syzbot


BUG: spinlock bad magic in release_metapage

Status: upstream: reported C repro on 2024/09/15 11:43
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+588ebcf20255ad4c86ca@syzkaller.appspotmail.com
First crash: 154d, last: 8d15h
Bug presence (2)
Date Name Commit Repro Result
2024/12/30 upstream (ToT) fc033cf25e61 C [report] UBSAN: array-index-out-of-bounds in release_metapage
2025/02/14 upstream (ToT) 128c8f96eb86 C Failed due to an error; will retry later
Similar bugs (14)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream BUG: unable to handle kernel paging request in take_dentry_name_snapshot reiserfs overlayfs C error done 30 316d 808d 0/28 closed as dup on 2023/10/04 08:35
linux-6.1 BUG: spinlock bad magic in release_metapage origin:upstream C 30 13d 135d 0/3 upstream: reported C repro on 2024/10/04 04:01
upstream BUG: spinlock bad magic in release_metapage jfs C inconclusive 275 3d05h 159d 0/28 upstream: reported C repro on 2024/09/10 08:16
upstream BUG: spinlock bad magic in lock_sock_nested (2) bluetooth 1 1125d 1125d 0/28 auto-closed as invalid on 2022/04/18 01:34
upstream BUG: spinlock bad magic in lock_sock_nested bluetooth 26 1267d 1622d 0/28 auto-closed as invalid on 2021/12/27 15:41
upstream BUG: spinlock bad magic in btrfs_stop_all_workers btrfs 5 242d 242d 26/28 fixed on 2024/07/31 03:12
upstream BUG: spinlock bad magic in skb_queue_tail afs net 1 790d 786d 0/28 auto-obsoleted due to no activity on 2023/03/19 17:50
linux-5.15 KASAN: use-after-free Read in release_metapage (2) 3 25d 96d 0/3 upstream: reported on 2024/11/12 12:14
upstream KASAN: use-after-free Read in release_metapage jfs C error done 1168 9h04m 776d 0/28 upstream: reported C repro on 2023/01/02 10:00
linux-6.1 KASAN: use-after-free Read in release_metapage 1 515d 515d 0/3 auto-obsoleted due to no activity on 2023/12/29 12:55
linux-4.14 KASAN: use-after-free Read in release_metapage 1 830d 830d 0/1 auto-obsoleted due to no activity on 2023/03/09 00:53
linux-6.1 KASAN: use-after-free Read in release_metapage (2) 1 290d 290d 0/3 auto-obsoleted due to no activity on 2024/08/10 05:44
linux-5.15 KASAN: use-after-free Read in release_metapage 1 493d 493d 0/3 auto-obsoleted due to no activity on 2024/01/20 09:39
linux-6.1 KASAN: use-after-free Read in release_metapage (3) 1 96d 96d 0/3 upstream: reported on 2024/11/12 12:24
Last patch testing requests (7)
Created Duration User Patch Repo Result
2025/02/08 03:18 22m retest repro linux-5.15.y report log
2024/12/23 22:08 13m retest repro linux-5.15.y report log
2024/12/23 22:08 14m retest repro linux-5.15.y report log
2024/12/23 22:08 15m retest repro linux-5.15.y report log
2024/12/23 22:08 15m retest repro linux-5.15.y report log
2024/12/23 22:08 15m retest repro linux-5.15.y report log
2024/10/02 19:56 17m retest repro linux-5.15.y report log

Sample crash report:
BUG: spinlock bad magic on CPU#1, jfsCommit/277
 lock: 0xffff8880704989e8, .magic: ffffffff, .owner: òñ|c/0, .owner_cpu: 512
CPU: 1 PID: 277 Comm: jfsCommit Not tainted 5.15.175-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 debug_spin_lock_before kernel/locking/spinlock_debug.c:85 [inline]
 do_raw_spin_lock+0x200/0x370 kernel/locking/spinlock_debug.c:114
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]
 _raw_spin_lock_irqsave+0xdd/0x120 kernel/locking/spinlock.c:162
 __wake_up_common_lock kernel/sched/wait.c:137 [inline]
 __wake_up+0xf5/0x1c0 kernel/sched/wait.c:157
 unlock_metapage fs/jfs/jfs_metapage.c:37 [inline]
 release_metapage+0x155/0xe00 fs/jfs/jfs_metapage.c:737
 xtTruncate+0xff9/0x3260
 jfs_free_zero_link+0x46a/0x6e0 fs/jfs/namei.c:758
 jfs_evict_inode+0x35b/0x440 fs/jfs/inode.c:153
 evict+0x529/0x930 fs/inode.c:622
 txUpdateMap+0x825/0x9e0 fs/jfs/jfs_txnmgr.c:2401
 txLazyCommit fs/jfs/jfs_txnmgr.c:2698 [inline]
 jfs_lazycommit+0x470/0xc30 fs/jfs/jfs_txnmgr.c:2766
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>
================================================================================
UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:130:9
index 8887 is out of range for type 'unsigned long[8]'
CPU: 1 PID: 277 Comm: jfsCommit Not tainted 5.15.175-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_out_of_bounds+0x118/0x140 lib/ubsan.c:282
 decode_tail kernel/locking/qspinlock.c:130 [inline]
 __pv_queued_spin_lock_slowpath+0xb9d/0xc40 kernel/locking/qspinlock.c:468
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:585 [inline]
 queued_spin_lock_slowpath+0x42/0x50 arch/x86/include/asm/qspinlock.h:51
 queued_spin_lock include/asm-generic/qspinlock.h:85 [inline]
 do_raw_spin_lock+0x269/0x370 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]
 _raw_spin_lock_irqsave+0xdd/0x120 kernel/locking/spinlock.c:162
 __wake_up_common_lock kernel/sched/wait.c:137 [inline]
 __wake_up+0xf5/0x1c0 kernel/sched/wait.c:157
 unlock_metapage fs/jfs/jfs_metapage.c:37 [inline]
 release_metapage+0x155/0xe00 fs/jfs/jfs_metapage.c:737
 xtTruncate+0xff9/0x3260
 jfs_free_zero_link+0x46a/0x6e0 fs/jfs/namei.c:758
 jfs_evict_inode+0x35b/0x440 fs/jfs/inode.c:153
 evict+0x529/0x930 fs/inode.c:622
 txUpdateMap+0x825/0x9e0 fs/jfs/jfs_txnmgr.c:2401
 txLazyCommit fs/jfs/jfs_txnmgr.c:2698 [inline]
 jfs_lazycommit+0x470/0xc30 fs/jfs/jfs_txnmgr.c:2766
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>
================================================================================

Crashes (49):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/12/29 23:14 linux-5.15.y 91786f140358 d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/09/15 18:13 linux-5.15.y 3a5928702e71 08d8a733 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 17:15 linux-5.15.y 3a5928702e71 08d8a733 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 16:14 linux-5.15.y 3a5928702e71 08d8a733 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 14:22 linux-5.15.y 3a5928702e71 08d8a733 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 13:02 linux-5.15.y 3a5928702e71 08d8a733 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2025/01/12 18:38 linux-5.15.y 4735586da88e 6dbc6a9b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/12/29 21:52 linux-5.15.y 91786f140358 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 15:29 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 13:06 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:53 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:52 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:52 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:51 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:50 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:50 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:48 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:47 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:47 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:45 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:45 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:44 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:43 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:43 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/27 10:42 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/23 10:25 linux-5.15.y 74cdd62cb470 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/20 21:07 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2024/10/14 07:27 linux-5.15.y 3a5928702e71 084d8178 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: spinlock bad magic in release_metapage
2025/01/25 01:10 linux-5.15.y 003148680b79 1293872d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2025/01/23 14:48 linux-5.15.y 4735586da88e a44b0418 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2025/01/14 10:00 linux-5.15.y 4735586da88e b1f1cd88 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2025/01/11 18:45 linux-5.15.y 4735586da88e 6dbc6a9b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2025/01/07 12:08 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2025/01/05 15:16 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/12/08 14:15 linux-5.15.y 0a51d2d4527b 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/12/06 00:22 linux-5.15.y 0a51d2d4527b 29f61fce .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/12/06 00:22 linux-5.15.y 0a51d2d4527b 29f61fce .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/12/06 00:20 linux-5.15.y 0a51d2d4527b 29f61fce .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/12/06 00:20 linux-5.15.y 0a51d2d4527b 29f61fce .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/12/01 18:20 linux-5.15.y 0a51d2d4527b 68914665 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/11/30 19:08 linux-5.15.y 0a51d2d4527b 68914665 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/18 14:29 linux-5.15.y 3a5928702e71 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 17:15 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 17:14 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 17:13 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 17:12 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 11:59 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
2024/09/15 11:42 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: spinlock bad magic in release_metapage
* Struck through repros no longer work on HEAD.