syzbot

 sign-in | mailing list | source | docs
🐞 Open [1439]
Subsystems
🐞 Fixed [6755]
🐞 Invalid [17414]
Missing Backports [222]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

VFS: Busy inodes after unmount (use-after-free) (3)

Status: fixed on 2025/11/18 08:45
Subsystems: isofs
[Documentation on labels]
Reported-by: syzbot+1d79ebe5383fc016cf07@syzkaller.appspotmail.com
Fix commit: 56094ad3eaa2 vfs: Don't leak disconnected dentries on umount
First crash: 56d, last: 26d
Cause bisection: failed (error log, bisect log)
  
Discussions (3)
Title Replies (including bot) Last reply
[PATCH] vfs: Don't leak disconnected dentries on umount 4 (4) 2025/10/07 11:09
[PATCH] isofs: fix inode leak caused by disconnected dentries from exportfs 2 (2) 2025/10/01 12:26
[syzbot] [isofs?] VFS: Busy inodes after unmount (use-after-free) (3) 0 (2) 2025/10/01 08:59
Similar bugs (8)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-54 VFS: Busy inodes after unmount (use-after-free) 2 C 4 948d 1004d 0/2 auto-obsoleted due to no activity on 2023/08/20 15:35
upstream VFS: Busy inodes after unmount (use-after-free) (2) btrfs 2 C error 277 86d 198d 29/29 fixed on 2025/09/04 16:57
linux-6.1 VFS: Busy inodes after unmount (use-after-free) origin:lts-only 2 C inconclusive 1778 1d17h 983d 0/3 upstream: reported C repro on 2023/03/18 09:53
android-5-15 VFS: Busy inodes after unmount (use-after-free) origin:downstream 2 C error done 2 902d 1003d 0/2 auto-obsoleted due to no activity on 2023/09/15 20:27
android-5-10 VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 1004d 1004d 0/2 auto-obsoleted due to no activity on 2023/06/25 23:02
linux-6.6 VFS: Busy inodes after unmount (use-after-free) origin:upstream missing-backport 2 C 21 27d 118d 0/2 upstream: reported C repro on 2025/07/29 23:52
upstream VFS: Busy inodes after unmount (use-after-free) bcachefs 2 C error 55684 204d 1035d 28/29 fixed on 2025/05/06 15:33
linux-5.15 VFS: Busy inodes after unmount (use-after-free) missing-backport origin:lts-only 2 C unreliable 2364 14d 982d 0/3 upstream: reported C repro on 2023/03/19 11:46
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/10/01 08:59 21m kartikey406@gmail.com patch upstream OK log

Sample crash report:
tblock:ffffc900026f9510: 00000000 00000000 00000000 00000000
tblock:ffffc900026f9520: 8bcec180 ffffffff 00000300 00000000
tblock:ffffc900026f9530: 026f9530 ffffc900 026f9530 ffffc900
tblock:ffffc900026f9540: 72664448 ffff8880 00000000 00000000
VFS: Busy inodes after unmount of loop4 (jfs)
------------[ cut here ]------------
kernel BUG at fs/super.c:650!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 5971 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
RIP: 0010:generic_shutdown_super+0x2e9/0x390 fs/super.c:650
Code: 28 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 9a 00 00 00 48 8b 55 00 48 8d b3 68 06 00 00 48 c7 c7 20 96 9f 8b e8 e8 f7 63 ff 90 <0f> 0b e8 00 3e ed ff e9 3c fd ff ff 4c 89 ef e8 f3 3d ed ff e9 d0
RSP: 0018:ffffc90002e67d88 EFLAGS: 00010282
RAX: 000000000000002d RBX: ffff888077c46000 RCX: ffffffff819b6199
RDX: 0000000000000000 RSI: ffffffff819bdcc6 RDI: 0000000000000005
RBP: ffffffff8e9a6380 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000000 R11: 0000000000000001 R12: ffff888077c46780
R13: 0000000000000000 R14: 0000000000000000 R15: ffff888078b98740
FS:  0000555571c61500(0000) GS:ffff888124a09000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb1ece73000 CR3: 0000000058b13000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 kill_block_super+0x3b/0x90 fs/super.c:1722
 deactivate_locked_super+0xc1/0x1a0 fs/super.c:473
 deactivate_super fs/super.c:506 [inline]
 deactivate_super+0xde/0x100 fs/super.c:502
 cleanup_mnt+0x225/0x450 fs/namespace.c:1327
 task_work_run+0x150/0x240 kernel/task_work.c:227
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop+0xec/0x130 kernel/entry/common.c:43
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]
 do_syscall_64+0x426/0xfa0 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7efd4e1902f7
Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007fffcf661e08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007efd4e211d7d RCX: 00007efd4e1902f7
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffcf661ec0
RBP: 00007fffcf661ec0 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffcf662f50
R13: 00007efd4e211d7d R14: 0000000000030ed4 R15: 00007fffcf662f90
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:generic_shutdown_super+0x2e9/0x390 fs/super.c:650
Code: 28 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 9a 00 00 00 48 8b 55 00 48 8d b3 68 06 00 00 48 c7 c7 20 96 9f 8b e8 e8 f7 63 ff 90 <0f> 0b e8 00 3e ed ff e9 3c fd ff ff 4c 89 ef e8 f3 3d ed ff e9 d0
RSP: 0018:ffffc90002e67d88 EFLAGS: 00010282
RAX: 000000000000002d RBX: ffff888077c46000 RCX: ffffffff819b6199
RDX: 0000000000000000 RSI: ffffffff819bdcc6 RDI: 0000000000000005
RBP: ffffffff8e9a6380 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000000 R11: 0000000000000001 R12: ffff888077c46780
R13: 0000000000000000 R14: 0000000000000000 R15: ffff888078b98740
FS:  0000555571c61500(0000) GS:ffff888124b09000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb1ed087000 CR3: 0000000058b13000 CR4: 0000000000350ef0

Crashes (85):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/10/30 12:59 upstream e53642b87a4f fd2207e7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-badwrites-root VFS: Busy inodes after unmount (use-after-free)
2025/10/15 14:54 upstream 9b332cece987 b6605ba8 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/12 17:19 upstream 67029a49db6c ff1712fe .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/12 15:48 upstream 67029a49db6c ff1712fe .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/12 14:28 upstream 67029a49db6c ff1712fe .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/06 00:51 upstream 6093a688a07d 49379ee0 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/05 05:03 upstream d104e3d17f7b 49379ee0 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/04 04:53 upstream 9b0d551bcc05 49379ee0 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/03 01:04 upstream 7f7072574127 49379ee0 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/02 09:21 upstream 080ffb4bec4d 267f56c6 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/02 08:40 upstream 080ffb4bec4d 267f56c6 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/02 08:04 upstream 080ffb4bec4d 267f56c6 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/09/30 20:57 upstream 30d4efb2f5a5 65a0eece .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/09/30 20:10 upstream 30d4efb2f5a5 65a0eece .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/09/30 19:31 upstream 30d4efb2f5a5 65a0eece .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/09/30 08:58 upstream 1896ce8eb6c6 86341da6 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/12 12:08 upstream 98906f9d850e ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/11 08:31 upstream 8bd9238e511d ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root VFS: Busy inodes after unmount (use-after-free)
2025/10/03 07:26 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/03 07:26 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/03 07:26 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/03 07:25 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/03 07:25 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/01 21:34 upstream 50c19e20ed2e a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root VFS: Busy inodes after unmount (use-after-free)
2025/10/01 17:56 upstream 50c19e20ed2e a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/01 16:19 upstream 50c19e20ed2e a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/10/01 12:03 upstream 50c19e20ed2e a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/09/30 13:06 upstream 1896ce8eb6c6 86341da6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs VFS: Busy inodes after unmount (use-after-free)
2025/09/30 12:38 upstream 1896ce8eb6c6 86341da6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root VFS: Busy inodes after unmount (use-after-free)
2025/09/30 12:35 upstream 1896ce8eb6c6 86341da6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/05 03:10 linux-next 47a8d4b89844 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/03 14:24 linux-next 47a8d4b89844 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/03 08:12 linux-next 7396732143a2 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/01 18:04 linux-next 3b9b1f8df454 a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root VFS: Busy inodes after unmount (use-after-free)
2025/10/24 07:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci b98c94eed4a9 c0460fcd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:39 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:39 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:39 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:37 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:37 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:36 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:36 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:31 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:31 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/02 22:31 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
2025/10/01 16:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 VFS: Busy inodes after unmount (use-after-free)
* Struck through repros no longer work on HEAD.