syzbot

 sign-in | mailing list | source | docs
🐞 Open [810]
🐞 Fixed [135]
🐞 Invalid [933]
Missing Backports [78]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in filemap_unaccount_folio

Status: upstream: reported C repro on 2023/12/13 08:56
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+3d218f7b6c5511a83a79@syzkaller.appspotmail.com
First crash: 699d, last: 34m
Fix commit to backport (bisect log) :
tree: upstream
commit 7d79cd784470395539bda91bf0b3505ff5b2ab6d
Author: Vivek Kasireddy <vivek.kasireddy@intel.com>
Date: Mon Jun 24 06:36:13 2024 +0000

  udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap

  
Fix bisection: the issue occurs on the latest tested release (bisect log)
Crash: kernel BUG in filemap_unaccount_folio (log)
Repro: C syz .config
  
Discussions (3)
Title Replies (including bot) Last reply
[PATCH v5.4-v6.1] udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap 1 (1) 2024/12/04 15:17
[PATCH v6.6] udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap 1 (1) 2024/12/04 15:17
Please, fix syzbot crash: kernel BUG in filemap_unaccount_folio 1 (1) 2024/12/04 15:17
Bug presence (3)
Date Name Commit Repro Result
2024/08/09 linux-6.1.y (ToT) 48d525b0e463 C [report] kernel BUG in filemap_unaccount_folio
2024/05/02 upstream (ToT) 0106679839f7 C [report] kernel BUG in filemap_unaccount_folio
2024/08/09 upstream (ToT) ee9a43b7cfe2 C Didn't crash
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in filemap_unaccount_folio mm -1 C done error 485 37d 796d 0/29 upstream: reported C repro on 2023/09/06 18:51
linux-6.6 kernel BUG in filemap_unaccount_folio -1 16 48d 140d 0/2 upstream: reported on 2025/06/24 02:03
upstream kernel BUG in __filemap_get_folio mm -1 C done 814 1130d 1300d 22/29 fixed on 2023/02/24 13:50
Fix bisection attempts (6)
Created Duration User Patch Repo Result
2024/08/18 13:55 5h29m fix candidate upstream OK (1) job log
2024/07/15 06:52 3h41m bisect fix linux-6.1.y OK (0) job log log
2024/06/03 05:26 1h30m bisect fix linux-6.1.y OK (0) job log log
2024/04/02 20:26 2h25m bisect fix linux-6.1.y OK (0) job log log
2024/03/03 11:50 1h22m bisect fix linux-6.1.y OK (0) job log log
2024/01/24 09:48 1h22m bisect fix linux-6.1.y OK (0) job log log

Sample crash report:
 exit_mmap+0x343/0x8e0 mm/mmap.c:3258
 __mmput+0x118/0x3c0 kernel/fork.c:1200
 exit_mm+0x1e6/0x2c0 kernel/exit.c:565
 do_exit+0x8c1/0x2400 kernel/exit.c:867
 do_group_exit+0x217/0x2d0 kernel/exit.c:1022
 __do_sys_exit_group kernel/exit.c:1033 [inline]
 __se_sys_exit_group kernel/exit.c:1031 [inline]
 __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1031
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
------------[ cut here ]------------
kernel BUG at mm/filemap.c:153!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 4434 Comm: syz.0.17 Not tainted 6.1.147-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:filemap_unaccount_folio+0x5cf/0xa80 mm/filemap.c:153
Code: 07 38 c1 0f 8c 19 fe ff ff 4c 89 e7 e8 0a 72 27 00 e9 0c fe ff ff e8 b0 55 d7 ff 48 89 df 48 c7 c6 00 eb 94 8a e8 a1 e1 11 00 <0f> 0b e8 9a 55 d7 ff 48 89 df 48 c7 c6 60 f0 94 8a e8 8b e1 11 00
RSP: 0018:ffffc90003567618 EFLAGS: 00010046
RAX: 561a9a67cd398b00 RBX: ffffea0001a6cec0 RCX: 561a9a67cd398b00
RDX: 0000000000000002 RSI: ffffffff8a8c15e0 RDI: ffffffff8adef320
RBP: ffffc90003567778 R08: dffffc0000000000 R09: fffffbfff1c3e976
R10: fffffbfff1c3e976 R11: 1ffffffff1c3e975 R12: dffffc0000000000
R13: dffffc0000000000 R14: ffff88807974a2f8 R15: ffff88807974a300
FS:  000055556cf05500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00002000000001c0 CR3: 000000007df82000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __filemap_remove_folio+0xbb/0x860 mm/filemap.c:222
 filemap_remove_folio+0xed/0x2c0 mm/filemap.c:255
 truncate_inode_folio+0x59/0x70 mm/truncate.c:195
 shmem_undo_range+0x4d2/0x2050 mm/shmem.c:942
 shmem_truncate_range mm/shmem.c:1062 [inline]
 shmem_evict_inode+0x248/0xa40 mm/shmem.c:1171
 evict+0x485/0x870 fs/inode.c:705
 __dentry_kill+0x431/0x650 fs/dcache.c:611
 dentry_kill+0xb8/0x290 fs/dcache.c:-1
 dput+0xfa/0x1d0 fs/dcache.c:918
 __fput+0x5e0/0x920 fs/file_table.c:328
 task_work_run+0x1ca/0x250 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f6cc758eb69
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe6042a7d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 0000000000016f92 RCX: 00007f6cc758eb69
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000001 R09: 000000086042aacf
R10: 00007f6cc7200000 R11: 0000000000000246 R12: 00007f6cc77b5fac
R13: 00007f6cc77b5fa0 R14: ffffffffffffffff R15: 0000000000000003
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:filemap_unaccount_folio+0x5cf/0xa80 mm/filemap.c:153
Code: 07 38 c1 0f 8c 19 fe ff ff 4c 89 e7 e8 0a 72 27 00 e9 0c fe ff ff e8 b0 55 d7 ff 48 89 df 48 c7 c6 00 eb 94 8a e8 a1 e1 11 00 <0f> 0b e8 9a 55 d7 ff 48 89 df 48 c7 c6 60 f0 94 8a e8 8b e1 11 00
RSP: 0018:ffffc90003567618 EFLAGS: 00010046
RAX: 561a9a67cd398b00 RBX: ffffea0001a6cec0 RCX: 561a9a67cd398b00
RDX: 0000000000000002 RSI: ffffffff8a8c15e0 RDI: ffffffff8adef320
RBP: ffffc90003567778 R08: dffffc0000000000 R09: fffffbfff1c3e976
R10: fffffbfff1c3e976 R11: 1ffffffff1c3e975 R12: dffffc0000000000
R13: dffffc0000000000 R14: ffff88807974a2f8 R15: ffff88807974a300
FS:  000055556cf05500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00002000000001c0 CR3: 000000007df82000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1923):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/02 11:53 linux-6.1.y 3594f306da12 7368264b .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2024/12/23 17:04 linux-6.1.y 29f02ec58a94 b4fbdbd4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2024/05/01 22:07 linux-6.1.y dcbc050cb0d3 3ba885bc .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/10 13:51 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/02 10:58 linux-6.1.y 3594f306da12 7368264b .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/09 21:36 linux-6.1.y 3dfebb87d7eb 47d015b1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/07 03:18 linux-6.1.y 8e60a714ba3b 1c65791e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/03/04 11:32 linux-6.1.y 3a8358583626 c3901742 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/03/03 19:35 linux-6.1.y 3a8358583626 c3901742 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2024/11/11 22:41 linux-6.1.y d7039b844a1c 0c4b1325 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2024/05/01 19:55 linux-6.1.y dcbc050cb0d3 3ba885bc .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2023/12/25 06:39 linux-6.1.y 4aa6747d9352 fb427a07 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2023/12/13 08:56 linux-6.1.y e7cddbb41b63 ebcad15c .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/11 02:12 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/10 01:49 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/09 13:46 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/08 17:59 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/08 13:29 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/08 11:51 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/07 08:36 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/06 14:41 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/06 11:35 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/06 07:00 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/04 21:26 linux-6.1.y f6e38ae624cf 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/04 11:33 linux-6.1.y f6e38ae624cf 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/11/11 13:48 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/11 13:46 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/11 12:38 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/10 19:25 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/10 13:07 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/10 11:41 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/10 08:37 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/09 18:51 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/09 13:00 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/09 11:52 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 20:56 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 19:55 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 14:56 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 14:56 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 09:26 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 07:13 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 02:59 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/08 02:58 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/07 16:06 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/07 14:29 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/07 13:22 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/07 07:23 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/07 01:47 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/06 14:52 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/06 09:36 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/06 04:29 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/06 04:25 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/05 14:29 linux-6.1.y f6e38ae624cf a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/05 00:40 linux-6.1.y f6e38ae624cf 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/04 20:24 linux-6.1.y f6e38ae624cf 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/11/04 20:23 linux-6.1.y f6e38ae624cf 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
* Struck through repros no longer work on HEAD.