syzbot


kernel BUG at mm/memory.c:LINE!

Status: upstream: reported C repro on 2020/05/21 22:29
Reported-by: syzbot+f7b83f3f64369aef5473@syzkaller.appspotmail.com
First crash: 1424d, last: 525d
Fix bisection: failed (error log, bisect log)
  
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in __handle_mm_fault mm 2 1081d 1080d 0/26 auto-closed as invalid on 2021/06/29 08:42
upstream kernel BUG in vmf_insert_pfn_prot C done done 1933 337d 941d 22/26 fixed on 2023/06/14 22:21
linux-4.14 kernel BUG at mm/memory.c:LINE! C inconclusive 4 523d 1424d 0/1 upstream: reported C repro on 2020/05/21 23:25
upstream kernel BUG at mm/memory.c:LINE! fs mm 1 2108d 2107d 8/26 fixed on 2018/08/08 18:10
Fix bisection attempts (17)
Created Duration User Patch Repo Result
2021/10/28 15:20 15m bisect fix linux-4.19.y error job log (0)
2021/09/24 13:00 33m bisect fix linux-4.19.y job log (0) log
2021/08/25 12:32 27m bisect fix linux-4.19.y job log (0) log
2021/07/26 12:05 27m bisect fix linux-4.19.y job log (0) log
2021/06/26 11:34 30m bisect fix linux-4.19.y job log (0) log
2021/05/27 11:00 29m bisect fix linux-4.19.y job log (0) log
2021/04/27 08:09 28m bisect fix linux-4.19.y job log (0) log
2021/03/28 07:45 23m bisect fix linux-4.19.y job log (0) log
2021/02/26 07:21 23m bisect fix linux-4.19.y job log (0) log
2021/01/27 06:51 29m bisect fix linux-4.19.y job log (0) log
2020/12/28 03:52 25m bisect fix linux-4.19.y job log (0) log
2020/11/28 03:28 24m bisect fix linux-4.19.y job log (0) log
2020/10/19 03:26 25m bisect fix linux-4.19.y job log (0) log
2020/09/19 03:02 23m bisect fix linux-4.19.y job log (0) log
2020/08/20 02:34 27m bisect fix linux-4.19.y job log (0) log
2020/07/21 02:08 25m bisect fix linux-4.19.y job log (0) log
2020/06/20 22:59 24m bisect fix linux-4.19.y job log (0) log

Sample crash report:
next ffff88809b64ea50 prev ffff88809b64eb58 mm ffff8880b4e83780
prot 8000000000000025 anon_vma 0000000000000000 vm_ops ffffffff8871e3a0
pgoff 0 file ffff8880b4cefa80 private_data 0000000000000000
flags: 0xfa(write|shared|mayread|maywrite|mayexec|mayshare)
------------[ cut here ]------------
kernel BUG at mm/memory.c:4081!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8105 Comm: syz-executor109 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:wp_huge_pmd mm/memory.c:4081 [inline]
RIP: 0010:__handle_mm_fault+0x2888/0x41c0 mm/memory.c:4289
Code: aa d5 ff 84 db 0f 84 35 e3 ff ff e8 92 a9 d5 ff 48 89 ef e8 8a ce f4 ff e9 23 e3 ff ff e8 80 a9 d5 ff 48 89 ef e8 07 b9 67 06 <0f> 0b e8 71 a9 d5 ff 4c 8d 4c 24 60 4c 89 cf e8 04 c0 0d 00 41 89
RSP: 0000:ffff8880aa847ce8 EFLAGS: 00010283
RAX: 0000000000000140 RBX: 0000000000000008 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff814dff01 RDI: ffffed1015508f78
RBP: ffff88809da9d358 R08: 0000000000000140 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: 800000008a6000e5
R13: 1ffff11015508fa3 R14: 0000000000000001 R15: ffff8880b4e83780
FS:  0000555555f9e300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000561ccf01c0c0 CR3: 00000000aab3b000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 handle_mm_fault+0x436/0xb10 mm/memory.c:4336
 __do_page_fault+0x68e/0xd60 arch/x86/mm/fault.c:1412
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205
RIP: 0033:0x7f2a69334abb
Code: 00 00 20 48 c7 04 25 48 01 00 20 01 00 00 00 e8 ab 22 04 00 b9 c0 02 00 20 ba 33 89 00 00 31 c0 be ff ff ff ff bf 10 00 00 00 <48> c7 04 25 c0 02 00 20 77 67 31 00 48 c7 04 25 c8 02 00 20 00 00
RSP: 002b:00007ffd4a36f680 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000200002c0
RDX: 0000000000008933 RSI: 00000000ffffffff RDI: 0000000000000010
RBP: 00007ffd4a36f680 R08: 00007ffd4a36f510 R09: 65732f636f72702f
R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f2a69336690
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
---[ end trace 71d8f505bd4a6c51 ]---
RIP: 0010:wp_huge_pmd mm/memory.c:4081 [inline]
RIP: 0010:__handle_mm_fault+0x2888/0x41c0 mm/memory.c:4289
Code: aa d5 ff 84 db 0f 84 35 e3 ff ff e8 92 a9 d5 ff 48 89 ef e8 8a ce f4 ff e9 23 e3 ff ff e8 80 a9 d5 ff 48 89 ef e8 07 b9 67 06 <0f> 0b e8 71 a9 d5 ff 4c 8d 4c 24 60 4c 89 cf e8 04 c0 0d 00 41 89
RSP: 0000:ffff8880aa847ce8 EFLAGS: 00010283
RAX: 0000000000000140 RBX: 0000000000000008 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff814dff01 RDI: ffffed1015508f78
RBP: ffff88809da9d358 R08: 0000000000000140 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: 800000008a6000e5
R13: 1ffff11015508fa3 R14: 0000000000000001 R15: ffff8880b4e83780
FS:  0000555555f9e300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564225b20160 CR3: 00000000aab3b000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (8):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/11/06 15:06 linux-4.19.y 3f8a27f9e27b 6d752409 .config console log report syz C [disk image] [vmlinux] ci2-linux-4-19 kernel BUG in __handle_mm_fault
2022/06/17 15:16 linux-4.19.y 3f8a27f9e27b cb58b3b2 .config console log report syz C ci2-linux-4-19 kernel BUG in __handle_mm_fault
2020/05/21 22:59 linux-4.19.y 1bab61d3e8cd 4afdfa20 .config console log report syz C ci2-linux-4-19
2022/03/16 08:12 linux-4.19.y 3f8a27f9e27b 9e8eaa75 .config console log report info ci2-linux-4-19 kernel BUG in __handle_mm_fault
2021/12/06 12:30 linux-4.19.y 3f8a27f9e27b 579a8754 .config console log report info ci2-linux-4-19 kernel BUG in __handle_mm_fault
2021/11/14 15:07 linux-4.19.y 3f8a27f9e27b 75b04091 .config console log report info ci2-linux-4-19 kernel BUG in __handle_mm_fault
2020/10/29 03:27 linux-4.19.y ad326970d25c f24824d3 .config console log report info ci2-linux-4-19
2020/05/21 22:28 linux-4.19.y 1bab61d3e8cd 4afdfa20 .config console log report ci2-linux-4-19
* Struck through repros no longer work on HEAD.