[v5.15] WARNING in udf_truncate_extents
0 views
Skip to first unread message
syzbot
Mar 18, 2023, 4:24:58 PM3/18/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 8020ae3c051d Linux 5.15.103
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=179ab881c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=d4215fb4040f8f8d
dashboard link: https://syzkaller.appspot.com/bug?extid=765a118f6c231d72bfe6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/857e17de0f0a/disk-8020ae3c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9efc49fcd441/vmlinux-8020ae3c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f14c38b6bfa7/bzImage-8020ae3c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+765a11...@syzkaller.appspotmail.com
UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4782 at fs/udf/truncate.c:208 udf_truncate_extents+0xf90/0x11a0
Modules linked in:
CPU: 0 PID: 4782 Comm: syz-executor.1 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
RIP: 0010:udf_truncate_extents+0xf90/0x11a0 fs/udf/truncate.c:208
Code: 5c 41 5d 41 5e 41 5f 5d c3 e8 cc 93 a3 fe 41 be fb ff ff ff 48 8b 5c 24 60 49 bc 00 00 00 00 00 fc ff df eb 87 e8 b0 93 a3 fe <0f> 0b e9 7b ff ff ff 48 8d 8c 24 60 01 00 00 80 e1 07 80 c1 03 38
RSP: 0018:ffffc9000482f0c0 EFLAGS: 00010246
RAX: ffffffff82dce520 RBX: 1ffff92000905e30 RCX: 0000000000040000
RDX: ffffc90003b32000 RSI: 000000000003ffff RDI: 0000000000040000
RBP: ffffc9000482f2b0 R08: ffffffff82dcda1b R09: ffffffff82da7d90
R10: 0000000000000002 R11: ffff88801df95700 R12: dffffc0000000000
R13: 0000000000000200 R14: 0000000000000000 R15: 00000000000000ff
FS: 00007f59ea758700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020004000 CR3: 000000002188d000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
udf_do_extend_file+0xdc9/0x1140 fs/udf/inode.c:591
inode_getblk fs/udf/inode.c:798 [inline]
udf_get_block+0x1520/0x4d10 fs/udf/inode.c:448
__block_write_begin_int+0x60b/0x1650 fs/buffer.c:2012
__block_write_begin fs/buffer.c:2062 [inline]
block_write_begin+0x4f/0xc0 fs/buffer.c:2122
udf_write_begin+0x36/0x70 fs/udf/inode.c:212
generic_perform_write+0x2bf/0x5b0 mm/filemap.c:3776
__generic_file_write_iter+0x243/0x4f0 mm/filemap.c:3903
udf_file_write_iter+0x28d/0x530 fs/udf/file.c:163
call_write_iter include/linux/fs.h:2103 [inline]
new_sync_write fs/read_write.c:507 [inline]
vfs_write+0xacf/0xe50 fs/read_write.c:594
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f59ec1e60f9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f59ea758168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f59ec305f80 RCX: 00007f59ec1e60f9
RDX: 000000000208e24b RSI: 0000000020000040 RDI: 0000000000000005
RBP: 00007f59ec241b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff35cc65df R14: 00007f59ea758300 R15: 0000000000022000
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 8020ae3c051d Linux 5.15.103
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=179ab881c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=d4215fb4040f8f8d
dashboard link: https://syzkaller.appspot.com/bug?extid=765a118f6c231d72bfe6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/857e17de0f0a/disk-8020ae3c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9efc49fcd441/vmlinux-8020ae3c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f14c38b6bfa7/bzImage-8020ae3c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+765a11...@syzkaller.appspotmail.com
UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4782 at fs/udf/truncate.c:208 udf_truncate_extents+0xf90/0x11a0
Modules linked in:
CPU: 0 PID: 4782 Comm: syz-executor.1 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
RIP: 0010:udf_truncate_extents+0xf90/0x11a0 fs/udf/truncate.c:208
Code: 5c 41 5d 41 5e 41 5f 5d c3 e8 cc 93 a3 fe 41 be fb ff ff ff 48 8b 5c 24 60 49 bc 00 00 00 00 00 fc ff df eb 87 e8 b0 93 a3 fe <0f> 0b e9 7b ff ff ff 48 8d 8c 24 60 01 00 00 80 e1 07 80 c1 03 38
RSP: 0018:ffffc9000482f0c0 EFLAGS: 00010246
RAX: ffffffff82dce520 RBX: 1ffff92000905e30 RCX: 0000000000040000
RDX: ffffc90003b32000 RSI: 000000000003ffff RDI: 0000000000040000
RBP: ffffc9000482f2b0 R08: ffffffff82dcda1b R09: ffffffff82da7d90
R10: 0000000000000002 R11: ffff88801df95700 R12: dffffc0000000000
R13: 0000000000000200 R14: 0000000000000000 R15: 00000000000000ff
FS: 00007f59ea758700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020004000 CR3: 000000002188d000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
udf_do_extend_file+0xdc9/0x1140 fs/udf/inode.c:591
inode_getblk fs/udf/inode.c:798 [inline]
udf_get_block+0x1520/0x4d10 fs/udf/inode.c:448
__block_write_begin_int+0x60b/0x1650 fs/buffer.c:2012
__block_write_begin fs/buffer.c:2062 [inline]
block_write_begin+0x4f/0xc0 fs/buffer.c:2122
udf_write_begin+0x36/0x70 fs/udf/inode.c:212
generic_perform_write+0x2bf/0x5b0 mm/filemap.c:3776
__generic_file_write_iter+0x243/0x4f0 mm/filemap.c:3903
udf_file_write_iter+0x28d/0x530 fs/udf/file.c:163
call_write_iter include/linux/fs.h:2103 [inline]
new_sync_write fs/read_write.c:507 [inline]
vfs_write+0xacf/0xe50 fs/read_write.c:594
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f59ec1e60f9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f59ea758168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f59ec305f80 RCX: 00007f59ec1e60f9
RDX: 000000000208e24b RSI: 0000000020000040 RDI: 0000000000000005
RBP: 00007f59ec241b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff35cc65df R14: 00007f59ea758300 R15: 0000000000022000
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 18, 2023, 6:00:55 PM3/18/23
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 8020ae3c051d Linux 5.15.103
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1346714ac80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=173448f6c80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/857e17de0f0a/disk-8020ae3c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9efc49fcd441/vmlinux-8020ae3c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f14c38b6bfa7/bzImage-8020ae3c.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/77d2f7fc46e0/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+765a11...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 3831 at fs/udf/truncate.c:208 udf_truncate_extents+0xf90/0x11a0
Modules linked in:
CPU: 1 PID: 3831 Comm: syz-executor275 Not tainted 5.15.103-syzkaller #0
RAX: ffffffff82dce520 RBX: 1ffff9200069be30 RCX: ffff88807adfd700
RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
RBP: ffffc900034df2b0 R08: ffffffff82dcda1b R09: ffffffff82da7d90
R10: 0000000000000002 R11: ffff88807adfd700 R12: dffffc0000000000
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f22a07fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f22a08d47a0 RCX: 00007f22a084e669
RDX: 000000000208e24b RSI: 0000000020000040 RDI: 0000000000000004
RBP: 00007f22a08a0d08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f22a08a00e0
R13: 00000000200004c0 R14: 0032656c69662f2e R15: 00007f22a08d47a8
</TASK>
HEAD commit: 8020ae3c051d Linux 5.15.103
git tree: linux-5.15.y
kernel config: https://syzkaller.appspot.com/x/.config?x=d4215fb4040f8f8d
dashboard link: https://syzkaller.appspot.com/bug?extid=765a118f6c231d72bfe6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1111c0f6c80000
dashboard link: https://syzkaller.appspot.com/bug?extid=765a118f6c231d72bfe6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=173448f6c80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/857e17de0f0a/disk-8020ae3c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9efc49fcd441/vmlinux-8020ae3c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f14c38b6bfa7/bzImage-8020ae3c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+765a11...@syzkaller.appspotmail.com
WARNING: CPU: 1 PID: 3831 at fs/udf/truncate.c:208 udf_truncate_extents+0xf90/0x11a0
Modules linked in:
CPU: 1 PID: 3831 Comm: syz-executor275 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
RIP: 0010:udf_truncate_extents+0xf90/0x11a0 fs/udf/truncate.c:208
Code: 5c 41 5d 41 5e 41 5f 5d c3 e8 cc 93 a3 fe 41 be fb ff ff ff 48 8b 5c 24 60 49 bc 00 00 00 00 00 fc ff df eb 87 e8 b0 93 a3 fe <0f> 0b e9 7b ff ff ff 48 8d 8c 24 60 01 00 00 80 e1 07 80 c1 03 38
RSP: 0018:ffffc900034df0c0 EFLAGS: 00010293
RIP: 0010:udf_truncate_extents+0xf90/0x11a0 fs/udf/truncate.c:208
Code: 5c 41 5d 41 5e 41 5f 5d c3 e8 cc 93 a3 fe 41 be fb ff ff ff 48 8b 5c 24 60 49 bc 00 00 00 00 00 fc ff df eb 87 e8 b0 93 a3 fe <0f> 0b e9 7b ff ff ff 48 8d 8c 24 60 01 00 00 80 e1 07 80 c1 03 38
RAX: ffffffff82dce520 RBX: 1ffff9200069be30 RCX: ffff88807adfd700
RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
RBP: ffffc900034df2b0 R08: ffffffff82dcda1b R09: ffffffff82da7d90
R10: 0000000000000002 R11: ffff88807adfd700 R12: dffffc0000000000
R13: 0000000000000200 R14: 0000000000000000 R15: 00000000000000ff
FS: 00007f22a07fa700(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffdae9949b0 CR3: 000000007a440000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
udf_do_extend_file+0xdc9/0x1140 fs/udf/inode.c:591
inode_getblk fs/udf/inode.c:798 [inline]
udf_get_block+0x1520/0x4d10 fs/udf/inode.c:448
__block_write_begin_int+0x60b/0x1650 fs/buffer.c:2012
__block_write_begin fs/buffer.c:2062 [inline]
block_write_begin+0x4f/0xc0 fs/buffer.c:2122
udf_write_begin+0x36/0x70 fs/udf/inode.c:212
generic_perform_write+0x2bf/0x5b0 mm/filemap.c:3776
__generic_file_write_iter+0x243/0x4f0 mm/filemap.c:3903
udf_file_write_iter+0x28d/0x530 fs/udf/file.c:163
call_write_iter include/linux/fs.h:2103 [inline]
new_sync_write fs/read_write.c:507 [inline]
vfs_write+0xacf/0xe50 fs/read_write.c:594
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f22a084e669
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
udf_do_extend_file+0xdc9/0x1140 fs/udf/inode.c:591
inode_getblk fs/udf/inode.c:798 [inline]
udf_get_block+0x1520/0x4d10 fs/udf/inode.c:448
__block_write_begin_int+0x60b/0x1650 fs/buffer.c:2012
__block_write_begin fs/buffer.c:2062 [inline]
block_write_begin+0x4f/0xc0 fs/buffer.c:2122
udf_write_begin+0x36/0x70 fs/udf/inode.c:212
generic_perform_write+0x2bf/0x5b0 mm/filemap.c:3776
__generic_file_write_iter+0x243/0x4f0 mm/filemap.c:3903
udf_file_write_iter+0x28d/0x530 fs/udf/file.c:163
call_write_iter include/linux/fs.h:2103 [inline]
new_sync_write fs/read_write.c:507 [inline]
vfs_write+0xacf/0xe50 fs/read_write.c:594
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x61/0xcb
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f22a07fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f22a08d47a0 RCX: 00007f22a084e669
RDX: 000000000208e24b RSI: 0000000020000040 RDI: 0000000000000004
RBP: 00007f22a08a0d08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f22a08a00e0
R13: 00000000200004c0 R14: 0032656c69662f2e R15: 00007f22a08d47a8
</TASK>
syzbot
Mar 18, 2023, 8:16:51 PM3/18/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7eaef76fbc46 Linux 6.1.20
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=153675bec80000
kernel config: https://syzkaller.appspot.com/x/.config?x=29ad3fe3c7b61175
dashboard link: https://syzkaller.appspot.com/bug?extid=c9e721ff7f0f74b75956
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=176c3ebac80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11847c6ec80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/34f95428f5fb/disk-7eaef76f.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1bdd9b2c390d/vmlinux-7eaef76f.xz
kernel image: https://storage.googleapis.com/syzbot-assets/419140981cfa/Image-7eaef76f.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/04a0c5642707/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c9e721...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5560 at fs/udf/truncate.c:208 udf_truncate_extents+0xbf4/0xdc8
Modules linked in:
CPU: 0 PID: 5560 Comm: syz-executor120 Not tainted 6.1.20-syzkaller #0
pc : udf_truncate_extents+0xbf4/0xdc8
lr : udf_truncate_extents+0xbf0/0xdc8 fs/udf/truncate.c:208
sp : ffff800020076da0
x29: ffff800020076f80 x28: ffff0000e105a818 x27: 0000000000000200
x26: dfff800000000000 x25: ffff800020076f20 x24: 00000000000000ff
x23: 0000000000000010 x22: ffff800020076ee0 x21: 00000000000000ff
x20: ffff0000e105a7c8 x19: ffff800020076ea0 x18: ffff8000200767a0
x17: ffff80001572d000 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: ffff0000d5bf1b40
x11: ff80800009991b88 x10: 0000000000000000 x9 : ffff800009991b88
x8 : ffff0000d5bf1b40 x7 : ffff800009973fe8 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : ffff800020076ea8 x1 : 0000000000000200 x0 : 0000000000000000
Call trace:
udf_truncate_extents+0xbf4/0xdc8
udf_do_extend_file+0xae0/0xde0 fs/udf/inode.c:592
inode_getblk fs/udf/inode.c:799 [inline]
udf_get_block+0x1170/0x3f08 fs/udf/inode.c:449
__block_write_begin_int+0x340/0x13b4 fs/buffer.c:1991
__block_write_begin fs/buffer.c:2041 [inline]
block_write_begin+0x98/0x11c fs/buffer.c:2102
udf_write_begin+0x44/0x88 fs/udf/inode.c:212
generic_perform_write+0x278/0x55c mm/filemap.c:3754
__generic_file_write_iter+0x168/0x388 mm/filemap.c:3882
udf_file_write_iter+0x234/0x584 fs/udf/file.c:164
call_write_iter include/linux/fs.h:2205 [inline]
new_sync_write fs/read_write.c:491 [inline]
vfs_write+0x610/0x914 fs/read_write.c:584
ksys_write+0x15c/0x26c fs/read_write.c:637
__do_sys_write fs/read_write.c:649 [inline]
__se_sys_write fs/read_write.c:646 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:646
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
irq event stamp: 14710
hardirqs last enabled at (14709): [<ffff80000896fe60>] ___slab_alloc+0xd08/0xee0 mm/slub.c:3132
hardirqs last disabled at (14710): [<ffff8000122560d4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (14496): [<ffff800008020ee8>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last enabled at (14496): [<ffff800008020ee8>] __do_softirq+0xd88/0xff4 kernel/softirq.c:600
softirqs last disabled at (14467): [<ffff80000802b598>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5560 at fs/udf/truncate.c:208 udf_truncate_extents+0xbf4/0xdc8
Modules linked in:
CPU: 1 PID: 5560 Comm: syz-executor120 Tainted: G W 6.1.20-syzkaller #0
pc : udf_truncate_extents+0xbf4/0xdc8
lr : udf_truncate_extents+0xbf0/0xdc8 fs/udf/truncate.c:208
sp : ffff8000200775c0
x29: ffff8000200777a0 x28: ffff0000e105a818 x27: 0000000000000200
x26: dfff800000000000 x25: ffff800020077740 x24: 00000000000000ff
x23: 0000000000000010 x22: ffff800020077700 x21: 00000000000000ff
x20: ffff0000e105a7c8 x19: ffff8000200776c0 x18: 1fffe000368b3d76
x17: ffff80001572d000 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: ffff0000d5bf1b40
x11: ff80800009991b88 x10: 0000000000000000 x9 : ffff800009991b88
x8 : ffff0000d5bf1b40 x7 : ffff800009973fe8 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : ffff8000200776c8 x1 : 0000000000000200 x0 : 0000000000000000
Call trace:
udf_truncate_extents+0xbf4/0xdc8
udf_write_failed+0x164/0x1b4 fs/udf/inode.c:179
udf_write_begin+0x84/0x88 fs/udf/inode.c:214
generic_perform_write+0x278/0x55c mm/filemap.c:3754
__generic_file_write_iter+0x168/0x388 mm/filemap.c:3882
udf_file_write_iter+0x234/0x584 fs/udf/file.c:164
call_write_iter include/linux/fs.h:2205 [inline]
new_sync_write fs/read_write.c:491 [inline]
vfs_write+0x610/0x914 fs/read_write.c:584
ksys_write+0x15c/0x26c fs/read_write.c:637
__do_sys_write fs/read_write.c:649 [inline]
__se_sys_write fs/read_write.c:646 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:646
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
irq event stamp: 14902
hardirqs last enabled at (14901): [<ffff80001233903c>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last enabled at (14901): [<ffff80001233903c>] _raw_spin_unlock_irqrestore+0x48/0xac kernel/locking/spinlock.c:194
hardirqs last disabled at (14902): [<ffff8000122560d4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (14832): [<ffff800008020ee8>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last enabled at (14832): [<ffff800008020ee8>] __do_softirq+0xd88/0xff4 kernel/softirq.c:600
softirqs last disabled at (14713): [<ffff80000802b598>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
---[ end trace 0000000000000000 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 7eaef76fbc46 Linux 6.1.20
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=153675bec80000
kernel config: https://syzkaller.appspot.com/x/.config?x=29ad3fe3c7b61175
dashboard link: https://syzkaller.appspot.com/bug?extid=c9e721ff7f0f74b75956
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=176c3ebac80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11847c6ec80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/34f95428f5fb/disk-7eaef76f.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1bdd9b2c390d/vmlinux-7eaef76f.xz
kernel image: https://storage.googleapis.com/syzbot-assets/419140981cfa/Image-7eaef76f.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/04a0c5642707/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5560 at fs/udf/truncate.c:208 udf_truncate_extents+0xbf4/0xdc8
Modules linked in:
CPU: 0 PID: 5560 Comm: syz-executor120 Not tainted 6.1.20-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : udf_truncate_extents+0xbf4/0xdc8
lr : udf_truncate_extents+0xbf0/0xdc8 fs/udf/truncate.c:208
sp : ffff800020076da0
x29: ffff800020076f80 x28: ffff0000e105a818 x27: 0000000000000200
x26: dfff800000000000 x25: ffff800020076f20 x24: 00000000000000ff
x23: 0000000000000010 x22: ffff800020076ee0 x21: 00000000000000ff
x20: ffff0000e105a7c8 x19: ffff800020076ea0 x18: ffff8000200767a0
x17: ffff80001572d000 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: ffff0000d5bf1b40
x11: ff80800009991b88 x10: 0000000000000000 x9 : ffff800009991b88
x8 : ffff0000d5bf1b40 x7 : ffff800009973fe8 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : ffff800020076ea8 x1 : 0000000000000200 x0 : 0000000000000000
Call trace:
udf_truncate_extents+0xbf4/0xdc8
udf_do_extend_file+0xae0/0xde0 fs/udf/inode.c:592
inode_getblk fs/udf/inode.c:799 [inline]
udf_get_block+0x1170/0x3f08 fs/udf/inode.c:449
__block_write_begin_int+0x340/0x13b4 fs/buffer.c:1991
__block_write_begin fs/buffer.c:2041 [inline]
block_write_begin+0x98/0x11c fs/buffer.c:2102
udf_write_begin+0x44/0x88 fs/udf/inode.c:212
generic_perform_write+0x278/0x55c mm/filemap.c:3754
__generic_file_write_iter+0x168/0x388 mm/filemap.c:3882
udf_file_write_iter+0x234/0x584 fs/udf/file.c:164
call_write_iter include/linux/fs.h:2205 [inline]
new_sync_write fs/read_write.c:491 [inline]
vfs_write+0x610/0x914 fs/read_write.c:584
ksys_write+0x15c/0x26c fs/read_write.c:637
__do_sys_write fs/read_write.c:649 [inline]
__se_sys_write fs/read_write.c:646 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:646
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
irq event stamp: 14710
hardirqs last enabled at (14709): [<ffff80000896fe60>] ___slab_alloc+0xd08/0xee0 mm/slub.c:3132
hardirqs last disabled at (14710): [<ffff8000122560d4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (14496): [<ffff800008020ee8>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last enabled at (14496): [<ffff800008020ee8>] __do_softirq+0xd88/0xff4 kernel/softirq.c:600
softirqs last disabled at (14467): [<ffff80000802b598>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5560 at fs/udf/truncate.c:208 udf_truncate_extents+0xbf4/0xdc8
Modules linked in:
CPU: 1 PID: 5560 Comm: syz-executor120 Tainted: G W 6.1.20-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : udf_truncate_extents+0xbf4/0xdc8
lr : udf_truncate_extents+0xbf0/0xdc8 fs/udf/truncate.c:208
sp : ffff8000200775c0
x29: ffff8000200777a0 x28: ffff0000e105a818 x27: 0000000000000200
x26: dfff800000000000 x25: ffff800020077740 x24: 00000000000000ff
x23: 0000000000000010 x22: ffff800020077700 x21: 00000000000000ff
x20: ffff0000e105a7c8 x19: ffff8000200776c0 x18: 1fffe000368b3d76
x17: ffff80001572d000 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: ffff0000d5bf1b40
x11: ff80800009991b88 x10: 0000000000000000 x9 : ffff800009991b88
x8 : ffff0000d5bf1b40 x7 : ffff800009973fe8 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : ffff8000200776c8 x1 : 0000000000000200 x0 : 0000000000000000
Call trace:
udf_truncate_extents+0xbf4/0xdc8
udf_write_failed+0x164/0x1b4 fs/udf/inode.c:179
udf_write_begin+0x84/0x88 fs/udf/inode.c:214
generic_perform_write+0x278/0x55c mm/filemap.c:3754
__generic_file_write_iter+0x168/0x388 mm/filemap.c:3882
udf_file_write_iter+0x234/0x584 fs/udf/file.c:164
call_write_iter include/linux/fs.h:2205 [inline]
new_sync_write fs/read_write.c:491 [inline]
vfs_write+0x610/0x914 fs/read_write.c:584
ksys_write+0x15c/0x26c fs/read_write.c:637
__do_sys_write fs/read_write.c:649 [inline]
__se_sys_write fs/read_write.c:646 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:646
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
irq event stamp: 14902
hardirqs last enabled at (14901): [<ffff80001233903c>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last enabled at (14901): [<ffff80001233903c>] _raw_spin_unlock_irqrestore+0x48/0xac kernel/locking/spinlock.c:194
hardirqs last disabled at (14902): [<ffff8000122560d4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (14832): [<ffff800008020ee8>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last enabled at (14832): [<ffff800008020ee8>] __do_softirq+0xd88/0xff4 kernel/softirq.c:600
softirqs last disabled at (14713): [<ffff80000802b598>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
---[ end trace 0000000000000000 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
https://goo.gl/tpsmEJ#testing-patches
Reply all
Reply to author
Forward
0 new messages