kernel BUG in ext4_write_inline_data
5 views
Skip to first unread message
syzbot
Nov 4, 2022, 2:44:40 PM11/4/22
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: a901bb6c7db7 Linux 4.14.298
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11121f46880000
kernel config: https://syzkaller.appspot.com/x/.config?x=ad93a82b957e1fc7
dashboard link: https://syzkaller.appspot.com/bug?extid=da175c0c1945da84be10
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12cd3605880000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=145ee761880000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/8fb1ee686117/disk-a901bb6c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/b471b0b5f252/vmlinux-a901bb6c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/053c41a3c8fb/bzImage-a901bb6c.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c6d93b248508/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+da175c...@syzkaller.appspotmail.com
EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 65 with error 117
EXT4-fs (loop0): This should not happen!! Data will be lost
EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
EXT4-fs error (device loop0): ext4_validate_block_bitmap:405: comm syz-executor287: bg 0: block 5: invalid block bitmap
------------[ cut here ]------------
kernel BUG at fs/ext4/inline.c:231!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 13960 Comm: syz-executor287 Not tainted 4.14.298-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
task: ffff8880a2800500 task.stack: ffff888094340000
RIP: 0010:ext4_write_inline_data+0x2e6/0x380 fs/ext4/inline.c:231
RSP: 0018:ffff8880943477b8 EFLAGS: 00010297
RAX: ffff8880a2800500 RBX: ffff88808ad8a6f0 RCX: 0000000000001000
RDX: 0000000000000000 RSI: ffff888094347840 RDI: ffff88808ad8abb8
RBP: 0000000000001000 R08: 0000000000001000 R09: 0000000000000000
R10: ffff888094347790 R11: 0000000000000000 R12: 0000000000001000
R13: ffff888094347840 R14: ffff88808ad8abb6 R15: ffff88808ad8a558
FS: 00007fcc477ad700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000056106d26f2e8 CR3: 000000009fd12000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
ext4_write_inline_data_end+0x1db/0x490 fs/ext4/inline.c:769
ext4_da_write_inline_data_end+0x30/0x410 fs/ext4/inline.c:966
ext4_da_write_end+0x3b5/0x8e0 fs/ext4/inode.c:3244
generic_perform_write+0x268/0x420 mm/filemap.c:3066
__generic_file_write_iter+0x227/0x590 mm/filemap.c:3180
ext4_file_write_iter+0x276/0xd20 fs/ext4/file.c:270
call_write_iter include/linux/fs.h:1780 [inline]
do_iter_readv_writev+0x4cf/0x5f0 fs/read_write.c:675
do_iter_write+0x152/0x550 fs/read_write.c:954
vfs_writev+0x125/0x290 fs/read_write.c:999
do_pwritev fs/read_write.c:1088 [inline]
SYSC_pwritev2 fs/read_write.c:1147 [inline]
SyS_pwritev2+0x195/0x230 fs/read_write.c:1138
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x5e/0xd3
Code: 5f e9 0f 15 9c ff e8 0a 15 9c ff 45 8d 64 2c c4 b8 3c 00 00 00 29 e8 89 04 24 e9 e7 fe ff ff e8 f1 14 9c ff 0f 0b e8 ea 14 9c ff <0f> 0b e8 c3 d1 c5 ff e9 2a fe ff ff 4c 89 f7 e8 b6 d1 c5 ff e9
RIP: ext4_write_inline_data+0x2e6/0x380 fs/ext4/inline.c:231 RSP: ffff8880943477b8
---[ end trace 512988a09343f3dd ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: a901bb6c7db7 Linux 4.14.298
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11121f46880000
kernel config: https://syzkaller.appspot.com/x/.config?x=ad93a82b957e1fc7
dashboard link: https://syzkaller.appspot.com/bug?extid=da175c0c1945da84be10
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12cd3605880000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=145ee761880000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/8fb1ee686117/disk-a901bb6c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/b471b0b5f252/vmlinux-a901bb6c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/053c41a3c8fb/bzImage-a901bb6c.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c6d93b248508/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+da175c...@syzkaller.appspotmail.com
EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 65 with error 117
EXT4-fs (loop0): This should not happen!! Data will be lost
EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
EXT4-fs error (device loop0): ext4_validate_block_bitmap:405: comm syz-executor287: bg 0: block 5: invalid block bitmap
------------[ cut here ]------------
kernel BUG at fs/ext4/inline.c:231!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 13960 Comm: syz-executor287 Not tainted 4.14.298-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
task: ffff8880a2800500 task.stack: ffff888094340000
RIP: 0010:ext4_write_inline_data+0x2e6/0x380 fs/ext4/inline.c:231
RSP: 0018:ffff8880943477b8 EFLAGS: 00010297
RAX: ffff8880a2800500 RBX: ffff88808ad8a6f0 RCX: 0000000000001000
RDX: 0000000000000000 RSI: ffff888094347840 RDI: ffff88808ad8abb8
RBP: 0000000000001000 R08: 0000000000001000 R09: 0000000000000000
R10: ffff888094347790 R11: 0000000000000000 R12: 0000000000001000
R13: ffff888094347840 R14: ffff88808ad8abb6 R15: ffff88808ad8a558
FS: 00007fcc477ad700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000056106d26f2e8 CR3: 000000009fd12000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
ext4_write_inline_data_end+0x1db/0x490 fs/ext4/inline.c:769
ext4_da_write_inline_data_end+0x30/0x410 fs/ext4/inline.c:966
ext4_da_write_end+0x3b5/0x8e0 fs/ext4/inode.c:3244
generic_perform_write+0x268/0x420 mm/filemap.c:3066
__generic_file_write_iter+0x227/0x590 mm/filemap.c:3180
ext4_file_write_iter+0x276/0xd20 fs/ext4/file.c:270
call_write_iter include/linux/fs.h:1780 [inline]
do_iter_readv_writev+0x4cf/0x5f0 fs/read_write.c:675
do_iter_write+0x152/0x550 fs/read_write.c:954
vfs_writev+0x125/0x290 fs/read_write.c:999
do_pwritev fs/read_write.c:1088 [inline]
SYSC_pwritev2 fs/read_write.c:1147 [inline]
SyS_pwritev2+0x195/0x230 fs/read_write.c:1138
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x5e/0xd3
Code: 5f e9 0f 15 9c ff e8 0a 15 9c ff 45 8d 64 2c c4 b8 3c 00 00 00 29 e8 89 04 24 e9 e7 fe ff ff e8 f1 14 9c ff 0f 0b e8 ea 14 9c ff <0f> 0b e8 c3 d1 c5 ff e9 2a fe ff ff 4c 89 f7 e8 b6 d1 c5 ff e9
RIP: ext4_write_inline_data+0x2e6/0x380 fs/ext4/inline.c:231 RSP: ffff8880943477b8
---[ end trace 512988a09343f3dd ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Reply all
Reply to author
Forward
0 new messages