syzbot

 sign-in | mailing list | source | docs
🐞 Open [908]
🐞 Fixed [143]
🐞 Invalid [1093]
Missing Backports [73]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: Bad page map

Status: upstream: reported on 2026/04/17 09:12
Reported-by: syzbot+309175ee30e7013e00a2@syzkaller.appspotmail.com
First crash: 20d, last: 20d
Similar bugs (22)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 BUG: Bad page map (3) -1 3 519d 664d 0/2 auto-obsoleted due to no activity on 2025/03/04 10:23
upstream BUG: Bad page map (9) mm -1 1 141d 137d 0/29 auto-obsoleted due to no activity on 2026/03/17 01:28
android-5-10 BUG: Bad page map -1 1 1157d 1157d 0/2 auto-obsoleted due to no activity on 2023/06/05 15:46
linux-4.19 BUG: Bad page map (3) -1 1 1388d 1388d 0/1 auto-obsoleted due to no activity on 2022/11/15 21:40
upstream BUG: Bad page map (5) mm 19 C 35 1209d 1467d 22/29 fixed on 2023/02/24 13:50
android-5-15 BUG: Bad page map -1 1 671d 671d 0/2 auto-obsoleted due to no activity on 2024/10/03 11:06
android-6-1 BUG: Bad page map -1 1 36d 36d 0/2 premoderation: reported on 2026/04/01 02:45
linux-4.19 BUG: Bad page map (2) -1 10 1575d 1755d 0/1 auto-closed as invalid on 2022/05/13 11:22
android-54 BUG: Bad page map (3) -1 10 700d 816d 0/2 auto-obsoleted due to no activity on 2024/09/04 10:38
upstream BUG: Bad page map (2) mm -1 syz 127 2801d 2857d 0/29 closed as invalid on 2018/09/05 12:51
upstream BUG: Bad page map (8) mm -1 C done done 10 474d 657d 0/29 auto-obsoleted due to no activity on 2025/04/27 22:16
android-5-10 BUG: Bad page map (2) -1 1 938d 938d 0/2 auto-obsoleted due to no activity on 2024/01/10 02:50
upstream BUG: Bad page map mm -1 1 2860d 2860d 0/29 closed as invalid on 2018/07/08 13:28
upstream BUG: Bad page map (3) kernel -1 4 2670d 2796d 0/29 auto-closed as invalid on 2019/07/13 00:02
linux-4.19 BUG: Bad page map -1 2 2072d 2130d 0/1 auto-closed as invalid on 2021/01/01 08:20
upstream BUG: Bad page map (7) mm -1 C done 19 949d 970d 25/29 fixed on 2023/12/21 03:45
android-54 BUG: Bad page map (2) -1 7 937d 1056d 0/2 auto-obsoleted due to no activity on 2024/01/10 18:32
upstream BUG: Bad page map (4) mm -1 39 1616d 2252d 0/29 auto-closed as invalid on 2022/04/02 04:25
linux-4.14 BUG: Bad page map -1 1 2118d 2118d 0/1 auto-closed as invalid on 2020/11/16 16:05
android-54 BUG: Bad page map (4) -1 18 357d 457d 0/2 auto-obsoleted due to no activity on 2025/08/04 13:44
upstream BUG: Bad page map (6) mm -1 1 1123d 1119d 0/29 auto-obsoleted due to no activity on 2023/07/09 13:20
android-54 BUG: Bad page map -1 1 1351d 1351d 0/2 auto-obsoleted due to no activity on 2022/12/23 04:05

Sample crash report:
BUG: Bad page map in process syz-executor  pte:61006100610061 pmd:7a14b067
addr:00007ff49e7fd000 vm_flags:08100073 anon_vma:ffff88803093e110 mapping:0000000000000000 index:7ff49e7fd
file:(null) fault:0x0 mmap:0x0 read_folio:0x0
CPU: 0 PID: 4255 Comm: syz-executor Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x24e lib/dump_stack.c:106
 print_bad_pte+0x54c/0x590 mm/memory.c:566
 vm_normal_page+0x131/0x1d0 mm/memory.c:-1
 change_pte_range mm/mprotect.c:131 [inline]
 change_pmd_range mm/mprotect.c:418 [inline]
 change_pud_range mm/mprotect.c:447 [inline]
 change_p4d_range mm/mprotect.c:468 [inline]
 change_protection_range mm/mprotect.c:492 [inline]
 change_protection+0x1175/0x38e0 mm/mprotect.c:514
 change_prot_numa+0xff/0x190 mm/mempolicy.c:635
 task_numa_work+0x5f5/0x8c0 kernel/sched/fair.c:3022
 task_work_run+0x1d0/0x260 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7ff49e557997
Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
RSP: 002b:00007ffc38018100 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: 0000000000004520 RBX: 0000555570024500 RCX: 00007ff49e557997
RDX: 0000000000004520 RSI: 00007ff496dfbae0 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000004520
R13: 0000555570038e60 R14: 00007ffc380186a0 R15: 00007ff496dfbae0
 </TASK>
BUG: Bad page map in process syz-executor  pte:61006100610061 pmd:7a14b067
addr:00007ff49e7fe000 vm_flags:08100073 anon_vma:ffff88803093e110 mapping:0000000000000000 index:7ff49e7fe
file:(null) fault:0x0 mmap:0x0 read_folio:0x0
CPU: 0 PID: 4255 Comm: syz-executor Tainted: G    B              syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x24e lib/dump_stack.c:106
 print_bad_pte+0x54c/0x590 mm/memory.c:566
 vm_normal_page+0x131/0x1d0 mm/memory.c:-1
 change_pte_range mm/mprotect.c:131 [inline]
 change_pmd_range mm/mprotect.c:418 [inline]
 change_pud_range mm/mprotect.c:447 [inline]
 change_p4d_range mm/mprotect.c:468 [inline]
 change_protection_range mm/mprotect.c:492 [inline]
 change_protection+0x1175/0x38e0 mm/mprotect.c:514
 change_prot_numa+0xff/0x190 mm/mempolicy.c:635
 task_numa_work+0x5f5/0x8c0 kernel/sched/fair.c:3022
 task_work_run+0x1d0/0x260 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7ff49e557997
Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
RSP: 002b:00007ffc38018100 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: 0000000000004520 RBX: 0000555570024500 RCX: 00007ff49e557997
RDX: 0000000000004520 RSI: 00007ff496dfbae0 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000004520
R13: 0000555570038e60 R14: 00007ffc380186a0 R15: 00007ff496dfbae0
 </TASK>
BUG: Bad page map in process syz-executor  pte:61006100610061 pmd:7a14b067
addr:00007ff49e7ff000 vm_flags:08100073 anon_vma:ffff88803093e110 mapping:0000000000000000 index:7ff49e7ff
file:(null) fault:0x0 mmap:0x0 read_folio:0x0
CPU: 0 PID: 4255 Comm: syz-executor Tainted: G    B              syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x24e lib/dump_stack.c:106
 print_bad_pte+0x54c/0x590 mm/memory.c:566
 vm_normal_page+0x131/0x1d0 mm/memory.c:-1
 change_pte_range mm/mprotect.c:131 [inline]
 change_pmd_range mm/mprotect.c:418 [inline]
 change_pud_range mm/mprotect.c:447 [inline]
 change_p4d_range mm/mprotect.c:468 [inline]
 change_protection_range mm/mprotect.c:492 [inline]
 change_protection+0x1175/0x38e0 mm/mprotect.c:514
 change_prot_numa+0xff/0x190 mm/mempolicy.c:635
 task_numa_work+0x5f5/0x8c0 kernel/sched/fair.c:3022
 task_work_run+0x1d0/0x260 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7ff49e557997
Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
RSP: 002b:00007ffc38018100 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: 0000000000004520 RBX: 0000555570024500 RCX: 00007ff49e557997
RDX: 0000000000004520 RSI: 00007ff496dfbae0 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000004520
R13: 0000555570038e60 R14: 00007ffc380186a0 R15: 00007ff496dfbae0
 </TASK>

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/17 09:12 linux-6.1.y 8e8fc038cad5 de0a551d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan BUG: Bad page map
* Struck through repros no longer work on HEAD.