WARNING in mark_buffer_dirty
19 views
Skip to first unread message
syzbot
Apr 14, 2019, 4:51:42 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: dfca92ba Merge 4.4.169 into android-4.4
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=171dec4b400000
kernel config: https://syzkaller.appspot.com/x/.config?x=39bc4256ec37590
dashboard link: https://syzkaller.appspot.com/bug?extid=dd67188a561e8ad93a47
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+dd6718...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 27897 at fs/buffer.c:1160
mark_buffer_dirty+0x259/0x4d0 fs/buffer.c:1160()
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 27897 Comm: syz-executor4 Not tainted 4.4.169+ #1
0000000000000000 f78d46e92ba991f7 ffff8800871d73c8 ffffffff81aab9c1
0000000000000000 ffffffff82835ee0 ffffffff828a3200 0000000000000488
ffffffff815434b9 ffff8800871d74a8 ffffffff813a46d2 0000000041b58ab3
Call Trace:
[<ffffffff81aab9c1>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81aab9c1>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
[<ffffffff813a46d2>] panic+0x1b9/0x37b kernel/panic.c:112
[<ffffffff813a48c9>] warn_slowpath_common kernel/panic.c:455 [inline]
[<ffffffff813a48c9>] warn_slowpath_common.cold+0x20/0x20 kernel/panic.c:435
[<ffffffff810d3aca>] warn_slowpath_null+0x2a/0x30 kernel/panic.c:492
[<ffffffff815434b9>] mark_buffer_dirty+0x259/0x4d0 fs/buffer.c:1160
[<ffffffff81543fd5>] __block_commit_write.isra.0+0x135/0x1b0
fs/buffer.c:2006
[<ffffffff81544096>] block_write_end+0x46/0xb0 fs/buffer.c:2084
[<ffffffff8154c767>] blkdev_write_end+0x47/0x70 fs/block_dev.c:325
[<ffffffff813b9346>] generic_perform_write+0x326/0x540 mm/filemap.c:2602
lo_write_bvec: 42120 callbacks suppressed
loop: Write error at byte offset 10240000, length 4096.
loop: Write error at byte offset 10244096, length 4096.
loop: Write error at byte offset 10248192, length 4096.
loop: Write error at byte offset 10252288, length 4096.
loop: Write error at byte offset 10256384, length 4096.
loop: Write error at byte offset 10260480, length 4096.
loop: Write error at byte offset 10264576, length 4096.
loop: Write error at byte offset 10268672, length 4096.
loop: Write error at byte offset 10272768, length 4096.
loop: Write error at byte offset 10276864, length 4096.
blk_update_request: 42248 callbacks suppressed
blk_update_request: I/O error, dev loop0, sector 21024
blk_update_request: I/O error, dev loop0, sector 21032
blk_update_request: I/O error, dev loop0, sector 21040
blk_update_request: I/O error, dev loop0, sector 21048
blk_update_request: I/O error, dev loop0, sector 21056
blk_update_request: I/O error, dev loop0, sector 21064
blk_update_request: I/O error, dev loop0, sector 21072
blk_update_request: I/O error, dev loop0, sector 21080
blk_update_request: I/O error, dev loop0, sector 21088
blk_update_request: I/O error, dev loop0, sector 21096
buffer_io_error: 42376 callbacks suppressed
Buffer I/O error on dev loop0, logical block 2756, lost async page write
Buffer I/O error on dev loop0, logical block 2757, lost async page write
Buffer I/O error on dev loop0, logical block 2758, lost async page write
Buffer I/O error on dev loop0, logical block 2759, lost async page write
Buffer I/O error on dev loop0, logical block 2760, lost async page write
Buffer I/O error on dev loop0, logical block 2761, lost async page write
Buffer I/O error on dev loop0, logical block 2762, lost async page write
Buffer I/O error on dev loop0, logical block 2763, lost async page write
Buffer I/O error on dev loop0, logical block 2764, lost async page write
Buffer I/O error on dev loop0, logical block 2765, lost async page write
[<ffffffff813bcec0>] __generic_file_write_iter+0x350/0x540
mm/filemap.c:2716
[<ffffffff8154f7fe>] blkdev_write_iter+0x1ce/0x470 fs/block_dev.c:1655
[<ffffffff81495d10>] vfs_iter_write+0x1d0/0x2d0 fs/read_write.c:364
[<ffffffff815340a1>] iter_file_splice_write+0x5c1/0xb30 fs/splice.c:1024
[<ffffffff81530586>] do_splice_from fs/splice.c:1128 [inline]
[<ffffffff81530586>] direct_splice_actor+0x126/0x1a0 fs/splice.c:1294
[<ffffffff81531e9e>] splice_direct_to_actor+0x2ce/0x850 fs/splice.c:1247
[<ffffffff815325c5>] do_splice_direct+0x1a5/0x260 fs/splice.c:1337
[<ffffffff81499ccd>] do_sendfile+0x4ed/0xba0 fs/read_write.c:1227
[<ffffffff8149bce7>] SYSC_sendfile64 fs/read_write.c:1288 [inline]
[<ffffffff8149bce7>] SyS_sendfile64+0x137/0x150 fs/read_write.c:1274
[<ffffffff827153a1>] entry_SYSCALL_64_fastpath+0x1e/0x9a
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: dfca92ba Merge 4.4.169 into android-4.4
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=171dec4b400000
kernel config: https://syzkaller.appspot.com/x/.config?x=39bc4256ec37590
dashboard link: https://syzkaller.appspot.com/bug?extid=dd67188a561e8ad93a47
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+dd6718...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 27897 at fs/buffer.c:1160
mark_buffer_dirty+0x259/0x4d0 fs/buffer.c:1160()
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 27897 Comm: syz-executor4 Not tainted 4.4.169+ #1
0000000000000000 f78d46e92ba991f7 ffff8800871d73c8 ffffffff81aab9c1
0000000000000000 ffffffff82835ee0 ffffffff828a3200 0000000000000488
ffffffff815434b9 ffff8800871d74a8 ffffffff813a46d2 0000000041b58ab3
Call Trace:
[<ffffffff81aab9c1>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81aab9c1>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
[<ffffffff813a46d2>] panic+0x1b9/0x37b kernel/panic.c:112
[<ffffffff813a48c9>] warn_slowpath_common kernel/panic.c:455 [inline]
[<ffffffff813a48c9>] warn_slowpath_common.cold+0x20/0x20 kernel/panic.c:435
[<ffffffff810d3aca>] warn_slowpath_null+0x2a/0x30 kernel/panic.c:492
[<ffffffff815434b9>] mark_buffer_dirty+0x259/0x4d0 fs/buffer.c:1160
[<ffffffff81543fd5>] __block_commit_write.isra.0+0x135/0x1b0
fs/buffer.c:2006
[<ffffffff81544096>] block_write_end+0x46/0xb0 fs/buffer.c:2084
[<ffffffff8154c767>] blkdev_write_end+0x47/0x70 fs/block_dev.c:325
[<ffffffff813b9346>] generic_perform_write+0x326/0x540 mm/filemap.c:2602
lo_write_bvec: 42120 callbacks suppressed
loop: Write error at byte offset 10240000, length 4096.
loop: Write error at byte offset 10244096, length 4096.
loop: Write error at byte offset 10248192, length 4096.
loop: Write error at byte offset 10252288, length 4096.
loop: Write error at byte offset 10256384, length 4096.
loop: Write error at byte offset 10260480, length 4096.
loop: Write error at byte offset 10264576, length 4096.
loop: Write error at byte offset 10268672, length 4096.
loop: Write error at byte offset 10272768, length 4096.
loop: Write error at byte offset 10276864, length 4096.
blk_update_request: 42248 callbacks suppressed
blk_update_request: I/O error, dev loop0, sector 21024
blk_update_request: I/O error, dev loop0, sector 21032
blk_update_request: I/O error, dev loop0, sector 21040
blk_update_request: I/O error, dev loop0, sector 21048
blk_update_request: I/O error, dev loop0, sector 21056
blk_update_request: I/O error, dev loop0, sector 21064
blk_update_request: I/O error, dev loop0, sector 21072
blk_update_request: I/O error, dev loop0, sector 21080
blk_update_request: I/O error, dev loop0, sector 21088
blk_update_request: I/O error, dev loop0, sector 21096
buffer_io_error: 42376 callbacks suppressed
Buffer I/O error on dev loop0, logical block 2756, lost async page write
Buffer I/O error on dev loop0, logical block 2757, lost async page write
Buffer I/O error on dev loop0, logical block 2758, lost async page write
Buffer I/O error on dev loop0, logical block 2759, lost async page write
Buffer I/O error on dev loop0, logical block 2760, lost async page write
Buffer I/O error on dev loop0, logical block 2761, lost async page write
Buffer I/O error on dev loop0, logical block 2762, lost async page write
Buffer I/O error on dev loop0, logical block 2763, lost async page write
Buffer I/O error on dev loop0, logical block 2764, lost async page write
Buffer I/O error on dev loop0, logical block 2765, lost async page write
[<ffffffff813bcec0>] __generic_file_write_iter+0x350/0x540
mm/filemap.c:2716
[<ffffffff8154f7fe>] blkdev_write_iter+0x1ce/0x470 fs/block_dev.c:1655
[<ffffffff81495d10>] vfs_iter_write+0x1d0/0x2d0 fs/read_write.c:364
[<ffffffff815340a1>] iter_file_splice_write+0x5c1/0xb30 fs/splice.c:1024
[<ffffffff81530586>] do_splice_from fs/splice.c:1128 [inline]
[<ffffffff81530586>] direct_splice_actor+0x126/0x1a0 fs/splice.c:1294
[<ffffffff81531e9e>] splice_direct_to_actor+0x2ce/0x850 fs/splice.c:1247
[<ffffffff815325c5>] do_splice_direct+0x1a5/0x260 fs/splice.c:1337
[<ffffffff81499ccd>] do_sendfile+0x4ed/0xba0 fs/read_write.c:1227
[<ffffffff8149bce7>] SYSC_sendfile64 fs/read_write.c:1288 [inline]
[<ffffffff8149bce7>] SyS_sendfile64+0x137/0x150 fs/read_write.c:1274
[<ffffffff827153a1>] entry_SYSCALL_64_fastpath+0x1e/0x9a
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Apr 14, 2019, 5:30:17 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 860c8b89 Merge 4.9.144 into android-4.9
syzbot found the following crash on:
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=161432db400000
kernel config: https://syzkaller.appspot.com/x/.config?x=13f9a89fd206e10e
dashboard link: https://syzkaller.appspot.com/bug?extid=742d99650f4ae5351772
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
blk_update_request: I/O error, dev loop0, sector 32
Buffer I/O error on dev loop0, logical block 8, lost async page write
blk_update_request: I/O error, dev loop0, sector 36
Buffer I/O error on dev loop0, logical block 9, lost async page write
------------[ cut here ]------------
WARNING: CPU: 0 PID: 29053 at fs/buffer.c:1150
mark_buffer_dirty+0x26c/0x480 fs/buffer.c:1150
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 29053 Comm: syz-executor4 Not tainted 4.9.144+ #77
ffff88019b5cf3f0 ffffffff81b43b89 ffffffff82a39060 00000000ffffffff
ffffffff82ab7b00 0000000000000000 0000000000000009 ffff88019b5cf4b0
ffffffff813f7575 0000000041b58ab3 ffffffff82e2e82b ffffffff813f73b6
Call Trace:
[<ffffffff81b43b89>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81b43b89>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff813f7575>] panic+0x1bf/0x39f kernel/panic.c:179
[<ffffffff813f77b2>] __warn.cold.8+0x2f/0x2f kernel/panic.c:542
[<ffffffff810dc0bc>] warn_slowpath_null+0x2c/0x40 kernel/panic.c:585
[<ffffffff815b8f3c>] mark_buffer_dirty+0x26c/0x480 fs/buffer.c:1150
[<ffffffff815bbc7c>] __block_commit_write.isra.10+0x13c/0x200
fs/buffer.c:2061
[<ffffffff815bbd8a>] block_write_end+0x4a/0x100 fs/buffer.c:2139
[<ffffffff815c7239>] blkdev_write_end+0x49/0x120 fs/block_dev.c:339
[<ffffffff8140fb0c>] generic_perform_write+0x34c/0x500 mm/filemap.c:2764
[<ffffffff81412992>] __generic_file_write_iter+0x352/0x540
mm/filemap.c:2878
[<ffffffff815cb637>] blkdev_write_iter+0x1b7/0x370 fs/block_dev.c:1718
[<ffffffff81507447>] vfs_iter_write+0x2d7/0x450 fs/read_write.c:390
[<ffffffff815aed7b>] iter_file_splice_write+0x5fb/0xb30 fs/splice.c:768
[<ffffffff815aa338>] do_splice_from fs/splice.c:870 [inline]
[<ffffffff815aa338>] direct_splice_actor+0x128/0x190 fs/splice.c:1037
[<ffffffff815abf41>] splice_direct_to_actor+0x2c1/0x7e0 fs/splice.c:992
[<ffffffff815ac603>] do_splice_direct+0x1a3/0x270 fs/splice.c:1080
[<ffffffff8150da00>] do_sendfile+0x4f0/0xc30 fs/read_write.c:1393
[<ffffffff8150fa71>] SYSC_sendfile64 fs/read_write.c:1448 [inline]
[<ffffffff8150fa71>] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1440
[<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
[<ffffffff82818cd3>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
syzbot
Jul 1, 2019, 7:44:04 AM7/1/19
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
syzbot
Oct 25, 2019, 4:47:07 AM10/25/19
to syzkaller-a...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages