syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1326]
Subsystems
🐞 Fixed [7152]
🐞 Invalid [18912]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

WARNING in __page_table_check_ptes_set (3)

Status: upstream: reported C repro on 2025/11/13 16:44
Subsystems: mm
Labels: prio:low
[Documentation on labels]
Reported-by: syzbot+18d274a59b87cf80e86d@syzkaller.appspotmail.com
First crash: 215d, last: 10d
✨ AI Jobs (2)
ID Workflow Result Correct Bug Created Started Finished Revision Error
f7658de6-799a-4cd1-af00-3a6cdf4e068f assessment-security DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌ WARNING in __page_table_check_ptes_set (3) 2026/05/14 02:32 2026/05/14 02:32 2026/05/14 03:10 71153e5d9da49247dc7f1194a9cc04fb90c64f9c
775acbef-42da-4e95-8564-e4d70adaa462 repro WARNING in __page_table_check_ptes_set (3) 2026/03/06 04:56 2026/03/06 04:56 2026/03/06 05:05 31e9c887f7dc24e04b3ca70d0d54fc34141844b0
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] mm/userfaultfd: clear uffd-wp PTE state when re-registering without WP 1 (1) 2026/06/01 08:26
[syzbot] [mm?] WARNING in __page_table_check_ptes_set (3) 0 (2) 2026/05/27 17:36
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in __page_table_check_ptes_set mm -1 C 2 785d 781d 25/29 fixed on 2024/06/05 13:52
upstream WARNING in __page_table_check_ptes_set (2) mm -1 C done inconclusive 120 515d 730d 0/29 auto-obsoleted due to no activity on 2025/04/24 07:01

Sample crash report:
------------[ cut here ]------------
pte_uffd_wp(pte) && pte_write(pte)
WARNING: mm/page_table_check.c:191 at page_table_check_pte_flags mm/page_table_check.c:191 [inline], CPU#0: syz.0.17/5966
WARNING: mm/page_table_check.c:191 at __page_table_check_ptes_set+0x112/0x320 mm/page_table_check.c:207, CPU#0: syz.0.17/5966
Modules linked in:
CPU: 0 UID: 0 PID: 5966 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:page_table_check_pte_flags mm/page_table_check.c:191 [inline]
RIP: 0010:__page_table_check_ptes_set+0x112/0x320 mm/page_table_check.c:207
Code: 4c 89 ee 48 81 e6 9e fe ff ff 41 0f 95 c7 31 ff e8 23 58 8e ff 44 84 fb 75 15 e8 b9 52 8e ff e9 84 00 00 00 e8 af 52 8e ff 90 <0f> 0b 90 eb 79 4c 89 e8 48 d1 e8 49 bf 00 00 00 00 00 00 00 7c 49
RSP: 0018:ffffc90003a3f738 EFLAGS: 00010293
RAX: ffffffff82374941 RBX: 000000004df1cc67 RCX: ffff88803e093e00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffff9400026f8e1 R12: dffffc0000000000
R13: 000000004df1cc67 R14: ffff88804569bff0 R15: ffff8880391a8000
FS:  0000555577be4500(0000) GS:ffff888125c80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000040 CR3: 000000003c390000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 page_table_check_ptes_set include/linux/page_table_check.h:83 [inline]
 set_ptes include/linux/pgtable.h:413 [inline]
 do_swap_page+0x3e04/0x4010 mm/memory.c:5089
 handle_pte_fault mm/memory.c:6378 [inline]
 __handle_mm_fault mm/memory.c:6513 [inline]
 handle_mm_fault+0xbd4/0x14d0 mm/memory.c:6682
 faultin_page mm/gup.c:1126 [inline]
 __get_user_pages+0x16d4/0x2620 mm/gup.c:1428
 populate_vma_page_range+0x2be/0x3c0 mm/gup.c:1860
 __mm_populate+0x25f/0x390 mm/gup.c:1963
 do_mlock+0x646/0x750 mm/mlock.c:659
 __do_sys_mlock mm/mlock.c:667 [inline]
 __se_sys_mlock mm/mlock.c:665 [inline]
 __x64_sys_mlock+0x60/0x70 mm/mlock.c:665
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x174/0x580 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3ff690ce59
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd24329218 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
RAX: ffffffffffffffda RBX: 00007f3ff6b85fa0 RCX: 00007f3ff690ce59
RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffd000
RBP: 00007f3ff69a2d6f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f3ff6b85fac R14: 00007f3ff6b85fa0 R15: 00007f3ff6b85fa0
 </TASK>

Crashes (11):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/05/28 03:11 linux-next e7d700e14934 4c36e7e5 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce WARNING in __page_table_check_ptes_set
2026/05/27 17:36 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 4b4362973b6f 769cbc61 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __page_table_check_ptes_set
2026/02/01 16:13 upstream 162b42445b58 6b8752f2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in __page_table_check_ptes_set
2025/12/02 07:01 upstream 1d18101a644e d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in __page_table_check_ptes_set
2025/11/25 09:22 upstream ac3fd01e4c1e 64219f15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in __page_table_check_ptes_set
2025/11/09 16:36 upstream 439fc29dfd3b 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in __page_table_check_ptes_set
2026/03/21 21:48 upstream a0c83177734a 5b92003d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING in __page_table_check_ptes_set
2026/02/15 21:49 upstream ca4ee40bf13d 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING in __page_table_check_ptes_set
2026/06/01 20:42 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 4b4362973b6f 8d8eeb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __page_table_check_ptes_set
2026/05/30 22:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 4b4362973b6f 6b4a8443 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __page_table_check_ptes_set
2026/05/27 16:50 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 4b4362973b6f 769cbc61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __page_table_check_ptes_set
* Struck through repros no longer work on HEAD.