syzbot

 sign-in | mailing list | source | docs
🐞 Open [1413]
Subsystems
🐞 Fixed [5827]
🐞 Invalid [14217]
Missing Backports [92]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

kernel BUG in _ocfs2_free_suballoc_bits

Status: upstream: reported C repro on 2024/09/03 10:29
Subsystems: ocfs2
[Documentation on labels]
Reported-by: syzbot+2d6d9df993967dde8297@syzkaller.appspotmail.com
First crash: 82d, last: 3d01h
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: KASAN: use-after-free Read in __ocfs2_flush_truncate_log (log)
Repro: C syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [ocfs2?] kernel BUG in _ocfs2_free_suballoc_bits 0 (3) 2024/09/19 00:04
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 kernel BUG in _ocfs2_free_suballoc_bits origin:upstream C 4 9d23h 24d 0/3 upstream: reported C repro on 2024/10/28 02:52

Sample crash report:
------------[ cut here ]------------
kernel BUG at fs/ocfs2/suballoc.c:2543!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 954 Comm: kworker/u8:5 Not tainted 6.12.0-rc2-syzkaller-00305-g7234e2ea0edd #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: ocfs2_wq ocfs2_truncate_log_worker
RIP: 0010:_ocfs2_free_suballoc_bits+0x11aa/0x14a0 fs/ocfs2/suballoc.c:2543
Code: e1 80 e1 07 80 c1 03 38 c1 0f 8c 92 fb ff ff 4c 89 e7 e8 19 4a 68 fe e9 85 fb ff ff e8 3f bc 01 fe 90 0f 0b e8 37 bc 01 fe 90 <0f> 0b f3 0f 1e fa 65 8b 1d b5 ac 70 7c bf 07 00 00 00 89 de e8 5d
RSP: 0018:ffffc90003a9f640 EFLAGS: 00010293
RAX: ffffffff83932ac9 RBX: 0000000000000e00 RCX: ffff888025d78000
RDX: 0000000000000000 RSI: 0000000000000e00 RDI: 00000000000083ef
RBP: ffffc90003a9f7e8 R08: ffffffff83931a8c R09: 0000000000007fcf
R10: dffffc0000000000 R11: fffffbfff20378de R12: 00000000000083ef
R13: dffffc0000000000 R14: ffff8880bffb6e00 R15: 0000000000000e00
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055555941c788 CR3: 0000000031f8e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 _ocfs2_free_clusters+0x5ff/0xad0 fs/ocfs2/suballoc.c:2646
 ocfs2_replay_truncate_records fs/ocfs2/alloc.c:5971 [inline]
 __ocfs2_flush_truncate_log+0x760/0x1250 fs/ocfs2/alloc.c:6054
 ocfs2_flush_truncate_log fs/ocfs2/alloc.c:6076 [inline]
 ocfs2_truncate_log_worker+0xa2/0x1b0 fs/ocfs2/alloc.c:6089
 process_one_work kernel/workqueue.c:3229 [inline]
 process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310
 worker_thread+0x870/0xd30 kernel/workqueue.c:3391
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:_ocfs2_free_suballoc_bits+0x11aa/0x14a0 fs/ocfs2/suballoc.c:2543
Code: e1 80 e1 07 80 c1 03 38 c1 0f 8c 92 fb ff ff 4c 89 e7 e8 19 4a 68 fe e9 85 fb ff ff e8 3f bc 01 fe 90 0f 0b e8 37 bc 01 fe 90 <0f> 0b f3 0f 1e fa 65 8b 1d b5 ac 70 7c bf 07 00 00 00 89 de e8 5d
RSP: 0018:ffffc90003a9f640 EFLAGS: 00010293
RAX: ffffffff83932ac9 RBX: 0000000000000e00 RCX: ffff888025d78000
RDX: 0000000000000000 RSI: 0000000000000e00 RDI: 00000000000083ef
RBP: ffffc90003a9f7e8 R08: ffffffff83931a8c R09: 0000000000007fcf
R10: dffffc0000000000 R11: fffffbfff20378de R12: 00000000000083ef
R13: dffffc0000000000 R14: ffff8880bffb6e00 R15: 0000000000000e00
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055ed82464078 CR3: 0000000031664000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (41):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/13 06:52 upstream 7234e2ea0edd 084d8178 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/04 02:59 upstream 7ec462100ef9 d7906eff .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/26 09:11 upstream c71f8fb4dc91 65e8686b .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/10/06 20:50 upstream 8f602276d390 d7906eff .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/30 18:54 upstream 9852d85ec9d4 179f4029 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/24 20:09 upstream abf2050f51fd 5643e0e9 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/23 01:51 upstream af9c191ac2a0 6f888b75 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/19 00:03 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 5f5673607153 c673ca06 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/11/11 15:08 upstream 2d5404caa8c7 0c4b1325 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/11 01:21 upstream 1d227fcc7222 cd942402 .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/10/02 01:50 upstream e32cde8d2bd7 ea2b66a6 .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/09 18:21 upstream da3ea35007d0 8f722c94 .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] [mounted in repro #3] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/10/24 12:10 upstream c2ee9f594da8 0d144d1a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/23 16:35 upstream c2ee9f594da8 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/23 16:34 upstream c2ee9f594da8 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/23 16:30 upstream c2ee9f594da8 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/10/23 16:30 upstream c2ee9f594da8 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in _ocfs2_free_suballoc_bits
2024/11/18 05:09 upstream f66d6acccbc0 cfe3a04a .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/11/08 03:11 upstream 906bd684e4b1 179b040e .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/11/07 22:15 upstream ff7afaeca1a1 867e44df .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/10/27 05:54 upstream 850925a8133c 65e8686b .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/29 19:30 upstream e7ed34365879 ba29ff75 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/29 11:22 upstream 3efc57369a0c ba29ff75 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/28 16:47 upstream ad46e8f95e93 ba29ff75 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/28 14:31 upstream ad46e8f95e93 ba29ff75 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/27 22:47 upstream e477dba5442c 2b1784d6 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/26 15:24 upstream 11a299a7933e 9314348a .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/22 17:53 upstream 88264981f208 6f888b75 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/19 16:18 upstream 932d2d1fcb2b 6f888b75 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/08 03:58 upstream d1f2d51b711a 9750182a .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/09/05 20:25 upstream c763c4339688 36ae3a26 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/08/31 08:51 upstream fb24560f31f9 1eda0d14 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/08/30 10:18 upstream 3b9dfd9e5936 ee2602b8 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in _ocfs2_free_suballoc_bits
2024/11/17 14:19 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 887407160d72 cfe3a04a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/11/15 19:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 887407160d72 f6ede3a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/11/10 22:39 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 563047e691f2 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/11/10 03:28 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 563047e691f2 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/11/08 19:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci eb17c12d043d 179b040e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/11/02 03:43 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 1bf329c696cf f00eed24 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/10/02 01:13 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 5f5673607153 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
2024/09/18 22:50 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 5f5673607153 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in _ocfs2_free_suballoc_bits
* Struck through repros no longer work on HEAD.