syzbot


kernel BUG in __page_table_check_zero

Status: upstream: reported C repro on 2023/05/21 16:20
Subsystems: usb
[Documentation on labels]
Reported-by: syzbot+7a9bbb158a7a1071eb27@syzkaller.appspotmail.com
First crash: 194d, last: 14h12m
Cause bisection: failed (error log, bisect log)
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [mm?] kernel BUG in __page_table_check_zero 0 (4) 2023/11/10 18:06
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 kernel BUG in __page_table_check_zero origin:upstream C 1 21d 163d 0/3 upstream: reported C repro on 2023/06/18 21:38
Last patch testing requests (10)
Created Duration User Patch Repo Result
2023/11/28 10:43 33m retest repro upstream report log
2023/11/14 08:56 15m retest repro upstream report log
2023/11/14 08:56 27m retest repro linux-next report log
2023/11/10 18:06 20m yuran.pereira@hotmail.com patch https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master error OK
2023/11/10 17:28 21m yuran.pereira@hotmail.com patch https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master error OK
2023/11/10 15:22 14m yuran.pereira@hotmail.com patch https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master report log
2023/10/31 06:41 15m retest repro upstream report log
2023/08/27 11:56 16m retest repro upstream report log
2023/08/27 11:56 22m retest repro upstream report log
2023/08/27 11:56 24m retest repro linux-next report log
Cause bisection attempts (2)
Created Duration User Patch Repo Result
2023/11/25 11:59 12h09m bisect upstream error job log (0)
2023/05/18 06:36 12h04m bisect upstream error job log (0)
marked invalid by nogikh@google.com

Sample crash report:
RBP: 0000000000000002 R08: 0000000000000003 R09: 0000000000000000
R10: 0000000000011012 R11: 0000000000000246 R12: 00007ffd6ae3febc
R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
 </TASK>
------------[ cut here ]------------
kernel BUG at mm/page_table_check.c:146!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5061 Comm: syz-executor427 Not tainted 6.6.0-rc4-syzkaller-00029-gcbf3a2cb156a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
RIP: 0010:__page_table_check_zero+0x2d5/0x4a0 mm/page_table_check.c:146
Code: 9a ff 48 ff cb e9 b5 fd ff ff e8 c6 36 9a ff 48 ff cb e9 27 fe ff ff e8 b9 36 9a ff 0f 0b e8 b2 36 9a ff 0f 0b e8 ab 36 9a ff <0f> 0b f3 0f 1e fa 4c 89 f6 48 81 e6 ff 0f 00 00 31 ff e8 d4 3a 9a
RSP: 0018:ffffc90003d8f810 EFLAGS: 00010293
RAX: ffffffff81f3d505 RBX: dffffc0000000000 RCX: ffff888020cd8000
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880164b4044
RBP: ffff8880164b4044 R08: ffff8880164b4047 R09: 1ffff11002c96808
R10: dffffc0000000000 R11: ffffed1002c96809 R12: 0000000000000000
R13: 1ffffffff23eb75c R14: 000000000000000a R15: ffff8880164b4000
FS:  0000555555fa4380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd0f55d1a03 CR3: 000000007248b000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 page_table_check_free include/linux/page_table_check.h:41 [inline]
 free_pages_prepare mm/page_alloc.c:1137 [inline]
 __free_pages_ok+0xbd4/0xd00 mm/page_alloc.c:1266
 dec_usb_memory_use_count+0x259/0x350 drivers/usb/core/devio.c:198
 usbdev_mmap+0x80b/0x930
 call_mmap include/linux/fs.h:1961 [inline]
 mmap_region+0xfd0/0x2280 mm/mmap.c:2754
 do_mmap+0x8d3/0xfa0 mm/mmap.c:1354
 vm_mmap_pgoff+0x1dc/0x410 mm/util.c:546
 ksys_mmap_pgoff+0x4ff/0x6d0 mm/mmap.c:1400
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fd0f5572b39
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd6ae3fe98 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007ffd6ae3fec0 RCX: 00007fd0f5572b39
RDX: 0000000001000002 RSI: 0000000000400000 RDI: 0000000020000000
RBP: 0000000000000002 R08: 0000000000000003 R09: 0000000000000000
R10: 0000000000011012 R11: 0000000000000246 R12: 00007ffd6ae3febc
R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__page_table_check_zero+0x2d5/0x4a0 mm/page_table_check.c:146
Code: 9a ff 48 ff cb e9 b5 fd ff ff e8 c6 36 9a ff 48 ff cb e9 27 fe ff ff e8 b9 36 9a ff 0f 0b e8 b2 36 9a ff 0f 0b e8 ab 36 9a ff <0f> 0b f3 0f 1e fa 4c 89 f6 48 81 e6 ff 0f 00 00 31 ff e8 d4 3a 9a
RSP: 0018:ffffc90003d8f810 EFLAGS: 00010293
RAX: ffffffff81f3d505 RBX: dffffc0000000000 RCX: ffff888020cd8000
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880164b4044
RBP: ffff8880164b4044 R08: ffff8880164b4047 R09: 1ffff11002c96808
R10: dffffc0000000000 R11: ffffed1002c96809 R12: 0000000000000000
R13: 1ffffffff23eb75c R14: 000000000000000a R15: ffff8880164b4000
FS:  0000555555fa4380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005629ee029780 CR3: 000000007248b000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (24):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/10/04 05:45 upstream cbf3a2cb156a 65faba36 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root kernel BUG in __page_table_check_zero
2023/06/23 15:07 upstream 8a28a0b6f1a1 09ffe269 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in __page_table_check_zero
2023/05/18 06:32 upstream 1b66c114d161 3bb7af1d .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce kernel BUG in __page_table_check_zero
2023/08/03 02:58 linux-next 626c67169f99 39a91c18 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root kernel BUG in __page_table_check_zero
2023/10/16 17:06 upstream 58720809f527 6388bc36 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in __page_table_check_zero
2023/09/24 17:39 upstream 3aba70aed91f 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in __page_table_check_zero
2023/07/29 09:11 upstream f837f0a3c948 92476829 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root kernel BUG in __page_table_check_zero
2023/06/29 17:35 upstream 6e2332e0ab53 134ddc02 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream kernel BUG in __page_table_check_zero
2023/06/24 05:43 upstream 61dabacdad4e 09ffe269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce kernel BUG in __page_table_check_zero
2023/05/23 08:23 upstream 421ca22e3138 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce kernel BUG in __page_table_check_zero
2023/05/18 06:09 upstream 1b66c114d161 3bb7af1d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce kernel BUG in __page_table_check_zero
2023/07/18 00:53 upstream fdf0eaf11452 20f8b3c2 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 kernel BUG in __page_table_check_zero
2023/06/29 13:45 upstream 6e2332e0ab53 134ddc02 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 kernel BUG in __page_table_check_zero
2023/06/15 18:44 upstream b6dad5178cea ee64538c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 kernel BUG in __page_table_check_zero
2023/06/12 08:12 upstream 4c605260bc60 7086cdb9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in __page_table_check_zero
2023/06/11 14:32 upstream 022ce8862dff 49519f06 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 kernel BUG in __page_table_check_zero
2023/05/20 23:13 upstream d635f6cc934b 4bce1a3e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 kernel BUG in __page_table_check_zero
2023/07/30 19:43 linux-next d7b3af5a77e8 2a0d0f29 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root kernel BUG in __page_table_check_zero
2023/08/07 19:45 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 86d7896480b0 0ef3dfda .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in __page_table_check_zero
2023/08/04 13:17 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2642b8a18760 74621247 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in __page_table_check_zero
2023/07/28 12:52 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 6eaae1980760 92476829 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in __page_table_check_zero
2023/07/27 04:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 05d881b85b48 41fe1bae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in __page_table_check_zero
2023/06/17 07:49 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 177239177378 f3921d4d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in __page_table_check_zero
2023/05/20 17:30 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci f1fcbaa18b28 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in __page_table_check_zero
* Struck through repros no longer work on HEAD.