[v5.15] BUG: unable to handle kernel paging request in lmLogSync
1 view
Skip to first unread message
syzbot
Mar 13, 2023, 8:56:40 PM3/13/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 2ddbd0f967b3 Linux 5.15.102
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=14b86542c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=d6af46e4bd7d6a2f
dashboard link: https://syzkaller.appspot.com/bug?extid=2ad6f72a408046e799bd
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/d46a989959b6/disk-2ddbd0f9.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/4d06a9b2ddaf/vmlinux-2ddbd0f9.xz
kernel image: https://storage.googleapis.com/syzbot-assets/0921009430c0/Image-2ddbd0f9.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2ad6f7...@syzkaller.appspotmail.com
Unable to handle kernel paging request at virtual address dfff800000000006
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000006] address between user and kernel address ranges
Internal error: Oops: 96000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 4104 Comm: syz-executor.2 Not tainted 5.15.102-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
pc : lmLogSync+0x210/0x98c fs/jfs/jfs_logmgr.c:945
lr : write_special_inodes fs/jfs/jfs_logmgr.c:207 [inline]
lr : lmLogSync+0x1ec/0x98c fs/jfs/jfs_logmgr.c:945
sp : ffff80001cef7780
x29: ffff80001cef7850 x28: 1ffff00002937a9d x27: dfff800000000000
x26: fffffbffeff32b7c x25: ffff80001cef77a0 x24: 1fffe0001ae97806
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000030
x20: ffff0000c8470238 x19: ffff0000da444800 x18: 0000000000000000
x17: ff80800008b5952c x16: ffff80000824ff34 x15: ffff800008b5952c
x14: 1ffff0000293806a x13: ffffffffffffffff x12: 0000000000000000
x11: ff808000086d0bc0 x10: 0000000000000000 x9 : ef0af81063f09b00
x8 : 0000000000000006 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000010
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
lmLogSync+0x210/0x98c fs/jfs/jfs_logmgr.c:945
jfs_syncpt+0x74/0x98 fs/jfs/jfs_logmgr.c:1049
jfs_sync_fs+0x8c/0xac fs/jfs/super.c:690
sync_filesystem+0xe8/0x218 fs/sync.c:56
generic_shutdown_super+0x70/0x29c fs/super.c:448
kill_block_super+0x70/0xdc fs/super.c:1396
deactivate_locked_super+0xb8/0x13c fs/super.c:335
deactivate_super+0x108/0x128 fs/super.c:366
cleanup_mnt+0x3c0/0x474 fs/namespace.c:1143
__cleanup_mnt+0x20/0x30 fs/namespace.c:1150
task_work_run+0x130/0x1e4 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
do_notify_resume+0x262c/0x32b8 arch/arm64/kernel/signal.c:946
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_svc+0xfc/0x1f0 arch/arm64/kernel/entry-common.c:597
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
Code: 97bfd45f f94002a8 9100c115 d343fea8 (387b6908)
---[ end trace 3bfec0633089554c ]---
----------------
Code disassembly (best guess):
0: 97bfd45f bl 0xfffffffffeff517c
4: f94002a8 ldr x8, [x21]
8: 9100c115 add x21, x8, #0x30
c: d343fea8 lsr x8, x21, #3
* 10: 387b6908 ldrb w8, [x8, x27] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 2ddbd0f967b3 Linux 5.15.102
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=14b86542c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=d6af46e4bd7d6a2f
dashboard link: https://syzkaller.appspot.com/bug?extid=2ad6f72a408046e799bd
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/d46a989959b6/disk-2ddbd0f9.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/4d06a9b2ddaf/vmlinux-2ddbd0f9.xz
kernel image: https://storage.googleapis.com/syzbot-assets/0921009430c0/Image-2ddbd0f9.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2ad6f7...@syzkaller.appspotmail.com
Unable to handle kernel paging request at virtual address dfff800000000006
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000006] address between user and kernel address ranges
Internal error: Oops: 96000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 4104 Comm: syz-executor.2 Not tainted 5.15.102-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
pc : lmLogSync+0x210/0x98c fs/jfs/jfs_logmgr.c:945
lr : write_special_inodes fs/jfs/jfs_logmgr.c:207 [inline]
lr : lmLogSync+0x1ec/0x98c fs/jfs/jfs_logmgr.c:945
sp : ffff80001cef7780
x29: ffff80001cef7850 x28: 1ffff00002937a9d x27: dfff800000000000
x26: fffffbffeff32b7c x25: ffff80001cef77a0 x24: 1fffe0001ae97806
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000030
x20: ffff0000c8470238 x19: ffff0000da444800 x18: 0000000000000000
x17: ff80800008b5952c x16: ffff80000824ff34 x15: ffff800008b5952c
x14: 1ffff0000293806a x13: ffffffffffffffff x12: 0000000000000000
x11: ff808000086d0bc0 x10: 0000000000000000 x9 : ef0af81063f09b00
x8 : 0000000000000006 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000010
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
lmLogSync+0x210/0x98c fs/jfs/jfs_logmgr.c:945
jfs_syncpt+0x74/0x98 fs/jfs/jfs_logmgr.c:1049
jfs_sync_fs+0x8c/0xac fs/jfs/super.c:690
sync_filesystem+0xe8/0x218 fs/sync.c:56
generic_shutdown_super+0x70/0x29c fs/super.c:448
kill_block_super+0x70/0xdc fs/super.c:1396
deactivate_locked_super+0xb8/0x13c fs/super.c:335
deactivate_super+0x108/0x128 fs/super.c:366
cleanup_mnt+0x3c0/0x474 fs/namespace.c:1143
__cleanup_mnt+0x20/0x30 fs/namespace.c:1150
task_work_run+0x130/0x1e4 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
do_notify_resume+0x262c/0x32b8 arch/arm64/kernel/signal.c:946
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_svc+0xfc/0x1f0 arch/arm64/kernel/entry-common.c:597
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
Code: 97bfd45f f94002a8 9100c115 d343fea8 (387b6908)
---[ end trace 3bfec0633089554c ]---
----------------
Code disassembly (best guess):
0: 97bfd45f bl 0xfffffffffeff517c
4: f94002a8 ldr x8, [x21]
8: 9100c115 add x21, x8, #0x30
c: d343fea8 lsr x8, x21, #3
* 10: 387b6908 ldrb w8, [x8, x27] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 13, 2023, 9:30:42 PM3/13/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 6449a0ba6843 Linux 6.1.19
syzbot found the following issue on:
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=14cbe048c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=75eadb21ef1208e4
dashboard link: https://syzkaller.appspot.com/bug?extid=3f7799509c4dd2b53232
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=169ad88ac80000
userspace arch: arm64
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14cad43ac80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/dc227ecd3e21/disk-6449a0ba.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1d08e21b50c2/vmlinux-6449a0ba.xz
kernel image: https://storage.googleapis.com/syzbot-assets/71a43f2c4d2c/Image-6449a0ba.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/1a582db98177/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Unable to handle kernel paging request at virtual address dfff800000000006
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000006] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000006] address between user and kernel address ranges
Modules linked in:
CPU: 0 PID: 4338 Comm: syz-executor367 Not tainted 6.1.19-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
pc : lmLogSync+0x210/0x978 fs/jfs/jfs_logmgr.c:937
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
lr : write_special_inodes fs/jfs/jfs_logmgr.c:207 [inline]
lr : lmLogSync+0x1ec/0x978 fs/jfs/jfs_logmgr.c:937
sp : ffff80001db87700
x29: ffff80001db877d0 x28: 1ffff00002ae5aa9 x27: dfff800000000000
x26: 0000000000000002 x25: ffff80001db87720 x24: 1fffe0001b1d0c06
x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000030
x20: ffff0000c1145e38 x19: ffff0000da0c0000 x18: 1fffe000368b0376
x17: ffff80001572d000 x16: ffff8000121a2680 x15: 0000000000000000
x14: 1ffff00002ae60b0 x13: dfff800000000000 x12: 0000000000000003
x11: ff8080000874b2c0 x10: 0000000000000000 x9 : e7b52e8ce3da1a00
x8 : 0000000000000006 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000010
x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
lmLogSync+0x210/0x978 fs/jfs/jfs_logmgr.c:937
write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
jfs_syncpt+0x74/0x98 fs/jfs/jfs_logmgr.c:1041
jfs_sync_fs+0x8c/0xac fs/jfs/super.c:685
sync_filesystem+0xe8/0x218 fs/sync.c:56
generic_shutdown_super+0x70/0x328 fs/super.c:474
kill_block_super+0x70/0xdc fs/super.c:1441
deactivate_locked_super+0xac/0x124 fs/super.c:332
deactivate_super+0xf0/0x110 fs/super.c:363
cleanup_mnt+0x394/0x41c fs/namespace.c:1186
__cleanup_mnt+0x20/0x30 fs/namespace.c:1193
task_work_run+0x240/0x2f0 kernel/task_work.c:179
resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
do_notify_resume+0x2144/0x3470 arch/arm64/kernel/signal.c:1132
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
el0_svc+0x9c/0x168 arch/arm64/kernel/entry-common.c:638
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
Code: 97be074c f94002a8 9100c115 d343fea8 (387b6908)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: 97be074c bl 0xfffffffffef81d30
Code disassembly (best guess):
4: f94002a8 ldr x8, [x21]
8: 9100c115 add x21, x8, #0x30
c: d343fea8 lsr x8, x21, #3
* 10: 387b6908 ldrb w8, [x8, x27] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
8: 9100c115 add x21, x8, #0x30
c: d343fea8 lsr x8, x21, #3
* 10: 387b6908 ldrb w8, [x8, x27] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
https://goo.gl/tpsmEJ#testing-patches
syzbot
Mar 3, 2024, 1:07:24 AMMar 3
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 80efc6265290 Linux 5.15.150
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1311f80e180000
kernel config: https://syzkaller.appspot.com/x/.config?x=ca39ec49d1cf2068
dashboard link: https://syzkaller.appspot.com/bug?extid=2ad6f72a408046e799bd
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16b08a12180000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=137f5a6a180000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/47cbb3459f23/disk-80efc626.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/40559d394d5f/vmlinux-80efc626.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b59e1390e778/Image-80efc626.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c8e6a37fff3b/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2ad6f7...@syzkaller.appspotmail.com
Unable to handle kernel paging request at virtual address dfff800000000006
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000006] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 234 Comm: jfsCommit Not tainted 5.15.150-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
sp : ffff80001af07b00
x29: ffff80001af07bc0 x28: ffff80001c001000 x27: dfff800000000000
x26: ffff0000d9f42000 x25: ffff80001af07b20 x24: 1ffff000029cb2d4
x23: 0000000000000002 x22: 0000000000000006 x21: 0000000000000030
x20: ffff0000c142b638 x19: ffff0000d9f42000 x18: 1fffe0003690298e
x17: 1fffe0003690298e x16: ffff80000824d658 x15: ffff8000149aeb80
x14: 1ffff0000292206a x13: dfff800000000000 x12: 0000000000000003
x11: 0000000000000000 x10: 0000000000000000 x9 : c684eda303509b00
jfs_syncpt+0x74/0x98 fs/jfs/jfs_logmgr.c:1049
txEnd+0x2e0/0x574 fs/jfs/jfs_txnmgr.c:549
txLazyCommit fs/jfs/jfs_txnmgr.c:2718 [inline]
jfs_lazycommit+0x4d4/0xa40 fs/jfs/jfs_txnmgr.c:2766
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
Code: 97bfefe2 f94002a8 9100c115 d343fea8 (387b6908)
---[ end trace 5e741ebe37c7e6d8 ]---
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: 80efc6265290 Linux 5.15.150
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1311f80e180000
kernel config: https://syzkaller.appspot.com/x/.config?x=ca39ec49d1cf2068
dashboard link: https://syzkaller.appspot.com/bug?extid=2ad6f72a408046e799bd
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16b08a12180000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=137f5a6a180000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/47cbb3459f23/disk-80efc626.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/40559d394d5f/vmlinux-80efc626.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b59e1390e778/Image-80efc626.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c8e6a37fff3b/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2ad6f7...@syzkaller.appspotmail.com
Unable to handle kernel paging request at virtual address dfff800000000006
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000006] address between user and kernel address ranges
Modules linked in:
CPU: 1 PID: 234 Comm: jfsCommit Not tainted 5.15.150-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
pc : lmLogSync+0x128/0x98c fs/jfs/jfs_logmgr.c:943
pc : write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
lr : write_special_inodes fs/jfs/jfs_logmgr.c:207 [inline]
lr : lmLogSync+0x104/0x98c fs/jfs/jfs_logmgr.c:943
sp : ffff80001af07b00
x29: ffff80001af07bc0 x28: ffff80001c001000 x27: dfff800000000000
x26: ffff0000d9f42000 x25: ffff80001af07b20 x24: 1ffff000029cb2d4
x23: 0000000000000002 x22: 0000000000000006 x21: 0000000000000030
x20: ffff0000c142b638 x19: ffff0000d9f42000 x18: 1fffe0003690298e
x17: 1fffe0003690298e x16: ffff80000824d658 x15: ffff8000149aeb80
x14: 1ffff0000292206a x13: dfff800000000000 x12: 0000000000000003
x11: 0000000000000000 x10: 0000000000000000 x9 : c684eda303509b00
x8 : 0000000000000006 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000010
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
lmLogSync+0x128/0x98c fs/jfs/jfs_logmgr.c:943
x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000010
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
write_special_inodes fs/jfs/jfs_logmgr.c:208 [inline]
jfs_syncpt+0x74/0x98 fs/jfs/jfs_logmgr.c:1049
txEnd+0x2e0/0x574 fs/jfs/jfs_txnmgr.c:549
txLazyCommit fs/jfs/jfs_txnmgr.c:2718 [inline]
jfs_lazycommit+0x4d4/0xa40 fs/jfs/jfs_txnmgr.c:2766
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
Code: 97bfefe2 f94002a8 9100c115 d343fea8 (387b6908)
---[ end trace 5e741ebe37c7e6d8 ]---
----------------
Code disassembly (best guess):
0: 97bfefe2 bl 0xfffffffffeffbf88
Code disassembly (best guess):
4: f94002a8 ldr x8, [x21]
8: 9100c115 add x21, x8, #0x30
c: d343fea8 lsr x8, x21, #3
* 10: 387b6908 ldrb w8, [x8, x27] <-- trapping instruction
---
If you want syzbot to run the reproducer, reply with:
8: 9100c115 add x21, x8, #0x30
c: d343fea8 lsr x8, x21, #3
* 10: 387b6908 ldrb w8, [x8, x27] <-- trapping instruction
---
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
Reply all
Reply to author
Forward
0 new messages