syzbot

 sign-in | mailing list | source | docs
🐞 Open [1130] 🐞 Fixed [4212] 🐞 Invalid [9343] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

kernel BUG at include/linux/swapops.h:LINE!

Status: upstream: reported C repro on 2020/05/30 17:05
Reported-by: syzbot+c48f34012b06c4ac67dd@syzkaller.appspotmail.com
First crash: 923d, last: 251d

Cause bisection: failed (bisect log)

Fix bisection: failed (bisect log)
Patch testing requests:
Created Duration User Patch Repo Result
2022/11/10 07:30 16m retest repro linux-next OK log
2022/11/10 06:30 16m retest repro linux-next OK log
2022/11/10 05:30 11m retest repro linux-next error
2022/10/02 01:30 16m retest repro upstream OK log
2022/09/12 21:27 15m retest repro upstream OK log

Sample crash report:
------------[ cut here ]------------
kernel BUG at include/linux/swapops.h:197!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8460 Comm: syz-executor246 Not tainted 5.12.0-next-20210507-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:migration_entry_to_page include/linux/swapops.h:197 [inline]
RIP: 0010:migration_entry_to_page include/linux/swapops.h:190 [inline]
RIP: 0010:zap_huge_pmd+0xe5b/0x1110 mm/huge_memory.c:1697
Code: 2b 3f b8 ff 48 8b 5c 24 10 48 83 eb 01 e9 a8 f6 ff ff e8 18 3f b8 ff 48 8b 5c 24 10 48 83 eb 01 e9 66 f7 ff ff e8 05 3f b8 ff <0f> 0b e8 fe 3e b8 ff 31 f6 31 ff 49 bc 00 f0 ff ff ff ff 0f 00 e8
RSP: 0018:ffffc90001a2f730 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff888024bc5580 RSI: ffffffff81bc972b RDI: 0000000000000003
RBP: ffffc90001a2fa48 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff81bc8ec8 R11: 0000000000000000 R12: ffff88802c9a5800
R13: ffffea0000e58080 R14: ffff8880303bfea0 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000004c8168 CR3: 0000000016b36000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 zap_pmd_range mm/memory.c:1361 [inline]
 zap_pud_range mm/memory.c:1403 [inline]
 zap_p4d_range mm/memory.c:1424 [inline]
 unmap_page_range+0x1aa4/0x2650 mm/memory.c:1445
 unmap_single_vma+0x198/0x300 mm/memory.c:1490
 unmap_vmas+0x16d/0x2f0 mm/memory.c:1522
 exit_mmap+0x2a8/0x590 mm/mmap.c:3207
 __mmput+0x122/0x470 kernel/fork.c:1096
 mmput+0x58/0x60 kernel/fork.c:1117
 exit_mm kernel/exit.c:502 [inline]
 do_exit+0xb0a/0x2a60 kernel/exit.c:813
 do_group_exit+0x125/0x310 kernel/exit.c:923
 get_signal+0x47f/0x2150 kernel/signal.c:2856
 arch_do_signal_or_restart+0x2a8/0x1eb0 arch/x86/kernel/signal.c:789
 handle_signal_work kernel/entry/common.c:147 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0x171/0x280 kernel/entry/common.c:208
 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
 syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:301
 do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:57
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4458f9
Code: Unable to access opcode bytes at RIP 0x4458cf.
RSP: 002b:00007f45f24e4318 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00000000004ca408 RCX: 00000000004458f9
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000004ca408
RBP: 00000000004ca400 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000001000000020
R13: 00007ffeb676771f R14: 00007f45f24e4400 R15: 0000000000022000
Modules linked in:
---[ end trace 8c9f5c48deec1bb7 ]---
RIP: 0010:migration_entry_to_page include/linux/swapops.h:197 [inline]
RIP: 0010:migration_entry_to_page include/linux/swapops.h:190 [inline]
RIP: 0010:zap_huge_pmd+0xe5b/0x1110 mm/huge_memory.c:1697
Code: 2b 3f b8 ff 48 8b 5c 24 10 48 83 eb 01 e9 a8 f6 ff ff e8 18 3f b8 ff 48 8b 5c 24 10 48 83 eb 01 e9 66 f7 ff ff e8 05 3f b8 ff <0f> 0b e8 fe 3e b8 ff 31 f6 31 ff 49 bc 00 f0 ff ff ff ff 0f 00 e8
RSP: 0018:ffffc90001a2f730 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff888024bc5580 RSI: ffffffff81bc972b RDI: 0000000000000003
RBP: ffffc90001a2fa48 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff81bc8ec8 R11: 0000000000000000 R12: ffff88802c9a5800
R13: ffffea0000e58080 R14: ffff8880303bfea0 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000004c8168 CR3: 000000000bc8e000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (54):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-linux-next-kasan-gce-root 2021/05/08 11:23 linux-next 869a85b925fc bc5434be .config log report syz C kernel BUG in zap_huge_pmd
ci-upstream-kasan-gce-selinux-root 2020/07/24 07:55 upstream d15be546031c 70c104a1 .config log report syz
ci-upstream-kasan-gce-386 2020/07/21 15:14 upstream 4fa640dc5230 d88894e6 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2020/07/20 08:08 linux-next 4c43049f19a2 9c812472 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2020/07/19 21:09 linux-next 4c43049f19a2 9c812472 .config log report syz
ci-upstream-kasan-gce 2021/07/11 13:26 upstream 3dbdb38e2869 8f5a7b8c .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-kasan-gce 2021/06/18 19:34 upstream fd0aa1a4567d aba2b2fb .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-kasan-gce 2021/06/18 15:26 upstream fd0aa1a4567d aba2b2fb .config log report info kernel BUG in zap_huge_pmd
ci-upstream-kasan-gce-smack-root 2021/06/09 14:17 upstream 368094df48e6 84fe5d96 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-kasan-gce-selinux-root 2021/04/22 19:00 upstream 16fc44d6387e 33c28d03 .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-kasan-gce-root 2020/05/26 12:29 upstream 9cb1fd0efd19 8ca3b7d2 .config log report
ci-upstream-kasan-gce-386 2021/05/16 18:20 upstream 63d1cb53e26a f54a5c09 .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-kasan-gce-386 2021/04/22 19:04 upstream 16fc44d6387e 33c28d03 .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-kasan-gce-386 2020/09/26 03:01 upstream 171d4ff79f96 4a006f63 .config log report info
ci-upstream-linux-next-kasan-gce-root 2022/03/29 22:58 linux-next c2528a0cdebd 6bdac766 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/25 09:26 linux-next dd315b580061 89bc8608 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/25 03:42 linux-next dd315b580061 89bc8608 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/24 23:32 linux-next dd315b580061 89bc8608 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/24 22:03 linux-next dd315b580061 89bc8608 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/22 08:39 linux-next f9006d9269ea e2d91b1d .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/21 18:30 linux-next f9006d9269ea e2d91b1d .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/20 15:00 linux-next 91265a6da44d e2d91b1d .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/20 13:21 linux-next 91265a6da44d e2d91b1d .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/18 18:05 linux-next 91265a6da44d e2d91b1d .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/16 03:13 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/16 03:04 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/16 02:35 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/14 21:51 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/14 20:44 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/14 02:32 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in migration_entry_wait_on_locked
ci-upstream-linux-next-kasan-gce-root 2022/03/13 08:49 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/11 21:38 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/10 21:33 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/09 17:21 linux-next 91265a6da44d 9e8eaa75 .config log report info kernel BUG in migration_entry_wait_on_locked
ci-upstream-linux-next-kasan-gce-root 2022/03/08 05:29 linux-next 91265a6da44d 7bdd8b2c .config log report info kernel BUG in migration_entry_wait_on_locked
ci-upstream-linux-next-kasan-gce-root 2022/03/06 19:23 linux-next 91265a6da44d 7bdd8b2c .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/05 20:11 linux-next 91265a6da44d 7bdd8b2c .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 12:00 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 11:46 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 11:42 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 11:34 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in migration_entry_wait_on_locked
ci-upstream-linux-next-kasan-gce-root 2022/03/03 11:30 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 11:17 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 11:05 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 10:58 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 10:50 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2022/03/03 10:46 linux-next 91265a6da44d 45a13a73 .config log report info kernel BUG in zap_huge_pmd
ci-upstream-linux-next-kasan-gce-root 2021/05/10 19:04 linux-next e6f67ebd93ef ca873091 .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-linux-next-kasan-gce-root 2021/05/08 10:08 linux-next 869a85b925fc bc5434be .config log report info kernel BUG in pmd_migration_entry_wait
ci-upstream-linux-next-kasan-gce-root 2020/07/19 16:31 linux-next 4c43049f19a2 9c812472 .config log report
* Struck through repros no longer work on HEAD.