882efbdd9d34 8ef35d49 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/06 22:44 linux-6.1.y 882efbdd9d34 91305dbe .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/05 09:41 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/04 16:23 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/04 02:31 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/04 02:29 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/02 14:39 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/10/02 01:15 linux-6.1.y 7b34dc04e4ff 267f56c6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/27 10:27 linux-6.1.y 7b34dc04e4ff 001c9061 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/27 05:48 linux-6.1.y 7b34dc04e4ff 001c9061 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/26 06:28 linux-6.1.y 7b34dc04e4ff 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/25 11:09 linux-6.1.y 7b34dc04e4ff 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/24 05:42 linux-6.1.y 363a599da6d9 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/23 18:18 linux-6.1.y 363a599da6d9 e667a34f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/22 11:07 linux-6.1.y 363a599da6d9 0ac7291c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/21 23:35 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/21 09:53 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/20 13:14 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/18 14:30 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/18 10:45 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/18 03:15 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/18 03:13 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/17 16:41 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/17 04:23 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/13 21:26 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/10 01:58 linux-6.1.y f97f1002271b fdeaa69b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/09 19:50 linux-6.1.y f97f1002271b d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/08 15:49 linux-6.1.y 28c695c365e1 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/07 20:07 linux-6.1.y 28c695c365e1 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/07 06:43 linux-6.1.y 28c695c365e1 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/04 03:11 linux-6.1.y f89b6e15694c d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/03 05:59 linux-6.1.y f89b6e15694c 96a211bc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/03 00:23 linux-6.1.y f89b6e15694c 96a211bc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/02 09:23 linux-6.1.y f89b6e15694c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/09/02 05:25 linux-6.1.y f89b6e15694c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/30 09:17 linux-6.1.y f89b6e15694c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/30 09:17 linux-6.1.y f89b6e15694c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/29 19:14 linux-6.1.y f89b6e15694c 3e1beec6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/28 17:19 linux-6.1.y f89b6e15694c e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/26 13:05 linux-6.1.y 0bc96de781b4 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/26 08:30 linux-6.1.y 0bc96de781b4 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/22 05:10 linux-6.1.y 0bc96de781b4 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/21 10:55 linux-6.1.y 0bc96de781b4 0b9605c8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/19 14:58 linux-6.1.y 0bc96de781b4 254a27c1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/19 02:14 linux-6.1.y 0bc96de781b4 523f460e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2025/08/17 11:11 linux-6.1.y 0bc96de781b4 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
2024/10/23 12:46 linux-6.1.y 7ec6f9fa3d97 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page state in __get_metapage
* Struck through repros no longer work on HEAD.