syzbot

 sign-in | mailing list | source | docs
🐞 Open [780]
🐞 Fixed [123]
🐞 Invalid [826]
Missing Backports [74]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in filemap_unaccount_folio

Status: upstream: reported C repro on 2023/12/13 08:56
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+3d218f7b6c5511a83a79@syzkaller.appspotmail.com
First crash: 603d, last: 2h39m
Fix commit to backport (bisect log) :
tree: upstream
commit 7d79cd784470395539bda91bf0b3505ff5b2ab6d
Author: Vivek Kasireddy <vivek.kasireddy@intel.com>
Date: Mon Jun 24 06:36:13 2024 +0000

  udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap

  
Fix bisection: the issue occurs on the latest tested release (bisect log)
Crash: kernel BUG in filemap_unaccount_folio (log)
Repro: C syz .config
  
Discussions (3)
Title Replies (including bot) Last reply
[PATCH v5.4-v6.1] udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap 1 (1) 2024/12/04 15:17
[PATCH v6.6] udmabuf: use vmf_insert_pfn and VM_PFNMAP for handling mmap 1 (1) 2024/12/04 15:17
Please, fix syzbot crash: kernel BUG in filemap_unaccount_folio 1 (1) 2024/12/04 15:17
Bug presence (3)
Date Name Commit Repro Result
2024/08/09 linux-6.1.y (ToT) 48d525b0e463 C [report] kernel BUG in filemap_unaccount_folio
2024/05/02 upstream (ToT) 0106679839f7 C [report] kernel BUG in filemap_unaccount_folio
2024/08/09 upstream (ToT) ee9a43b7cfe2 C Didn't crash
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in filemap_unaccount_folio mm -1 C done error 425 15h54m 701d 0/29 upstream: reported C repro on 2023/09/06 18:51
linux-6.6 kernel BUG in filemap_unaccount_folio -1 5 17d 44d 0/2 upstream: reported on 2025/06/24 02:03
upstream kernel BUG in __filemap_get_folio mm -1 C done 814 1034d 1205d 22/29 fixed on 2023/02/24 13:50
Fix bisection attempts (6)
Created Duration User Patch Repo Result
2024/08/18 13:55 5h29m fix candidate upstream OK (1) job log
2024/07/15 06:52 3h41m bisect fix linux-6.1.y OK (0) job log log
2024/06/03 05:26 1h30m bisect fix linux-6.1.y OK (0) job log log
2024/04/02 20:26 2h25m bisect fix linux-6.1.y OK (0) job log log
2024/03/03 11:50 1h22m bisect fix linux-6.1.y OK (0) job log log
2024/01/24 09:48 1h22m bisect fix linux-6.1.y OK (0) job log log

Sample crash report:
 exit_mmap+0x343/0x8e0 mm/mmap.c:3258
 __mmput+0x118/0x3c0 kernel/fork.c:1200
 exit_mm+0x1e6/0x2c0 kernel/exit.c:565
 do_exit+0x8c1/0x2400 kernel/exit.c:867
 do_group_exit+0x217/0x2d0 kernel/exit.c:1022
 __do_sys_exit_group kernel/exit.c:1033 [inline]
 __se_sys_exit_group kernel/exit.c:1031 [inline]
 __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1031
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
------------[ cut here ]------------
kernel BUG at mm/filemap.c:153!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 4434 Comm: syz.0.17 Not tainted 6.1.147-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:filemap_unaccount_folio+0x5cf/0xa80 mm/filemap.c:153
Code: 07 38 c1 0f 8c 19 fe ff ff 4c 89 e7 e8 0a 72 27 00 e9 0c fe ff ff e8 b0 55 d7 ff 48 89 df 48 c7 c6 00 eb 94 8a e8 a1 e1 11 00 <0f> 0b e8 9a 55 d7 ff 48 89 df 48 c7 c6 60 f0 94 8a e8 8b e1 11 00
RSP: 0018:ffffc90003567618 EFLAGS: 00010046
RAX: 561a9a67cd398b00 RBX: ffffea0001a6cec0 RCX: 561a9a67cd398b00
RDX: 0000000000000002 RSI: ffffffff8a8c15e0 RDI: ffffffff8adef320
RBP: ffffc90003567778 R08: dffffc0000000000 R09: fffffbfff1c3e976
R10: fffffbfff1c3e976 R11: 1ffffffff1c3e975 R12: dffffc0000000000
R13: dffffc0000000000 R14: ffff88807974a2f8 R15: ffff88807974a300
FS:  000055556cf05500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00002000000001c0 CR3: 000000007df82000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __filemap_remove_folio+0xbb/0x860 mm/filemap.c:222
 filemap_remove_folio+0xed/0x2c0 mm/filemap.c:255
 truncate_inode_folio+0x59/0x70 mm/truncate.c:195
 shmem_undo_range+0x4d2/0x2050 mm/shmem.c:942
 shmem_truncate_range mm/shmem.c:1062 [inline]
 shmem_evict_inode+0x248/0xa40 mm/shmem.c:1171
 evict+0x485/0x870 fs/inode.c:705
 __dentry_kill+0x431/0x650 fs/dcache.c:611
 dentry_kill+0xb8/0x290 fs/dcache.c:-1
 dput+0xfa/0x1d0 fs/dcache.c:918
 __fput+0x5e0/0x920 fs/file_table.c:328
 task_work_run+0x1ca/0x250 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f6cc758eb69
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe6042a7d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 0000000000016f92 RCX: 00007f6cc758eb69
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000001 R09: 000000086042aacf
R10: 00007f6cc7200000 R11: 0000000000000246 R12: 00007f6cc77b5fac
R13: 00007f6cc77b5fa0 R14: ffffffffffffffff R15: 0000000000000003
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:filemap_unaccount_folio+0x5cf/0xa80 mm/filemap.c:153
Code: 07 38 c1 0f 8c 19 fe ff ff 4c 89 e7 e8 0a 72 27 00 e9 0c fe ff ff e8 b0 55 d7 ff 48 89 df 48 c7 c6 00 eb 94 8a e8 a1 e1 11 00 <0f> 0b e8 9a 55 d7 ff 48 89 df 48 c7 c6 60 f0 94 8a e8 8b e1 11 00
RSP: 0018:ffffc90003567618 EFLAGS: 00010046
RAX: 561a9a67cd398b00 RBX: ffffea0001a6cec0 RCX: 561a9a67cd398b00
RDX: 0000000000000002 RSI: ffffffff8a8c15e0 RDI: ffffffff8adef320
RBP: ffffc90003567778 R08: dffffc0000000000 R09: fffffbfff1c3e976
R10: fffffbfff1c3e976 R11: 1ffffffff1c3e975 R12: dffffc0000000000
R13: dffffc0000000000 R14: ffff88807974a2f8 R15: ffff88807974a300
FS:  000055556cf05500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00002000000001c0 CR3: 000000007df82000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1006):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/02 11:53 linux-6.1.y 3594f306da12 7368264b .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2024/12/23 17:04 linux-6.1.y 29f02ec58a94 b4fbdbd4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2024/05/01 22:07 linux-6.1.y dcbc050cb0d3 3ba885bc .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/08/02 10:58 linux-6.1.y 3594f306da12 7368264b .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/09 21:36 linux-6.1.y 3dfebb87d7eb 47d015b1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/04/07 03:18 linux-6.1.y 8e60a714ba3b 1c65791e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/03/04 11:32 linux-6.1.y 3a8358583626 c3901742 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/03/03 19:35 linux-6.1.y 3a8358583626 c3901742 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2024/11/11 22:41 linux-6.1.y d7039b844a1c 0c4b1325 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2024/05/01 19:55 linux-6.1.y dcbc050cb0d3 3ba885bc .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2023/12/25 06:39 linux-6.1.y 4aa6747d9352 fb427a07 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2023/12/13 08:56 linux-6.1.y e7cddbb41b63 ebcad15c .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/07 08:20 linux-6.1.y 3594f306da12 9a42d6b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/08/06 05:48 linux-6.1.y 3594f306da12 ffe1dd46 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/08/05 05:34 linux-6.1.y 3594f306da12 f5bcc8dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/08/03 08:14 linux-6.1.y 3594f306da12 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/08/02 09:39 linux-6.1.y 3594f306da12 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/07/07 10:30 linux-6.1.y 04d1ccaa9c28 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/07/03 19:39 linux-6.1.y 7e69c33e4858 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/07/03 13:50 linux-6.1.y 7e69c33e4858 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/07/03 13:50 linux-6.1.y 7e69c33e4858 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/07/01 05:25 linux-6.1.y 7e69c33e4858 6e83b42d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/29 19:36 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/29 12:05 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/28 13:14 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/28 13:14 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/28 09:21 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/25 19:35 linux-6.1.y 58485ff1a74f 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/23 16:17 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/06/23 04:05 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan kernel BUG in filemap_unaccount_folio
2025/08/07 17:54 linux-6.1.y 3594f306da12 04cffc22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/07 07:09 linux-6.1.y 3594f306da12 9a42d6b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/07 06:45 linux-6.1.y 3594f306da12 9a42d6b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/05 03:50 linux-6.1.y 3594f306da12 f5bcc8dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/03 06:46 linux-6.1.y 3594f306da12 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/08/02 08:37 linux-6.1.y 3594f306da12 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/13 22:04 linux-6.1.y dfc486ec9cce 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/12 09:09 linux-6.1.y dfc486ec9cce 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/12 02:52 linux-6.1.y dfc486ec9cce 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/04 22:32 linux-6.1.y 7e69c33e4858 d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/03 20:40 linux-6.1.y 7e69c33e4858 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/03 15:04 linux-6.1.y 7e69c33e4858 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/03 01:39 linux-6.1.y 7e69c33e4858 bc80e4f0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/07/01 02:18 linux-6.1.y 7e69c33e4858 6e83b42d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/30 16:13 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/30 04:05 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/29 18:21 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/29 09:13 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/29 07:22 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/28 03:42 linux-6.1.y 7e69c33e4858 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/27 20:44 linux-6.1.y 7e69c33e4858 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/25 22:46 linux-6.1.y 58485ff1a74f 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/24 06:28 linux-6.1.y 58485ff1a74f e2f27c35 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/23 16:12 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/23 14:25 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/23 06:03 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
2025/06/22 22:58 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in filemap_unaccount_folio
* Struck through repros no longer work on HEAD.