syzbot


kernel BUG in mpage_map_one_extent

Status: premoderation: reported syz repro on 2023/02/22 08:37
Reported-by: syzbot+acbdb78fb405a660c871@syzkaller.appspotmail.com
First crash: 593d, last: 533d
Cause bisection: failed (error log, bisect log)
  
Fix bisection: failed (error log, bisect log)
  
Last patch testing requests (7)
Created Duration User Patch Repo Result
2024/08/28 21:21 9m retest repro android13-5.10-lts report log
2024/06/19 20:17 17m retest repro android13-5.10-lts report log
2024/04/08 08:50 10m retest repro android13-5.10-lts report log
2024/01/29 02:22 10m retest repro android13-5.10-lts report log
2023/11/19 21:57 18m retest repro android13-5.10-lts report log
2023/09/10 20:48 10m retest repro android13-5.10-lts report log
2023/07/02 19:53 17m retest repro android13-5.10-lts report log

Sample crash report:
EXT4-fs (loop2): This should not happen!! Data will be lost
------------[ cut here ]------------
kernel BUG at fs/ext4/inode.c:2453!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 177 Comm: kworker/u4:2 Not tainted 5.10.161-syzkaller-00019-g416c4356f372 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
Workqueue: writeback wb_workfn (flush-7:4)
RIP: 0010:mpage_map_one_extent+0x5df/0x680 fs/ext4/inode.c:2453
Code: f6 48 0f a3 05 62 7b c1 04 0f 92 c3 40 0f 92 c6 31 ff e8 b4 a3 8f ff 84 db 75 11 e8 9b a0 8f ff e9 74 fa ff ff e8 91 a0 8f ff <0f> 0b 65 ff 05 64 ec 24 7e 48 c7 c0 68 cf 9c 86 48 c1 e8 03 42 80
RSP: 0018:ffffc90000c77068 EFLAGS: 00010293
RAX: ffffffff81dd811f RBX: 0000000000000000 RCX: ffff88810dfb62c0
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90000c770b0 R08: ffffffff81dd7fa8 R09: ffffed1024651900
R10: ffffed1024651900 R11: 1ffff110246518ff R12: 0000000000000000
R13: ffffc90000c773b4 R14: 0000000000000000 R15: 1ffff9200018ee77
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa6198e2000 CR3: 00000001224f5000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 mpage_map_and_submit_extent fs/ext4/inode.c:2494 [inline]
 ext4_writepages+0x15e9/0x3710 fs/ext4/inode.c:2862
 do_writepages+0x13a/0x280 mm/page-writeback.c:2358
 __writeback_single_inode+0xb8/0x6e0 fs/fs-writeback.c:1467
 writeback_sb_inodes+0x999/0x1700 fs/fs-writeback.c:1730
 wb_writeback+0x42f/0xc20 fs/fs-writeback.c:1905
 wb_do_writeback+0x222/0xbd0 fs/fs-writeback.c:2050
 wb_workfn+0xf8/0x3f0 fs/fs-writeback.c:2091
 process_one_work+0x726/0xc10 kernel/workqueue.c:2296
 worker_thread+0xb27/0x1550 kernel/workqueue.c:2442
 kthread+0x349/0x3d0 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:299
Modules linked in:
---[ end trace 6685ef521e2c4aa4 ]---
RIP: 0010:mpage_map_one_extent+0x5df/0x680 fs/ext4/inode.c:2453
Code: f6 48 0f a3 05 62 7b c1 04 0f 92 c3 40 0f 92 c6 31 ff e8 b4 a3 8f ff 84 db 75 11 e8 9b a0 8f ff e9 74 fa ff ff e8 91 a0 8f ff <0f> 0b 65 ff 05 64 ec 24 7e 48 c7 c0 68 cf 9c 86 48 c1 e8 03 42 80
RSP: 0018:ffffc90000c77068 EFLAGS: 00010293
RAX: ffffffff81dd811f RBX: 0000000000000000 RCX: ffff88810dfb62c0
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90000c770b0 R08: ffffffff81dd7fa8 R09: ffffed1024651900
R10: ffffed1024651900 R11: 1ffff110246518ff R12: 0000000000000000
R13: ffffc90000c773b4 R14: 0000000000000000 R15: 1ffff9200018ee77
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc7b9031b40 CR3: 0000000116142000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (6):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/02/22 08:54 android12-5.10-lts 416c4356f372 42a4d508 .config console log report syz [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-android-5-10 kernel BUG in mpage_map_one_extent
2023/04/23 19:28 android12-5.10-lts 416c4356f372 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in mpage_map_one_extent
2023/04/06 02:20 android12-5.10-lts 416c4356f372 8b834965 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in mpage_map_one_extent
2023/04/01 05:18 android12-5.10-lts 416c4356f372 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in mpage_map_one_extent
2023/03/19 01:15 android12-5.10-lts 416c4356f372 7939252e .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in mpage_map_one_extent
2023/02/22 08:36 android12-5.10-lts 416c4356f372 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in mpage_map_one_extent
* Struck through repros no longer work on HEAD.