syzbot

 sign-in | mailing list | source | docs
🐞 Open [1631]
Subsystems
🐞 Fixed [6115]
🐞 Invalid [15310]
Missing Backports [171]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

kernel BUG in new_curseg (2)

Status: upstream: reported C repro on 2024/12/14 00:50
Subsystems: f2fs
[Documentation on labels]
Reported-by: syzbot+15669ec8c35ddf6c3d43@syzkaller.appspotmail.com
Fix commit: 48ea8b200414 f2fs: fix to avoid panic once fallocation fails for pinfile
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-snapshot-upstream-root ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci2-upstream-fs ci2-upstream-kcsan-gce], missing on: [ci-qemu-native-arm64-kvm ci-qemu2-arm32 ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-usb]
First crash: 108d, last: 1d13h
Cause bisection: introduced by (bisect log) :
commit 84b5bb8bf0f6a78c232a20c2eecdbb8112ac2703
Author: Qi Han <hanqi@vivo.com>
Date: Fri Oct 25 09:18:23 2024 +0000

  f2fs: modify f2fs_is_checkpoint_ready logic to allow more data to be written with the CP disable

Crash: kernel BUG in new_curseg (log)
Repro: C syz .config
  
Discussions (4)
Title Replies (including bot) Last reply
[PATCH] f2fs: fix to avoid panic once fallocation fails for pinfile 2 (2) 2025/02/12 03:00
[syzbot] [f2fs?] kernel BUG in new_curseg (2) 2 (7) 2025/02/11 13:14
[syzbot] Monthly f2fs report (Jan 2025) 0 (1) 2025/01/20 08:12
[syzbot] Monthly f2fs report (Dec 2024) 0 (1) 2024/12/19 21:34
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in new_curseg f2fs C 8 187d 200d 28/28 fixed on 2024/10/22 11:57
Last patch testing requests (2)
Created Duration User Patch Repo Result
2025/02/11 06:09 22m chao@kernel.org https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/syzbot OK log
2025/02/11 05:15 14m chao@kernel.org https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/syzbot report log

Sample crash report:
------------[ cut here ]------------
kernel BUG at fs/f2fs/segment.c:2809!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 5823 Comm: syz-executor115 Not tainted 6.14.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:get_new_segment fs/f2fs/segment.c:2809 [inline]
RIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2939
Code: fb fd e9 1a fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 4c fa ff ff 48 89 df e8 99 52 fb fd e9 3f fa ff ff e8 df 40 97 fd 90 <0f> 0b e8 d7 40 97 fd 90 0f 0b e8 cf 40 97 fd 90 0f 0b e8 c7 40 97
RSP: 0018:ffffc9000406f4a8 EFLAGS: 00010293
RAX: ffffffff84280e61 RBX: 0000000000000018 RCX: ffff88807bb40000
RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018
RBP: dffffc0000000000 R08: ffffffff8427fc95 R09: fffff5200080de84
R10: dffffc0000000000 R11: fffff5200080de84 R12: 0000000000000018
R13: ffff88807c4a1101 R14: 0000000000000018 R15: ffff88807bb3a9d8
FS:  000055555a87e380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd25f2d8100 CR3: 0000000029f36000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3273
 f2fs_allocate_new_section fs/f2fs/segment.c:3287 [inline]
 f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3301
 f2fs_expand_inode_data+0x696/0xca0 fs/f2fs/file.c:1849
 f2fs_fallocate+0x537/0xa10 fs/f2fs/file.c:1959
 vfs_fallocate+0x623/0x7a0 fs/open.c:338
 do_vfs_ioctl+0x258c/0x2e40 fs/ioctl.c:885
 __do_sys_ioctl fs/ioctl.c:904 [inline]
 __se_sys_ioctl+0x80/0x170 fs/ioctl.c:892
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd25f25bcd9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe332ac848 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000400000000080 RCX: 00007fd25f25bcd9
RDX: 00004000000000c0 RSI: 0000000040305828 RDI: 0000000000000005
RBP: 00004000000000c0 R08: 000055555a87f4c0 R09: 000055555a87f4c0
R10: 0000000000000000 R11: 0000000000000246 R12: 00004000000000e0
R13: 0030656c69662f2e R14: 00004000000000c2 R15: 00007fd25f2a403b
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:get_new_segment fs/f2fs/segment.c:2809 [inline]
RIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2939
Code: fb fd e9 1a fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 4c fa ff ff 48 89 df e8 99 52 fb fd e9 3f fa ff ff e8 df 40 97 fd 90 <0f> 0b e8 d7 40 97 fd 90 0f 0b e8 cf 40 97 fd 90 0f 0b e8 c7 40 97
RSP: 0018:ffffc9000406f4a8 EFLAGS: 00010293
RAX: ffffffff84280e61 RBX: 0000000000000018 RCX: ffff88807bb40000
RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018
RBP: dffffc0000000000 R08: ffffffff8427fc95 R09: fffff5200080de84
R10: dffffc0000000000 R11: fffff5200080de84 R12: 0000000000000018
R13: ffff88807c4a1101 R14: 0000000000000018 R15: ffff88807bb3a9d8
FS:  000055555a87e380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd25f2d8100 CR3: 0000000029f36000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (24):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/10 22:37 upstream a64dcfb451e2 43f51a00 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs kernel BUG in new_curseg
2025/02/10 21:42 upstream a64dcfb451e2 43f51a00 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro #1 (corrupt fs)] [mounted in repro #2 (corrupt fs)] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/03/26 23:12 upstream 1e26c5e28ca5 19e40f48 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/03/23 02:23 upstream 183601b78a9b c6512ef7 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/03/08 03:18 upstream 21e4543a2e2f 7e3bd60d .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/02/15 06:43 upstream 04f41cbf03ec 40a34ec9 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/02/10 18:33 upstream a64dcfb451e2 43f51a00 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/02/06 17:42 upstream 92514ef226f5 1e1faf27 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/24 01:30 upstream 21266b8df522 f6a35ef3 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/23 10:53 upstream df60eac9efe8 9d4f14f8 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/21 20:04 upstream 95ec54a420b8 da72ac06 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/20 16:57 upstream ffd294d346d1 6e87cfa2 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/06 02:15 upstream 9244696b34f2 f3558dbf .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/02 22:07 upstream 0bc21e701a6f d3ccff63 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2025/01/02 08:14 upstream 56e6a3499e14 d3ccff63 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/27 08:31 upstream d6ef8b40d075 d3ccff63 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/25 07:46 upstream 9b2ffa6148b1 444551c4 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/20 02:06 upstream baaa2567a712 c87fa8a3 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/19 12:58 upstream eabcdba3ad40 1d58202c .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/18 06:12 upstream 59dbb9d81adf a0626d3a .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/16 05:31 upstream dccbe2047a5b 7cbfbb3a .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/14 04:22 upstream 4800575d8c0b 7cbfbb3a .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/10 09:27 upstream 7cb1b4663150 cfc402b4 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
2024/12/10 00:46 upstream 7cb1b4663150 deb72877 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in new_curseg
* Struck through repros no longer work on HEAD.