kernel BUG in clear_state

Title	Replies (including bot)	Last reply
[syzbot] kernel BUG in clear_state_bit	0 (2)	2022/11/25 17:49

Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc2bea32f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d RAX: ffffffffffffffda RBX: 00007ffc2bea3368 RCX: 00007fd75af16a99 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 RBP: 00007ffc2bea3300 R08: 0000000000000002 R09: 0000000000003131 R10: 0000000000280404 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffc2bea3440 R14: 431bde82d7b634db R15: 00007ffc2bea3340 </TASK> ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent-io-tree.c:515! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 4995 Comm: syz-executor103 Not tainted 6.3.0-syzkaller-12423-g865fdb08197e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 RIP: 0010:clear_state_bit+0x328/0x330 fs/btrfs/extent-io-tree.c:515 Code: 34 fe e9 9a fd ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c c7 fe ff ff 4c 89 ef e8 92 d9 34 fe e9 ba fe ff ff e8 88 0e dd fd <0f> 0b 66 0f 1f 44 00 00 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 RSP: 0018:ffffc900039df5d0 EFLAGS: 00010293 RAX: ffffffff83ae80e8 RBX: 00000000fffffff4 RCX: ffff88801f3c0000 RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffffffff83ae7f13 R09: fffffbfff1a039bb R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888076f54f00 R13: ffffc900039df7d8 R14: 0000000000000800 R15: dffffc0000000000 FS: 00005555570d03c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fff30026008 CR3: 00000000230ca000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> __clear_extent_bit+0x523/0xb20 fs/btrfs/extent-io-tree.c:674 clear_record_extent_bits+0x52/0x90 fs/btrfs/extent-io-tree.c:1703 __btrfs_qgroup_release_data+0x4a4/0xa60 fs/btrfs/qgroup.c:3910 insert_prealloc_file_extent fs/btrfs/inode.c:9476 [inline] __btrfs_prealloc_file_range+0x59b/0x1450 fs/btrfs/inode.c:9573 btrfs_prealloc_file_range+0x40/0x50 fs/btrfs/inode.c:9652 btrfs_fallocate+0x19db/0x1fa0 fs/btrfs/file.c:3177 vfs_fallocate+0x54b/0x6b0 fs/open.c:324 ksys_fallocate fs/open.c:347 [inline] __do_sys_fallocate fs/open.c:355 [inline] __se_sys_fallocate fs/open.c:353 [inline] __x64_sys_fallocate+0xbd/0x100 fs/open.c:353 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fd75af16a99 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc2bea32f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d RAX: ffffffffffffffda RBX: 00007ffc2bea3368 RCX: 00007fd75af16a99 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 RBP: 00007ffc2bea3300 R08: 0000000000000002 R09: 0000000000003131 R10: 0000000000280404 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffc2bea3440 R14: 431bde82d7b634db R15: 00007ffc2bea3340 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:clear_state_bit+0x328/0x330 fs/btrfs/extent-io-tree.c:515 Code: 34 fe e9 9a fd ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c c7 fe ff ff 4c 89 ef e8 92 d9 34 fe e9 ba fe ff ff e8 88 0e dd fd <0f> 0b 66 0f 1f 44 00 00 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 RSP: 0018:ffffc900039df5d0 EFLAGS: 00010293 RAX: ffffffff83ae80e8 RBX: 00000000fffffff4 RCX: ffff88801f3c0000 RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffffffff83ae7f13 R09: fffffbfff1a039bb R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888076f54f00 R13: ffffc900039df7d8 R14: 0000000000000800 R15: dffffc0000000000 FS: 00005555570d03c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fff30026008 CR3: 00000000230ca000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 28 00 sub %al,(%rax) 2: 00 00 add %al,(%rax) 4: 75 05 jne 0xb 6: 48 83 c4 28 add $0x28,%rsp a: c3 retq b: e8 d1 17 00 00 callq 0x17e1 10: 90 nop 11: 48 89 f8 mov %rdi,%rax 14: 48 89 f7 mov %rsi,%rdi 17: 48 89 d6 mov %rdx,%rsi 1a: 48 89 ca mov %rcx,%rdx 1d: 4d 89 c2 mov %r8,%r10 20: 4d 89 c8 mov %r9,%r8 23: 4c 8b 4c 24 08 mov 0x8(%rsp),%r9 28: 0f 05 syscall * 2a: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction 30: 73 01 jae 0x33 32: c3 retq 33: 48 c7 c1 c0 ff ff ff mov $0xffffffffffffffc0,%rcx 3a: f7 d8 neg %eax 3c: 64 89 01 mov %eax,%fs:(%rcx) 3f: 48 rex.W

Crashes (33):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets	Manager	Title
2023/05/03 00:27	upstream	865fdb08197e	48e0a81d	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-smack-root	kernel BUG in clear_state_bit
2023/03/31 04:17	upstream	8bb95a1662f8	f325deb0	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-smack-root	kernel BUG in clear_state_bit
2023/03/19 12:07	upstream	a3671bd86a97	7939252e	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-smack-root	kernel BUG in clear_state_bit
2022/12/25 05:22	upstream	72a85e2b0a1e	9da18ae8	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-root	kernel BUG in clear_state_bit
2022/12/20 22:36	upstream	6feb57c2fd7c	d3e76707	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-root	kernel BUG in clear_state_bit
2022/12/10 15:04	upstream	3ecc37918c80	67be1ae7	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-root	kernel BUG in clear_state_bit
2022/12/02 19:34	upstream	a4412fdd49dc	e080de16	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-upstream-fs	kernel BUG in clear_state_bit
2022/12/01 05:53	upstream	04aa64375f48	4c2a66e8	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-kasan-gce-root	kernel BUG in clear_state_bit
2022/11/30 21:40	upstream	01f856ae6d0c	4c2a66e8	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-upstream-fs	kernel BUG in clear_state_bit
2022/11/25 08:39	upstream	c3eb11fbb826	74a66371	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/01/21 09:39	linux-next	d514392f17fd	559a440a	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in clear_state_bit
2023/01/16 23:48	linux-next	c12e2e5b76b2	a63719e7	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in clear_state_bit
2023/01/07 08:41	linux-next	cc3c08b41a9c	1dac8c7a	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in clear_state_bit
2022/11/30 12:12	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	cdb931b58ff5	4c2a66e8	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2022/11/26 08:34	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	6d464646530f	74a66371	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2023/06/01 06:39	upstream	929ed21dfdb6	babc4389	.config	console log	report			info	[disk image (non-bootable)] [vmlinux] [kernel image]	ci-qemu-upstream	kernel BUG in clear_state_bit
2023/05/29 10:20	upstream	7877cb91f108	cf184559	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/04/28 07:52	upstream	91ec4b0d11fe	70a605de	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/04/22 22:34	upstream	2caeeb9d4a1b	2b32bd34	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/04/09 08:32	upstream	a79d5c76f705	71147e29	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/04/09 07:40	upstream	a79d5c76f705	71147e29	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/02/28 02:46	upstream	982818426a0f	95aee97a	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/01/02 13:34	upstream	88603b6dc419	ab32d508	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2022/11/25 08:16	upstream	c3eb11fbb826	74a66371	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	kernel BUG in clear_state_bit
2023/04/09 07:15	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	9a03cbd79d3a	71147e29	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2023/03/20 13:43	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	fe15c26ee26e	7939252e	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2023/02/15 07:58	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	2d3827b3f393	1d6b4af7	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2023/02/06 05:56	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	ca72d58361ee	be607b78	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2023/01/30 18:14	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	c62c88e05937	9dfcf09c	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2023/01/30 01:11	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	c62c88e05937	9dfcf09c	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2022/12/15 08:07	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	a5541c0811a0	b18f0a64	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2022/12/01 20:37	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	cdb931b58ff5	e080de16	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit
2022/11/30 03:08	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	cdb931b58ff5	05dc7993	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	kernel BUG in clear_state_bit

Crashes (33):

2023/05/03 00:27

upstream