syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1327]
Subsystems
🐞 Fixed [7155]
🐞 Invalid [18916]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

kernel BUG in folio_set_bh (3)

Status: upstream: reported syz repro on 2026/05/14 10:36
Subsystems: jfs bfs
Labels: prio:high
[Documentation on labels]
Reported-by: syzbot+32ec8b5bd050c78741c2@syzkaller.appspotmail.com
First crash: 34d, last: 3h36m
✨ AI Jobs (2)
ID Workflow Result Correct Bug Created Started Finished Revision Error
2fe9d731-7035-4521-90bc-86a4d73cb8ae assessment-security DenialOfService: ✅ Exploitable: ❌ FilesystemTrigger: ✅ NetworkTrigger: ❌ PeripheralTrigger: ✅ RemoteTrigger: ❌ Unprivileged: ❌ UserNamespace: ❌ VMGuestTrigger: ❌ VMHostTrigger: ❌ kernel BUG in folio_set_bh (3) 2026/05/30 13:19 2026/05/30 13:19 2026/05/30 14:15 6b4a844333e83556da95d61d7f207e7ef5cd4bc6
08e04d64-f2ad-44bd-ac3a-3866fb3665e4 assessment-security 💥 kernel BUG in folio_set_bh (3) 2026/05/14 10:28 2026/05/14 10:28 2026/05/14 10:29 6ccb967e465e832a7bfd7a116ad00d52a0923a5d failed to run ["git" "pull" "origin" "HEAD" "--depth=1" "--allow-unrelated-histories"]: exit status 128 From /app/workdir/repo/linux * branch HEAD -> FETCH_HEAD Updating files: 27% (25888/93697) Updating files: 28% (26236/93697) Updating files: 29% (27173/93697) Updating files: 30% (28110/93697) Updating files: 31% (29047/93697) Updating files: 32% (29984/93697) Updating files: 33% (30921/93697) Updating files: 34% (31857/93697) Updating files: 35% (32794/93697) Updating files: 36% (33731/93697) Updating files: 36% (33787/93697) Updating files: 37% (34668/93697) Updating files: 38% (35605/93697) Updating files: 39% (36542/93697) Updating files: 39% (37289/93697) Updating files: 39% (37351/93697) error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_10_1_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_10_3_0_default.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_10_3_0_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_10_3_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_0_0_default.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_0_0_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_0_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_0_3_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_0_3_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_5_0_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_11_5_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_12_0_0_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_12_0_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_12_1_0_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_12_1_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_0_default.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_0_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_0_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_1_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_1_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_2_1_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_2_1_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_4_1_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_4_1_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_4_2_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_4_2_sh_mask.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_4_3_offset.h error: unable to write file drivers/gpu/drm/amd/include/asic_reg/gc/gc_9_4_3_sh_mask.h fatal: cannot create directory at 'drivers/gpu/drm/amd/include/asic_reg/gca': No space left on device
Discussions (3)
Title Replies (including bot) Last reply
[syzbot] [karma?] kernel BUG in folio_set_bh (3) 0 (2) 2026/05/31 10:33
[PATCH] jfs: check sb_set_blocksize() return value in jfs_fill_super() 2 (2) 2026/05/15 13:21
Re: [syzbot] [karma?] kernel BUG in folio_set_bh (3) 1 (2) 2026/05/14 16:58
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in folio_set_bh (2) ntfs3 jfs -1 C 46 51d 151d 29/29 fixed on 2026/05/06 16:40
upstream kernel BUG in folio_set_bh ntfs3 -1 C done 202 157d 345d 29/29 fixed on 2026/01/07 12:29

Sample crash report:
qnx4: block size(32768) > page size(4096) not supported by filesystem
------------[ cut here ]------------
kernel BUG at fs/buffer.c:1479!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 5529 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:folio_set_bh+0x1dc/0x1e0 fs/buffer.c:1479
Code: 4c 89 e2 e8 76 56 98 02 e9 42 ff ff ff e8 cc 76 6d ff 48 89 df 48 c7 c6 40 26 df 8b e8 7d be cf fe 90 0f 0b e8 b5 76 6d ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f
RSP: 0018:ffffc9000592f9e0 EFLAGS: 00010293
RAX: ffffffff82584f5b RBX: ffffea00010d3600 RCX: ffff88801faea540
RDX: 0000000000000000 RSI: 0000000000008000 RDI: 0000000000008000
RBP: dffffc0000000000 R08: ffffea00010d3607 R09: 1ffffd400021a6c0
R10: dffffc0000000000 R11: fffff9400021a6c1 R12: 0000000000000003
R13: 0000000000008000 R14: ffff88801ccb4740 R15: 0000000000008000
FS:  00007fd10f47c6c0(0000) GS:ffff88808c891000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f9ccf517eb8 CR3: 0000000012fdd000 CR4: 0000000000352ef0
Call Trace:
 <TASK>
 folio_alloc_buffers+0x228/0x640 fs/buffer.c:849
 grow_dev_folio fs/buffer.c:979 [inline]
 grow_buffers fs/buffer.c:1020 [inline]
 __getblk_slow fs/buffer.c:1038 [inline]
 bdev_getblk+0x2cb/0x6e0 fs/buffer.c:1358
 __bread_gfp+0x89/0x3b0 fs/buffer.c:1412
 sb_bread include/linux/buffer_head.h:346 [inline]
 qnx4_fill_super+0x1c6/0x770 fs/qnx4/inode.c:216
 get_tree_bdev_flags+0x431/0x4f0 fs/super.c:1694
 vfs_get_tree+0x92/0x2a0 fs/super.c:1754
 fc_mount fs/namespace.c:1193 [inline]
 do_new_mount_fc fs/namespace.c:3758 [inline]
 do_new_mount+0x341/0xd30 fs/namespace.c:3834
 do_mount fs/namespace.c:4167 [inline]
 __do_sys_mount fs/namespace.c:4383 [inline]
 __se_sys_mount+0x31d/0x420 fs/namespace.c:4360
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x174/0x580 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd10e59ce59
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fd10f47c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fd10e815fa0 RCX: 00007fd10e59ce59
RDX: 0000200000000100 RSI: 0000200000000000 RDI: 0000200000000040
RBP: 00007fd10e632d6f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000002008080 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fd10e816038 R14: 00007fd10e815fa0 R15: 00007ffe36651068
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:folio_set_bh+0x1dc/0x1e0 fs/buffer.c:1479
Code: 4c 89 e2 e8 76 56 98 02 e9 42 ff ff ff e8 cc 76 6d ff 48 89 df 48 c7 c6 40 26 df 8b e8 7d be cf fe 90 0f 0b e8 b5 76 6d ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f
RSP: 0018:ffffc9000592f9e0 EFLAGS: 00010293
RAX: ffffffff82584f5b RBX: ffffea00010d3600 RCX: ffff88801faea540
RDX: 0000000000000000 RSI: 0000000000008000 RDI: 0000000000008000
RBP: dffffc0000000000 R08: ffffea00010d3607 R09: 1ffffd400021a6c0
R10: dffffc0000000000 R11: fffff9400021a6c1 R12: 0000000000000003
R13: 0000000000008000 R14: ffff88801ccb4740 R15: 0000000000008000
FS:  00007fd10f47c6c0(0000) GS:ffff88808c891000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000559ed6660138 CR3: 0000000012fdd000 CR4: 0000000000352ef0

Crashes (16):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/05/31 10:32 upstream 174914ea5513 6b4a8443 .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/06/13 09:14 upstream 1dadb7e7eb5a 4f06757f .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/06/03 18:40 upstream ba3e43a9e601 234057e5 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/31 16:44 upstream 174914ea5513 6b4a8443 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/31 09:34 upstream 174914ea5513 6b4a8443 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/30 02:10 upstream 9215e74f228f 6b4a8443 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/28 03:39 upstream eb3f4b7426cf 4c36e7e5 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/25 18:20 upstream e7ae89a0c97c c69befb3 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/25 17:31 upstream e7ae89a0c97c c69befb3 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/24 11:54 upstream 4cbfe4502e3d c69befb3 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/20 08:22 upstream 27fa82620cba 6cd1a940 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/18 04:31 upstream e5d505e3664b de5aae85 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/13 18:51 upstream 1d5dcaa3bd65 fec2a7ee .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/13 14:24 upstream 1d5dcaa3bd65 fec2a7ee .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/11 14:05 upstream 5d6919055dec 845acb1c .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
2026/05/10 10:24 upstream 1bfaee9d3351 29233ece .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in folio_set_bh
* Struck through repros no longer work on HEAD.