syzbot

 sign-in | mailing list | source | docs
🐞 Open [126]
🐞 Fixed [2]
🐞 Invalid [236]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in mmap_region

Status: upstream: reported C repro on 2023/06/11 16:08
Bug presence: origin:downstream
[Documentation on labels]
Reported-by: syzbot+af3fbbcc17d7f34395be@syzkaller.appspotmail.com
First crash: 1039d, last: 2h26m
Cause bisection: introduced by (bisect log) :
commit 2f5f352e6ab38f361d615b0ca691ccc69d094818
Author: Liam R. Howlett <Liam.Howlett@oracle.com>
Date: Thu May 18 14:55:44 2023 +0000

  FROMGIT: BACKPORT: mm: avoid rewalk in mmap_region

Crash: kernel BUG in mmap_region (log)
Repro: C syz .config
  
Bug presence (3)
Date Name Commit Repro Result
2023/09/28 android14-6.1 (ToT) c240f4ed0054 C [report] kernel BUG in mmap_region
2023/09/28 lts (merge base) b1644a0031cf C Didn't crash
2023/09/28 upstream (ToT) 633b47cb009d C Didn't crash
Last patch testing requests (10)
Created Duration User Patch Repo Result
2026/01/07 03:58 12m retest repro android14-6.1 report log
2026/01/07 03:58 11m retest repro android14-6.1 report log
2026/01/07 03:58 12m retest repro android14-6.1 report log
2026/01/07 03:58 6m retest repro android14-6.1 report log
2025/12/03 12:21 6m retest repro android14-6.1 report log
2025/11/11 00:56 12m retest repro android14-6.1 report log
2025/10/24 06:57 6m retest repro android14-6.1 report log
2025/10/24 06:57 11m retest repro android14-6.1 report log
2025/10/24 06:57 14m retest repro android14-6.1 report log
2025/10/24 06:57 7m retest repro android14-6.1 report log
Fix bisection attempts (2)
Created Duration User Patch Repo Result
2024/07/13 05:36 1h17m bisect fix android14-6.1 OK (0) job log log
2024/05/20 17:50 39m bisect fix android14-6.1 OK (0) job log log

Sample crash report:
RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000b15000
RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000000
R10: 0000000000000011 R11: 0000000000000246 R12: 0000200000b15000
R13: 00007fffe88b3758 R14: 0000000000000001 R15: 0000000000000001
 </TASK>
------------[ cut here ]------------
kernel BUG at mm/mmap.c:2829!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 289 Comm: syz-executor408 Not tainted 6.1.134-syzkaller-00012-g646380b087a5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
RIP: 0010:__mmap_region mm/mmap.c:2829 [inline]
RIP: 0010:mmap_region+0x1ffd/0x2140 mm/mmap.c:3005
Code: 80 c1 03 38 c1 0f 8c f8 f9 ff ff 4c 89 f7 49 89 d5 e8 67 11 09 00 4c 89 ea e9 e5 f9 ff ff e8 5a be c4 ff 0f 0b e8 53 be c4 ff <0f> 0b 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 6a fb ff ff 48 89 df e8
RSP: 0018:ffffc90000eb7a60 EFLAGS: 00010293
RAX: ffffffff81ab287d RBX: 0000200000b18000 RCX: ffff88810e110000
RDX: 0000000000000000 RSI: 0000200000b17fff RDI: 0000200000b18000
RBP: ffffc90000eb7c50 R08: ffff88810e110000 R09: 0000000000000003
R10: 0000000000000003 R11: 0000000000000000 R12: 0000200000b18000
R13: 0000200000b17fff R14: dffffc0000000000 R15: ffff888121d7b700
FS:  00005555716e3380(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000000 CR3: 0000000126628000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 do_mmap+0x7ae/0xcf0 mm/mmap.c:1474
 vm_mmap_pgoff+0x1f5/0x3f0 mm/util.c:525
 ksys_mmap_pgoff+0x161/0x1d0 mm/mmap.c:1520
 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:93 [inline]
 __se_sys_mmap arch/x86/kernel/sys_x86_64.c:86 [inline]
 __x64_sys_mmap+0xfa/0x110 arch/x86/kernel/sys_x86_64.c:86
 x64_sys_call+0x8fd/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:10
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f7e5d295329
Code: 48 83 c4 28 c3 e8 17 1a 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffe88b3568 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007fffe88b3580 RCX: 00007f7e5d295329
RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000b15000
RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000000
R10: 0000000000000011 R11: 0000000000000246 R12: 0000200000b15000
R13: 00007fffe88b3758 R14: 0000000000000001 R15: 0000000000000001
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__mmap_region mm/mmap.c:2829 [inline]
RIP: 0010:mmap_region+0x1ffd/0x2140 mm/mmap.c:3005
Code: 80 c1 03 38 c1 0f 8c f8 f9 ff ff 4c 89 f7 49 89 d5 e8 67 11 09 00 4c 89 ea e9 e5 f9 ff ff e8 5a be c4 ff 0f 0b e8 53 be c4 ff <0f> 0b 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 6a fb ff ff 48 89 df e8
RSP: 0018:ffffc90000eb7a60 EFLAGS: 00010293
RAX: ffffffff81ab287d RBX: 0000200000b18000 RCX: ffff88810e110000
RDX: 0000000000000000 RSI: 0000200000b17fff RDI: 0000200000b18000
RBP: ffffc90000eb7c50 R08: ffff88810e110000 R09: 0000000000000003
R10: 0000000000000003 R11: 0000000000000000 R12: 0000200000b18000
R13: 0000200000b17fff R14: dffffc0000000000 R15: ffff888121d7b700
FS:  00005555716e3380(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000000 CR3: 0000000126628000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (134):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/13 07:33 android14-6.1 646380b087a5 f6671af7 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2025/01/12 08:58 android14-6.1 770852bf7d99 6dbc6a9b .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2024/09/02 14:52 android14-6.1 b5e374dda921 1eda0d14 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-6-1 kernel BUG in mmap_region
2024/01/18 18:08 android14-6.1 899194d7e909 239abf84 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2023/09/28 11:04 android14-6.1 c240f4ed0054 c2ab1e5d .config strace log report syz C [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2023/06/11 15:57 android14-6.1 7641ff0a300a 49519f06 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/03 07:37 android14-6.1 b5e515a3e6a7 4440e7c2 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/15 19:38 android14-6.1 98d5d8f31585 c441f497 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/15 10:47 android14-6.1 98d5d8f31585 e2e976a8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/11 10:08 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/11 05:51 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/10 19:08 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/09 22:45 android14-6.1 b1e92db6a41f 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/09 16:31 android14-6.1 a0f30a943e32 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/09 14:02 android14-6.1 a0f30a943e32 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/09 11:25 android14-6.1 a0f30a943e32 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/08 22:12 android14-6.1 579335f6f57f d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/08 21:10 android14-6.1 579335f6f57f d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/08 19:57 android14-6.1 579335f6f57f d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/07 17:01 android14-6.1 f013f2ef1e00 628666c6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/07 08:50 android14-6.1 f013f2ef1e00 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/05 20:21 android14-6.1 9ab204675a62 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/03 09:26 android14-6.1 b5e515a3e6a7 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/04/03 02:05 android14-6.1 b5e515a3e6a7 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/31 17:14 android14-6.1 f5931d57f029 aeea1c72 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/30 11:37 android14-6.1 1c08e57193aa dcaebc52 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/28 20:13 android14-6.1 1c08e57193aa b5ceaad2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/28 17:18 android14-6.1 1c08e57193aa b5ceaad2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/28 08:02 android14-6.1 340d91616269 356bdfc9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/27 03:07 android14-6.1 c1bb2a363136 766b6434 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/26 14:17 android14-6.1 c0665c721df9 766b6434 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/26 05:01 android14-6.1 c0665c721df9 c6143aac .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/25 15:30 android14-6.1 c0665c721df9 8ee77f7d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/25 14:16 android14-6.1 c0665c721df9 8ee77f7d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/24 18:01 android14-6.1 c0665c721df9 74e70d19 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/24 09:45 android14-6.1 c0665c721df9 baf8bf12 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/21 06:39 android14-6.1 09db716c292e 5b92003d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/20 09:04 android14-6.1 47ec964a4f77 2f245add .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/20 05:49 android14-6.1 47ec964a4f77 2f245add .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/19 03:39 android14-6.1 47ec964a4f77 0199f9a1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/18 21:32 android14-6.1 6bdf05f15ab2 0199f9a1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/18 11:45 android14-6.1 6bdf05f15ab2 0199f9a1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/17 04:39 android14-6.1 299d5eca2e4a 0737c18f .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/12 21:24 android14-6.1 3c7447b2e379 4efadf07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/12 13:45 android14-6.1 2cc4f53431d8 4efadf07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/10 18:42 android14-6.1 bcc5341a93e8 4683d576 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/10 13:29 android14-6.1 bcc5341a93e8 6972f302 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/10 08:47 android14-6.1 5afccbb9b4d4 6972f302 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/07 08:17 android14-6.1 6bfa51973214 5cb44a80 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/03/04 13:51 android14-6.1 6bfa51973214 e6b6b96b .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/02/27 09:16 android14-6.1 6bfa51973214 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
2026/02/26 19:39 android14-6.1 6bfa51973214 ffa54287 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 kernel BUG in mmap_region
* Struck through repros no longer work on HEAD.