[v5.15] WARNING in ext4_expand_extra_isize_ea
1 view
Skip to first unread message
syzbot
Mar 30, 2023, 5:05:48 PM3/30/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: c957cbb87315 Linux 5.15.105
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15ef876dc80000
kernel config: https://syzkaller.appspot.com/x/.config?x=852dc3de44ba1f3f
dashboard link: https://syzkaller.appspot.com/bug?extid=84695f6eb2486ad175e9
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/91d0cf1fc5fb/disk-c957cbb8.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/346dc1169521/vmlinux-c957cbb8.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f7005bdc0e20/Image-c957cbb8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+84695f...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 11793 at mm/page_alloc.c:5396 __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
Modules linked in:
CPU: 1 PID: 11793 Comm: syz-executor.2 Not tainted 5.15.105-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
lr : __alloc_pages+0xc8/0x674 mm/page_alloc.c:5389
sp : ffff800025de6ca0
x29: ffff800025de6d90 x28: ffff800025de6cc0 x27: dfff800000000000
x26: ffff700004bbcd98 x25: 0000000000000000 x24: ffff800025de6ce0
x23: ffff80000875c228 x22: 0000000000040c40 x21: 0000000000000000
x20: ffff800025de6d00 x19: 000000000000000b x18: 0000000000000001
x17: ff80800008d7f134 x16: ffff80001193f6fc x15: ffff800008d7f134
x14: 00000000ffff8000 x13: ffffffffffffffff x12: 0000000000000005
x11: 1ffff00004bbcda0 x10: 0000000000000000 x9 : 0000000000000000
x8 : ffff800025de6d28 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000020
x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff800025de6d00
Call trace:
__alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
__alloc_pages_node include/linux/gfp.h:570 [inline]
alloc_pages_node include/linux/gfp.h:584 [inline]
kmalloc_large_node+0x8c/0x190 mm/slub.c:4421
__kmalloc_node+0x368/0x5b8 mm/slub.c:4437
kmalloc_node include/linux/slab.h:614 [inline]
kvmalloc_node+0x14c/0x204 mm/util.c:603
kvmalloc include/linux/mm.h:805 [inline]
ext4_xattr_move_to_block fs/ext4/xattr.c:2583 [inline]
ext4_xattr_make_inode_space fs/ext4/xattr.c:2691 [inline]
ext4_expand_extra_isize_ea+0xb80/0x1688 fs/ext4/xattr.c:2783
__ext4_expand_extra_isize+0x290/0x348 fs/ext4/inode.c:5828
ext4_try_to_expand_extra_isize fs/ext4/inode.c:5871 [inline]
__ext4_mark_inode_dirty+0x4e8/0x924 fs/ext4/inode.c:5949
ext4_inline_data_truncate+0x454/0xb88 fs/ext4/inline.c:1999
ext4_truncate+0x394/0x1058 fs/ext4/inode.c:4201
ext4_process_orphan+0x180/0x2b8 fs/ext4/orphan.c:339
ext4_orphan_cleanup+0x8bc/0x104c fs/ext4/orphan.c:474
ext4_fill_super+0x7f7c/0x868c fs/ext4/super.c:4964
mount_bdev+0x26c/0x368 fs/super.c:1378
ext4_mount+0x44/0x58 fs/ext4/super.c:6568
legacy_get_tree+0xd4/0x16c fs/fs_context.c:610
vfs_get_tree+0x90/0x274 fs/super.c:1508
do_new_mount+0x25c/0x8c8 fs/namespace.c:2994
path_mount+0x590/0x104c fs/namespace.c:3324
do_mount fs/namespace.c:3337 [inline]
__do_sys_mount fs/namespace.c:3545 [inline]
__se_sys_mount fs/namespace.c:3522 [inline]
__arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3522
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 2582
hardirqs last enabled at (2581): [<ffff800008a61444>] lookup_bh_lru fs/buffer.c:1294 [inline]
hardirqs last enabled at (2581): [<ffff800008a61444>] __find_get_block+0x1d0/0xdd4 fs/buffer.c:1306
hardirqs last disabled at (2582): [<ffff80001193ad90>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (414): [<ffff800008030068>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (412): [<ffff800008030034>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace 3500223c5fd1d207 ]---
EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
EXT4-fs (loop2): 1 truncate cleaned up
EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,minixdf,debug_want_extra_isize=0x000000000000002e,lazytime,i_version,quota,,errors=continue. Quota mode: writeback.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: c957cbb87315 Linux 5.15.105
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15ef876dc80000
kernel config: https://syzkaller.appspot.com/x/.config?x=852dc3de44ba1f3f
dashboard link: https://syzkaller.appspot.com/bug?extid=84695f6eb2486ad175e9
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/91d0cf1fc5fb/disk-c957cbb8.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/346dc1169521/vmlinux-c957cbb8.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f7005bdc0e20/Image-c957cbb8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+84695f...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 11793 at mm/page_alloc.c:5396 __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
Modules linked in:
CPU: 1 PID: 11793 Comm: syz-executor.2 Not tainted 5.15.105-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
lr : __alloc_pages+0xc8/0x674 mm/page_alloc.c:5389
sp : ffff800025de6ca0
x29: ffff800025de6d90 x28: ffff800025de6cc0 x27: dfff800000000000
x26: ffff700004bbcd98 x25: 0000000000000000 x24: ffff800025de6ce0
x23: ffff80000875c228 x22: 0000000000040c40 x21: 0000000000000000
x20: ffff800025de6d00 x19: 000000000000000b x18: 0000000000000001
x17: ff80800008d7f134 x16: ffff80001193f6fc x15: ffff800008d7f134
x14: 00000000ffff8000 x13: ffffffffffffffff x12: 0000000000000005
x11: 1ffff00004bbcda0 x10: 0000000000000000 x9 : 0000000000000000
x8 : ffff800025de6d28 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000020
x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff800025de6d00
Call trace:
__alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
__alloc_pages_node include/linux/gfp.h:570 [inline]
alloc_pages_node include/linux/gfp.h:584 [inline]
kmalloc_large_node+0x8c/0x190 mm/slub.c:4421
__kmalloc_node+0x368/0x5b8 mm/slub.c:4437
kmalloc_node include/linux/slab.h:614 [inline]
kvmalloc_node+0x14c/0x204 mm/util.c:603
kvmalloc include/linux/mm.h:805 [inline]
ext4_xattr_move_to_block fs/ext4/xattr.c:2583 [inline]
ext4_xattr_make_inode_space fs/ext4/xattr.c:2691 [inline]
ext4_expand_extra_isize_ea+0xb80/0x1688 fs/ext4/xattr.c:2783
__ext4_expand_extra_isize+0x290/0x348 fs/ext4/inode.c:5828
ext4_try_to_expand_extra_isize fs/ext4/inode.c:5871 [inline]
__ext4_mark_inode_dirty+0x4e8/0x924 fs/ext4/inode.c:5949
ext4_inline_data_truncate+0x454/0xb88 fs/ext4/inline.c:1999
ext4_truncate+0x394/0x1058 fs/ext4/inode.c:4201
ext4_process_orphan+0x180/0x2b8 fs/ext4/orphan.c:339
ext4_orphan_cleanup+0x8bc/0x104c fs/ext4/orphan.c:474
ext4_fill_super+0x7f7c/0x868c fs/ext4/super.c:4964
mount_bdev+0x26c/0x368 fs/super.c:1378
ext4_mount+0x44/0x58 fs/ext4/super.c:6568
legacy_get_tree+0xd4/0x16c fs/fs_context.c:610
vfs_get_tree+0x90/0x274 fs/super.c:1508
do_new_mount+0x25c/0x8c8 fs/namespace.c:2994
path_mount+0x590/0x104c fs/namespace.c:3324
do_mount fs/namespace.c:3337 [inline]
__do_sys_mount fs/namespace.c:3545 [inline]
__se_sys_mount fs/namespace.c:3522 [inline]
__arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3522
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 2582
hardirqs last enabled at (2581): [<ffff800008a61444>] lookup_bh_lru fs/buffer.c:1294 [inline]
hardirqs last enabled at (2581): [<ffff800008a61444>] __find_get_block+0x1d0/0xdd4 fs/buffer.c:1306
hardirqs last disabled at (2582): [<ffff80001193ad90>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (414): [<ffff800008030068>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (412): [<ffff800008030034>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace 3500223c5fd1d207 ]---
EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
EXT4-fs (loop2): 1 truncate cleaned up
EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,minixdf,debug_want_extra_isize=0x000000000000002e,lazytime,i_version,quota,,errors=continue. Quota mode: writeback.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 31, 2023, 9:46:42 AM3/31/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3b29299e5f60 Linux 6.1.22
syzbot found the following issue on:
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=166e1869c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=4a782518325cb082
dashboard link: https://syzkaller.appspot.com/bug?extid=a06de11bdf679e95e0e2
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/f6cdeb0f8946/disk-3b29299e.raw.xz
Downloadable assets:
vmlinux: https://storage.googleapis.com/syzbot-assets/cc5e0da6e9ab/vmlinux-3b29299e.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9e31f151a6a5/bzImage-3b29299e.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
EXT4-fs (loop4): 1 truncate cleaned up
EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
------------[ cut here ]------------
WARNING: CPU: 1 PID: 18757 at mm/slab_common.c:923 folio_order include/linux/mm.h:738 [inline]
WARNING: CPU: 1 PID: 18757 at mm/slab_common.c:923 free_large_kmalloc+0x39/0x190 mm/slab_common.c:921
Modules linked in:
CPU: 1 PID: 18757 Comm: syz-executor.4 Not tainted 6.1.22-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
RIP: 0010:free_large_kmalloc+0x39/0x190 mm/slab_common.c:923
Code: 48 8b 04 25 28 00 00 00 48 89 44 24 08 48 8b 47 08 a8 01 0f 85 4a 01 00 00 49 89 f6 0f 1f 44 00 00 49 f7 07 00 00 01 00 75 25 <0f> 0b 31 db 80 3d f6 cc 78 0c 00 75 21 c6 05 ed cc 78 0c 01 48 c7
RSP: 0018:ffffc900066b7748 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000000000
RDX: ffffea0000000000 RSI: ffff888044d645a4 RDI: ffffea0001135900
RBP: ffffc900066b7968 R08: ffffffff813d4f88 R09: fffffbfff204de44
R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
R13: 0000000000000000 R14: ffff888044d645a4 R15: ffffea0001135900
FS: 00007f172dbe6700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1acc5821b8 CR3: 000000002839e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
ext4_xattr_move_to_block fs/ext4/xattr.c:2629 [inline]
ext4_xattr_make_inode_space fs/ext4/xattr.c:2692 [inline]
ext4_expand_extra_isize_ea+0x1063/0x1bc0 fs/ext4/xattr.c:2784
__ext4_expand_extra_isize+0x2f7/0x3d0 fs/ext4/inode.c:5890
ext4_try_to_expand_extra_isize fs/ext4/inode.c:5933 [inline]
__ext4_mark_inode_dirty+0x54f/0x920 fs/ext4/inode.c:6011
__ext4_unlink+0x97b/0xba0 fs/ext4/namei.c:3255
ext4_unlink+0x1d5/0x670 fs/ext4/namei.c:3298
vfs_unlink+0x359/0x5f0 fs/namei.c:4252
do_unlinkat+0x49d/0x940 fs/namei.c:4320
__do_sys_unlinkat fs/namei.c:4363 [inline]
__se_sys_unlinkat fs/namei.c:4356 [inline]
__x64_sys_unlinkat+0xca/0xf0 fs/namei.c:4356
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f172ce8c0f9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f172dbe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
RAX: ffffffffffffffda RBX: 00007f172cfabf80 RCX: 00007f172ce8c0f9
RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
RBP: 00007f172cee7b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe6641b35f R14: 00007f172dbe6300 R15: 0000000000022000
</TASK>
syzbot
May 5, 2023, 10:11:51 AM5/5/23
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 8a7f2a5c5aa1 Linux 5.15.110
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=117cbca8280000
kernel config: https://syzkaller.appspot.com/x/.config?x=7e93d602da27af41
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11bffc4c280000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/16bea75b636d/disk-8a7f2a5c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/3b169e33dcf2/vmlinux-8a7f2a5c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/190d08a00950/Image-8a7f2a5c.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/ec13c453f811/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+84695f...@syzkaller.appspotmail.com
EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
------------[ cut here ]------------
WARNING: CPU: 1 PID: 3961 at mm/page_alloc.c:5396 __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
Modules linked in:
CPU: 1 PID: 3961 Comm: syz-executor371 Not tainted 5.15.110-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
x29: ffff80001aad6d90 x28: ffff80001aad6cc0 x27: dfff800000000000
x26: ffff70000355ad98 x25: 0000000000000000 x24: ffff80001aad6ce0
x23: ffff80000875ed88 x22: 0000000000040c40 x21: 0000000000000000
x20: ffff80001aad6d00 x19: 000000000000000b x18: ffff80001aad6ac0
x17: ff80800008d82d84 x16: ffff80000824cb7c x15: ffff800008a00968
x14: ffff8000089fd28c x13: ffffffffffffffff x12: 0000000000000005
x11: 1ffff0000355ada0 x10: 0000000000000000 x9 : 0000000000000000
x8 : ffff80001aad6d28 x7 : 0000000000000000 x6 : ffff80000805cb20
x5 : ffff0000dc5e0888 x4 : 0000000000000000 x3 : 0000000000000020
x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff80001aad6d00
irq event stamp: 16006
hardirqs last enabled at (16005): [<ffff800011a155b0>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (16005): [<ffff800011a155b0>] _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
hardirqs last disabled at (16006): [<ffff80001193d130>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (15674): [<ffff800008020ccc>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (15674): [<ffff800008020ccc>] __do_softirq+0xb5c/0xe20 kernel/softirq.c:587
softirqs last disabled at (15657): [<ffff8000081b573c>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (15657): [<ffff8000081b573c>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (15657): [<ffff8000081b573c>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace 06e2bc3f6a3c8c93 ]---
EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
EXT4-fs (loop0): 1 truncate cleaned up
EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,minixdf,debug_want_extra_isize=0x000000000000002e,lazytime,i_version,quota,,errors=continue. Quota mode: writeback.
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: 8a7f2a5c5aa1 Linux 5.15.110
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=117cbca8280000
kernel config: https://syzkaller.appspot.com/x/.config?x=7e93d602da27af41
dashboard link: https://syzkaller.appspot.com/bug?extid=84695f6eb2486ad175e9
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1244e15c280000
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11bffc4c280000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/16bea75b636d/disk-8a7f2a5c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/3b169e33dcf2/vmlinux-8a7f2a5c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/190d08a00950/Image-8a7f2a5c.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/ec13c453f811/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+84695f...@syzkaller.appspotmail.com
EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
------------[ cut here ]------------
WARNING: CPU: 1 PID: 3961 at mm/page_alloc.c:5396 __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
Modules linked in:
CPU: 1 PID: 3961 Comm: syz-executor371 Not tainted 5.15.110-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
lr : __alloc_pages+0xc8/0x674 mm/page_alloc.c:5389
sp : ffff80001aad6ca0
pc : __alloc_pages+0x33c/0x674 mm/page_alloc.c:5396
lr : __alloc_pages+0xc8/0x674 mm/page_alloc.c:5389
x29: ffff80001aad6d90 x28: ffff80001aad6cc0 x27: dfff800000000000
x26: ffff70000355ad98 x25: 0000000000000000 x24: ffff80001aad6ce0
x23: ffff80000875ed88 x22: 0000000000040c40 x21: 0000000000000000
x20: ffff80001aad6d00 x19: 000000000000000b x18: ffff80001aad6ac0
x17: ff80800008d82d84 x16: ffff80000824cb7c x15: ffff800008a00968
x14: ffff8000089fd28c x13: ffffffffffffffff x12: 0000000000000005
x11: 1ffff0000355ada0 x10: 0000000000000000 x9 : 0000000000000000
x8 : ffff80001aad6d28 x7 : 0000000000000000 x6 : ffff80000805cb20
x5 : ffff0000dc5e0888 x4 : 0000000000000000 x3 : 0000000000000020
x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff80001aad6d00
hardirqs last enabled at (16005): [<ffff800011a155b0>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (16005): [<ffff800011a155b0>] _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
hardirqs last disabled at (16006): [<ffff80001193d130>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last enabled at (15674): [<ffff800008020ccc>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (15674): [<ffff800008020ccc>] __do_softirq+0xb5c/0xe20 kernel/softirq.c:587
softirqs last disabled at (15657): [<ffff8000081b573c>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (15657): [<ffff8000081b573c>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (15657): [<ffff8000081b573c>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace 06e2bc3f6a3c8c93 ]---
EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
EXT4-fs (loop0): 1 truncate cleaned up
EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,minixdf,debug_want_extra_isize=0x000000000000002e,lazytime,i_version,quota,,errors=continue. Quota mode: writeback.
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
syzbot
Aug 16, 2023, 2:52:39 PM8/16/23
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
syzbot
Oct 4, 2023, 6:54:29 AM10/4/23
to syzkaller...@googlegroups.com
syzbot suspects this issue could be fixed by backporting the following commit:
commit cc12a6f25e07ed05d5825a1664b67a970842b2ca
git tree: upstream
Author: Ye Bin <yeb...@huawei.com>
Date: Thu Dec 8 02:32:31 2022 +0000
ext4: allocate extended attribute value in vmalloc area
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15360d26680000
kernel config: https://syzkaller.appspot.com/x/.config?x=7e1620fbf0341078
dashboard link: https://syzkaller.appspot.com/bug?extid=84695f6eb2486ad175e9
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17dc7986680000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10614d9c680000
Please keep in mind that other backports might be required as well.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit cc12a6f25e07ed05d5825a1664b67a970842b2ca
git tree: upstream
Author: Ye Bin <yeb...@huawei.com>
Date: Thu Dec 8 02:32:31 2022 +0000
ext4: allocate extended attribute value in vmalloc area
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15360d26680000
kernel config: https://syzkaller.appspot.com/x/.config?x=7e1620fbf0341078
dashboard link: https://syzkaller.appspot.com/bug?extid=84695f6eb2486ad175e9
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17dc7986680000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10614d9c680000
Please keep in mind that other backports might be required as well.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
Reply all
Reply to author
Forward
0 new messages