syzbot

 sign-in | mailing list | source | docs
🐞 Open [834]
🐞 Fixed [137]
🐞 Invalid [947]
Missing Backports [79]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

WARNING in udf_free_blocks (2)

Status: upstream: reported C repro on 2025/06/22 21:08
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+77d2124cf51079cbfcad@syzkaller.appspotmail.com
First crash: 165d, last: 4d02h
Bug presence (1)
Date Name Commit Repro Result
2025/06/25 upstream (ToT) c4dce0c094a8 C [report] KASAN: use-after-free Read in udf_unlink
Similar bugs (5)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 WARNING in udf_free_blocks -1 1 333d 333d 0/3 auto-obsoleted due to no activity on 2025/04/15 10:15
linux-5.15 WARNING in udf_free_blocks -1 1 570d 570d 0/3 auto-obsoleted due to no activity on 2024/08/21 03:04
upstream WARNING in udf_free_blocks (2) udf -1 1 715d 714d 0/29 auto-obsoleted due to no activity on 2024/03/29 02:59
linux-5.15 WARNING in udf_free_blocks (2) origin:upstream -1 C 24 3d16h 326d 0/3 upstream: reported C repro on 2025/01/12 10:23
upstream WARNING in udf_free_blocks udf -1 6 845d 964d 0/29 auto-obsoleted due to no activity on 2023/11/20 09:23
Fix bisection attempts (4)
Created Duration User Patch Repo Result
2025/11/30 21:46 2h26m bisect fix linux-6.1.y OK (0) job log log
2025/10/30 22:34 2h33m bisect fix linux-6.1.y OK (0) job log log
2025/08/29 10:46 1h34m bisect fix linux-6.1.y OK (0) job log log
2025/07/26 02:56 2h51m bisect fix linux-6.1.y OK (0) job log log

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4365 at fs/udf/udfdecl.h:127 udf_updated_lvid fs/udf/udfdecl.h:125 [inline]
WARNING: CPU: 0 PID: 4365 at fs/udf/udfdecl.h:127 udf_add_free_space fs/udf/balloc.c:137 [inline]
WARNING: CPU: 0 PID: 4365 at fs/udf/udfdecl.h:127 udf_table_free_blocks fs/udf/balloc.c:397 [inline]
WARNING: CPU: 0 PID: 4365 at fs/udf/udfdecl.h:127 udf_free_blocks+0x13f8/0x16c0 fs/udf/balloc.c:686
Modules linked in:
CPU: 0 PID: 4365 Comm: syz-executor Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
RIP: 0010:udf_updated_lvid fs/udf/udfdecl.h:125 [inline]
RIP: 0010:udf_add_free_space fs/udf/balloc.c:137 [inline]
RIP: 0010:udf_table_free_blocks fs/udf/balloc.c:397 [inline]
RIP: 0010:udf_free_blocks+0x13f8/0x16c0 fs/udf/balloc.c:686
Code: ae aa 9e fe 48 8b 9c 24 70 01 00 00 48 85 db 74 0a e8 9c aa 9e fe e9 5b ff ff ff e8 92 aa 9e fe e9 60 ff ff ff e8 88 aa 9e fe <0f> 0b e9 42 f6 ff ff 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c cb ec ff
RSP: 0018:ffffc90002f97620 EFLAGS: 00010293
RAX: ffffffff82e22468 RBX: 1ffff920005f2f48 RCX: ffff88802c35bb80
RDX: 0000000000000000 RSI: 00000000588311a2 RDI: 0000000000000000
RBP: ffffc90002f97830 R08: dffffc0000000000 R09: fffffbfff1c3eebe
R10: fffffbfff1c3eebe R11: 1ffffffff1c3eebd R12: ffff888028104000
R13: dffffc0000000000 R14: 00000000588311a2 R15: ffff8880594da01f
FS:  0000555569d09500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff66be5c28 CR3: 000000007d65b000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 extent_trunc+0x357/0x440 fs/udf/truncate.c:56
 udf_truncate_extents+0x34a/0xe30 fs/udf/truncate.c:213
 udf_setsize+0xd7a/0x1090 fs/udf/inode.c:1174
 udf_evict_inode+0x74/0x3e0 fs/udf/inode.c:145
 evict+0x485/0x870 fs/inode.c:705
 do_unlinkat+0x377/0x560 fs/namei.c:4397
 __do_sys_unlink fs/namei.c:4438 [inline]
 __se_sys_unlink fs/namei.c:4436 [inline]
 __x64_sys_unlink+0x45/0x50 fs/namei.c:4436
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fb69a18e1d7
Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff66be63d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb69a18e1d7
RDX: 00007fff66be6400 RSI: 00007fff66be6490 RDI: 00007fff66be6490
RBP: 00007fff66be6490 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000100 R11: 0000000000000206 R12: 00007fff66be7580
R13: 00007fb69a211c2d R14: 0000000000014efa R15: 00007fff66be9740
 </TASK>

Crashes (10):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/09/21 21:59 linux-6.1.y 363a599da6d9 67c37560 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 13:54 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 12:32 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 12:25 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 12:16 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 10:39 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 09:54 linux-6.1.y 3db754f56897 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/06/22 21:07 linux-6.1.y 58485ff1a74f d6cdfb8a .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/16 09:13 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING in udf_free_blocks
2025/09/09 03:46 linux-6.1.y 28c695c365e1 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING in udf_free_blocks
* Struck through repros no longer work on HEAD.