Hello,
syzbot found the following issue on:
HEAD commit: c957cbb87315 Linux 5.15.105
git tree: linux-5.15.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=15ef876dc80000
kernel config:
https://syzkaller.appspot.com/x/.config?x=852dc3de44ba1f3f
dashboard link:
https://syzkaller.appspot.com/bug?extid=84695f6eb2486ad175e9
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/91d0cf1fc5fb/disk-c957cbb8.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/346dc1169521/vmlinux-c957cbb8.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/f7005bdc0e20/Image-c957cbb8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+84695f...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 11793 at mm/page_alloc.c:5396 __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
Modules linked in:
CPU: 1 PID: 11793 Comm: syz-executor.2 Not tainted 5.15.105-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
lr : __alloc_pages+0xc8/0x674 mm/page_alloc.c:5389
sp : ffff800025de6ca0
x29: ffff800025de6d90 x28: ffff800025de6cc0 x27: dfff800000000000
x26: ffff700004bbcd98 x25: 0000000000000000 x24: ffff800025de6ce0
x23: ffff80000875c228 x22: 0000000000040c40 x21: 0000000000000000
x20: ffff800025de6d00 x19: 000000000000000b x18: 0000000000000001
x17: ff80800008d7f134 x16: ffff80001193f6fc x15: ffff800008d7f134
x14: 00000000ffff8000 x13: ffffffffffffffff x12: 0000000000000005
x11: 1ffff00004bbcda0 x10: 0000000000000000 x9 : 0000000000000000
x8 : ffff800025de6d28 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000020
x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff800025de6d00
Call trace:
__alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
__alloc_pages_node include/linux/gfp.h:570 [inline]
alloc_pages_node include/linux/gfp.h:584 [inline]
kmalloc_large_node+0x8c/0x190 mm/slub.c:4421
__kmalloc_node+0x368/0x5b8 mm/slub.c:4437
kmalloc_node include/linux/slab.h:614 [inline]
kvmalloc_node+0x14c/0x204 mm/util.c:603
kvmalloc include/linux/mm.h:805 [inline]
ext4_xattr_move_to_block fs/ext4/xattr.c:2583 [inline]
ext4_xattr_make_inode_space fs/ext4/xattr.c:2691 [inline]
ext4_expand_extra_isize_ea+0xb80/0x1688 fs/ext4/xattr.c:2783
__ext4_expand_extra_isize+0x290/0x348 fs/ext4/inode.c:5828
ext4_try_to_expand_extra_isize fs/ext4/inode.c:5871 [inline]
__ext4_mark_inode_dirty+0x4e8/0x924 fs/ext4/inode.c:5949
ext4_inline_data_truncate+0x454/0xb88 fs/ext4/inline.c:1999
ext4_truncate+0x394/0x1058 fs/ext4/inode.c:4201
ext4_process_orphan+0x180/0x2b8 fs/ext4/orphan.c:339
ext4_orphan_cleanup+0x8bc/0x104c fs/ext4/orphan.c:474
ext4_fill_super+0x7f7c/0x868c fs/ext4/super.c:4964
mount_bdev+0x26c/0x368 fs/super.c:1378
ext4_mount+0x44/0x58 fs/ext4/super.c:6568
legacy_get_tree+0xd4/0x16c fs/fs_context.c:610
vfs_get_tree+0x90/0x274 fs/super.c:1508
do_new_mount+0x25c/0x8c8 fs/namespace.c:2994
path_mount+0x590/0x104c fs/namespace.c:3324
do_mount fs/namespace.c:3337 [inline]
__do_sys_mount fs/namespace.c:3545 [inline]
__se_sys_mount fs/namespace.c:3522 [inline]
__arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3522
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 2582
hardirqs last enabled at (2581): [<ffff800008a61444>] lookup_bh_lru fs/buffer.c:1294 [inline]
hardirqs last enabled at (2581): [<ffff800008a61444>] __find_get_block+0x1d0/0xdd4 fs/buffer.c:1306
hardirqs last disabled at (2582): [<ffff80001193ad90>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (414): [<ffff800008030068>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (412): [<ffff800008030034>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace 3500223c5fd1d207 ]---
EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
EXT4-fs (loop2): 1 truncate cleaned up
EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,minixdf,debug_want_extra_isize=0x000000000000002e,lazytime,i_version,quota,,errors=continue. Quota mode: writeback.
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.