syzbot

 sign-in | mailing list | source | docs
🐞 Open [124]
🐞 Fixed [23]
🐞 Invalid [245]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in ext4_mb_load_buddy_gfp (2)

Status: upstream: reported C repro on 2023/05/06 10:12
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+5da507c37b1f940af8ba@syzkaller.appspotmail.com
First crash: 602d, last: 517d
Cause bisection: failed (error log, bisect log)
  
Fix bisection: fixed by (bisect log) :
commit 620a3c28221bb219b81bc0bffd065cc187494302
Author: Theodore Ts'o <tytso@mit.edu>
Date: Sat Apr 29 04:06:28 2023 +0000

  ext4: allow ext4_get_group_info() to fail

  
Bug presence (5)
Date Name Commit Repro Result
2023/06/20 android13-5.15-lts (ToT) 36f4f6fb72d5 C [report] kernel BUG in ext4_mb_load_buddy_gfp
2023/05/06 lts (merge base) d86dfc4d95cd C [report] kernel BUG in ext4_mb_load_buddy_gfp
2023/08/04 lts (merge base) 26a0ba5d1654 C Didn't crash
2023/05/06 upstream (ToT) fc4354c6e5c2 C [report] kernel BUG in ext4_mb_load_buddy_gfp
2023/06/20 upstream (ToT) e660abd551f1 C Didn't crash
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 kernel BUG in ext4_free_blocks 3 1074d 1106d 0/2 auto-closed as invalid on 2022/03/13 09:34
android-6-1 kernel BUG in ext4_mb_load_buddy_gfp C error done 42 397d 554d 0/2 auto-obsoleted due to no activity on 2023/12/29 16:31
linux-4.14 kernel BUG in ext4_mb_load_buddy_gfp ext4 C 6 628d 1301d 0/1 upstream: reported C repro on 2021/04/29 16:39
android-5-10 kernel BUG in ext4_free_blocks (2) ext4 C error 25 569d 871d 2/2 fixed on 2023/05/04 14:51
linux-4.19 kernel BUG at fs/ext4/ext4.h:LINE! ext4 C error 13 648d 1467d 0/1 upstream: reported C repro on 2020/11/15 12:08
android-5-15 kernel BUG in ext4_mb_load_buddy_gfp ext4 C error 9 608d 725d 2/2 fixed on 2023/03/28 12:29
android-5-10 kernel BUG in ext4_mb_load_buddy_gfp C error error 28 81d 566d 0/2 upstream: reported C repro on 2023/05/04 23:52
android-54 kernel BUG at fs/ext4/ext4.h:LINE! ext4 C 438 12d 1505d 0/2 upstream: reported C repro on 2020/10/08 13:59
Last patch testing requests (9)
Created Duration User Patch Repo Result
2024/09/28 18:25 11m retest repro android13-5.15-lts report log
2024/07/20 17:57 21m retest repro android13-5.15-lts report log
2024/05/11 02:06 20m retest repro android13-5.15-lts report log
2024/03/02 01:13 10m retest repro android13-5.15-lts report log
2023/12/23 00:52 16m retest repro android13-5.15-lts report log
2023/10/14 00:21 12m retest repro android13-5.15-lts report log
2023/08/24 16:01 31m retest repro android13-5.15-lts OK log
2023/08/24 16:01 1h01m retest repro android13-5.15-lts OK log
2023/06/29 10:41 21m tudor.ambarus@linaro.org android13-5.15-lts OK log

Sample crash report:
------------[ cut here ]------------
kernel BUG at fs/ext4/ext4.h:3355!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 309 Comm: syz-executor315 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
RIP: 0010:ext4_get_group_info fs/ext4/ext4.h:3355 [inline]
RIP: 0010:ext4_mb_load_buddy_gfp+0xee5/0xf00 fs/ext4/mballoc.c:1498
Code: 11 0f c8 ff e9 0d f4 ff ff e8 87 c7 86 ff 48 c7 c7 80 81 a9 86 4c 89 fe 4c 89 f2 e8 05 93 9a 00 e9 87 f2 ff ff e8 6b c7 86 ff <0f> 0b e8 64 c7 86 ff 0f 0b e8 5d c7 86 ff 0f 0b 66 2e 0f 1f 84 00
RSP: 0000:ffffc90000a474a0 EFLAGS: 00010293
RAX: ffffffff81e92455 RBX: 00000000fffff01a RCX: ffff888117b113c0
RDX: 0000000000000000 RSI: 00000000fffff01a RDI: 0000000000000001
RBP: ffffc90000a47530 R08: ffffffff81e91684 R09: ffffed102125a952
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11021510279
R13: ffff88810a8813c8 R14: 0000000000000001 R15: ffff88810a0c4000
FS:  00007fdef4ec5700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000561755727188 CR3: 000000011fbc8000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 ext4_discard_preallocations+0x79c/0xef0 fs/ext4/mballoc.c:5033
 ext4_release_file+0x16e/0x310 fs/ext4/file.c:151
 __fput+0x3fe/0x910 fs/file_table.c:280
 ____fput+0x15/0x20 fs/file_table.c:308
 task_work_run+0x129/0x190 kernel/task_work.c:164
 ptrace_notify+0x29e/0x350 kernel/signal.c:2383
 ptrace_event include/linux/ptrace.h:152 [inline]
 do_exit+0x2123/0x2b60 kernel/exit.c:815
 do_group_exit+0x141/0x310 kernel/exit.c:997
 get_signal+0x7a3/0x1630 kernel/signal.c:2891
 arch_do_signal_or_restart+0xbd/0x1680 arch/x86/kernel/signal.c:865
 handle_signal_work kernel/entry/common.c:148 [inline]
 exit_to_user_mode_loop+0xa0/0xe0 kernel/entry/common.c:172
 exit_to_user_mode_prepare+0x5a/0xa0 kernel/entry/common.c:208
 irqentry_exit_to_user_mode+0x9/0x20 kernel/entry/common.c:314
 irqentry_exit+0x12/0x40 kernel/entry/common.c:405
 exc_page_fault+0x47a/0x830 arch/x86/mm/fault.c:1608
 asm_exc_page_fault+0x27/0x30 arch/x86/include/asm/idtentry.h:568
RIP: 0033:0x0
Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
RSP: 002b:0000000020000473 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdef4f24bf9
RDX: 00007fdef4f24bf9 RSI: 0000000000000058 RDI: 00007fdef4ec5110
RBP: 00007fdef4fa4780 R08: 0000000000000000 R09: 00000000c0000000
R10: 00007fdef4ec5110 R11: 0000000000000246 R12: 00007fdef4fa478c
R13: 00007ffcae3418af R14: 00007fdef4ec5300 R15: 0000000000022000
 </TASK>
Modules linked in:
---[ end trace bbdb54182f523b9c ]---
RIP: 0010:ext4_get_group_info fs/ext4/ext4.h:3355 [inline]
RIP: 0010:ext4_mb_load_buddy_gfp+0xee5/0xf00 fs/ext4/mballoc.c:1498
Code: 11 0f c8 ff e9 0d f4 ff ff e8 87 c7 86 ff 48 c7 c7 80 81 a9 86 4c 89 fe 4c 89 f2 e8 05 93 9a 00 e9 87 f2 ff ff e8 6b c7 86 ff <0f> 0b e8 64 c7 86 ff 0f 0b e8 5d c7 86 ff 0f 0b 66 2e 0f 1f 84 00
RSP: 0000:ffffc90000a474a0 EFLAGS: 00010293
RAX: ffffffff81e92455 RBX: 00000000fffff01a RCX: ffff888117b113c0
RDX: 0000000000000000 RSI: 00000000fffff01a RDI: 0000000000000001
RBP: ffffc90000a47530 R08: ffffffff81e91684 R09: ffffed102125a952
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11021510279
R13: ffff88810a8813c8 R14: 0000000000000001 R15: ffff88810a0c4000
FS:  00007fdef4ec5700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005601546a30f8 CR3: 000000011fbc8000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (24):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/05/06 10:02 android13-5.15-lts 19c0ed55a470 de870ca5 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/17 17:14 android13-5.15-lts 19c0ed55a470 eaac4681 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/17 04:58 android13-5.15-lts 19c0ed55a470 11c89444 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/17 04:25 android13-5.15-lts 19c0ed55a470 11c89444 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/03/30 09:25 android13-5.15-lts 7364b7abbafb f325deb0 .config strace log report syz [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/22 14:47 android13-5.15-lts 565c3abfa129 79782afc .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/22 08:23 android13-5.15-lts 2df021e7ff83 79782afc .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/21 04:28 android13-5.15-lts 36f4f6fb72d5 79782afc .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/20 21:57 android13-5.15-lts 36f4f6fb72d5 79782afc .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/20 01:16 android13-5.15-lts 36f4f6fb72d5 09ffe269 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/19 03:08 android13-5.15-lts 36f4f6fb72d5 f3921d4d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/06 18:43 android13-5.15-lts 19c0ed55a470 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/06/03 21:01 android13-5.15-lts 19c0ed55a470 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/29 05:28 android13-5.15-lts 19c0ed55a470 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/25 18:51 android13-5.15-lts 19c0ed55a470 0513b3e6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/24 08:12 android13-5.15-lts 19c0ed55a470 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/20 06:58 android13-5.15-lts 19c0ed55a470 96689200 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/19 20:25 android13-5.15-lts 19c0ed55a470 96689200 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/19 16:50 android13-5.15-lts 19c0ed55a470 96689200 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/18 15:17 android13-5.15-lts 19c0ed55a470 3bb7af1d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/18 13:35 android13-5.15-lts 19c0ed55a470 3bb7af1d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/05/06 09:32 android13-5.15-lts 19c0ed55a470 de870ca5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/04/09 10:12 android13-5.15-lts 7364b7abbafb 71147e29 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
2023/03/30 08:33 android13-5.15-lts 7364b7abbafb f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in ext4_mb_load_buddy_gfp
* Struck through repros no longer work on HEAD.