syzbot

 sign-in | mailing list | source | docs
🐞 Open [129]
🐞 Fixed [2]
🐞 Invalid [228]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: Bad page map

Status: premoderation: reported on 2026/04/01 02:45
Reported-by: syzbot+c7995cee439188a59480@syzkaller.appspotmail.com
First crash: 2d04h, last: 2d04h
Similar bugs (21)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 BUG: Bad page map (3) -1 3 484d 630d 0/2 auto-obsoleted due to no activity on 2025/03/04 10:23
upstream BUG: Bad page map (9) mm -1 1 107d 103d 0/29 auto-obsoleted due to no activity on 2026/03/17 01:28
android-5-10 BUG: Bad page map -1 1 1122d 1122d 0/2 auto-obsoleted due to no activity on 2023/06/05 15:46
linux-4.19 BUG: Bad page map (3) -1 1 1354d 1354d 0/1 auto-obsoleted due to no activity on 2022/11/15 21:40
upstream BUG: Bad page map (5) mm 19 C 35 1174d 1432d 22/29 fixed on 2023/02/24 13:50
android-5-15 BUG: Bad page map -1 1 636d 636d 0/2 auto-obsoleted due to no activity on 2024/10/03 11:06
linux-4.19 BUG: Bad page map (2) -1 10 1540d 1721d 0/1 auto-closed as invalid on 2022/05/13 11:22
android-54 BUG: Bad page map (3) -1 10 665d 782d 0/2 auto-obsoleted due to no activity on 2024/09/04 10:38
upstream BUG: Bad page map (2) mm -1 syz 127 2766d 2822d 0/29 closed as invalid on 2018/09/05 12:51
upstream BUG: Bad page map (8) mm -1 C done done 10 440d 623d 0/29 auto-obsoleted due to no activity on 2025/04/27 22:16
android-5-10 BUG: Bad page map (2) -1 1 904d 904d 0/2 auto-obsoleted due to no activity on 2024/01/10 02:50
upstream BUG: Bad page map mm -1 1 2825d 2825d 0/29 closed as invalid on 2018/07/08 13:28
upstream BUG: Bad page map (3) kernel -1 4 2636d 2761d 0/29 auto-closed as invalid on 2019/07/13 00:02
linux-4.19 BUG: Bad page map -1 2 2037d 2096d 0/1 auto-closed as invalid on 2021/01/01 08:20
upstream BUG: Bad page map (7) mm -1 C done 19 914d 936d 25/29 fixed on 2023/12/21 03:45
android-54 BUG: Bad page map (2) -1 7 903d 1021d 0/2 auto-obsoleted due to no activity on 2024/01/10 18:32
upstream BUG: Bad page map (4) mm -1 39 1582d 2218d 0/29 auto-closed as invalid on 2022/04/02 04:25
linux-4.14 BUG: Bad page map -1 1 2083d 2083d 0/1 auto-closed as invalid on 2020/11/16 16:05
android-54 BUG: Bad page map (4) -1 18 322d 422d 0/2 auto-obsoleted due to no activity on 2025/08/04 13:44
upstream BUG: Bad page map (6) mm -1 1 1088d 1084d 0/29 auto-obsoleted due to no activity on 2023/07/09 13:20
android-54 BUG: Bad page map -1 1 1317d 1317d 0/2 auto-obsoleted due to no activity on 2022/12/23 04:05

Sample crash report:
get_swap_device: Bad swap offset entry 3ffffff7fffff
BUG: Bad page map in process syz.3.1699  pte:100000000 pmd:11c884067
addr:0000200000201000 vm_flags:00100077 anon_vma:ffff8881145c2450 mapping:0000000000000000 index:200000201
file:(null) fault:0x0 mmap:0x0 read_folio:0x0
CPU: 0 PID: 5402 Comm: syz.3.1699 Tainted: G        W          syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 __dump_stack+0x21/0x24 lib/dump_stack.c:88
 dump_stack_lvl+0x110/0x170 lib/dump_stack.c:106
 dump_stack+0x15/0x24 lib/dump_stack.c:113
 print_bad_pte+0x57b/0x590 mm/memory.c:585
 zap_pte_range mm/memory.c:1511 [inline]
 zap_pmd_range mm/memory.c:1599 [inline]
 zap_pud_range mm/memory.c:1628 [inline]
 zap_p4d_range mm/memory.c:1649 [inline]
 unmap_page_range+0x201c/0x2330 mm/memory.c:1670
 unmap_single_vma mm/memory.c:1716 [inline]
 unmap_vmas+0x34c/0x480 mm/memory.c:1756
 exit_mmap+0x29b/0xc10 mm/mmap.c:3371
 __mmput+0x93/0x360 kernel/fork.c:1312
 mmput+0x4b/0x150 kernel/fork.c:1336
 exit_mm kernel/exit.c:568 [inline]
 do_exit+0x994/0x2660 kernel/exit.c:873
 do_group_exit+0x210/0x2d0 kernel/exit.c:1028
 get_signal+0x13b5/0x1520 kernel/signal.c:2891
 arch_do_signal_or_restart+0xd1/0x1140 arch/x86/kernel/signal.c:871
 exit_to_user_mode_loop+0x7a/0xb0 kernel/entry/common.c:174
 exit_to_user_mode_prepare+0x87/0xd0 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x1a/0x30 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f1055f9c819
Code: Unable to access opcode bytes at 0x7f1055f9c7ef.
RSP: 002b:00007f10549d60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f1056216098 RCX: 00007f1055f9c819
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1056216098
RBP: 00007f1056216090 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1056216128 R14: 00007ffc958ba690 R15: 00007ffc958ba778
 </TASK>
BUG: Bad rss-counter state mm:ffff88810fb2d900 type:MM_ANONPAGES val:1
BUG: Bad rss-counter state mm:ffff88810fb2d900 type:MM_SWAPENTS val:-1

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/01 02:44 android14-6.1 0796816f4de6 fb8b2c26 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 BUG: Bad page map
* Struck through repros no longer work on HEAD.