kernel BUG in gfs2_trans_add

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
5bb06817-125a-43cc-994c-17577d718ec6	assessment-security		💥	kernel BUG in gfs2_trans_add_revoke	2026/05/14 08:23	2026/05/14 08:23	2026/05/14 08:26	6ccb967e465e832a7bfd7a116ad00d52a0923a5d	failed to run ["make" "KERNELVERSION=syzkaller" "KERNELRELEASE=syzkaller" "LOCALVERSION=-syzkaller" "-j" "32" "ARCH=x86_64" "CC=ccache clang" "LD=ld.lld" "O=/app/workdir/cache/build/7661d19dbd01b528418e2781df71c4f9bf1e3b94" "-s" "bzImage" "compile_commands.json"]: exit status 2 /app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/lib/maple_tree.c:3514:20: warning: stack frame size (2424) exceeds limit (2048) in 'mas_wr_store_entry' [-Wframe-larger-than] 3514 \| static inline void mas_wr_store_entry(struct ma_wr_state wr_mas) \| ^ 1 warning generated. /app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/security/apparmor/apparmorfs.c:177:28: warning: unused function 'get_loaddata_common_ref' [-Wunused-function] 177 \| static struct aa_loaddata get_loaddata_common_ref(struct aa_common_ref ref) \| ^~~~~~~~~~~~~~~~~~~~~~~ 1 warning generated. /app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/sound/usb/mixer_s1810c.c:634:5: warning: stack frame size (2360) exceeds limit (2048) in 'snd_sc1810_init_mixer' [-Wframe-larger-than] 634 \| int snd_sc1810_init_mixer(struct usb_mixer_interface mixer) \| ^ 1 warning generated. /app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/security/apparmor/policy_unpack.c:1727:5: warning: stack frame size (2872) exceeds limit (2048) in 'aa_unpack' [-Wframe-larger-than] 1727 \| int aa_unpack(struct aa_loaddata udata, struct list_head lh, \| ^ 1 warning generated. /app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/net/ethtool/cmis_fw_update.c:432:1: warning: stack frame size (2392) exceeds limit (2048) in 'ethtool_cmis_fw_update' [-Wframe-larger-than] 432 \| ethtool_cmis_fw_update(struct ethtool_cmis_fw_update_params *fw_update) \| ^ 1 warning generated. /app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/lib/crypto/curve25519-hacl64.c:757:6: warning: stack frame size (2936) exceeds limit (2048) in 'curve25519_generic' [-Wframe-larger-than] 757 \| void curve25519_generic(u8 mypublic[CURVE25519_KEY_SIZE], \| ^ 1 warning generated. fatal error: error in backend: IO failure on output stream: No space left on device PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script. Stack dump: 0. Program arguments: /usr/bin/clang --target=x86_64-linux-gnu -fintegrated-as -Werror=unknown-warning-option -Werror=ignored-optimization-argument -Werror=option-ignored -Werror=unused-command-line-argument -fmacro-prefix-map=/app/workdir/cache/src/fdb7cb6bb7b27f7e6d7ef669765813dd83c15406/= -fshort-wchar -funsigned-char -fno-common -fno-PIE -fno-strict-aliasing -std=gnu11 -fms-extensions -Wno-gnu -Wno-microsoft-anon-tag -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -mno-sse4a -fcf-protection=branch -fno-jump-tables -m64 -falign-loops=1 -mno-80387 -mno-fp-ret-in-387 -mstack-alignment=8 -mskip-rax-setup -march=x86-64 -mtune=generic -mno-red-zone -mcmodel=kernel -mstack-protector-guard-reg=gs -mstack-protector-guard-symbol=__ref_stack_chk_guard -Wno-sign-compare -fno-asynchronous-unwind-tables -mretpoline-external-thunk -mindirect-branch-cs-prefix -mfunction-return=thunk-extern -fpatchable-function-entry=16,16 -fno-delete-null-pointer-checks -O2 -fstack-protector-strong -fomit-frame-pointer -ftrivial-auto-var-init=zero -fno-stack-clash-protection -falign-functions=16 -fstrict-flex-arrays=3 -fno-strict-overflow -fno-stack-check -fno-builtin-wcslen -Wall -Wextra -Wundef -Werror=implicit-function-declaration -Werror=implicit-int -Werror=return-type -Werror=strict-prototypes -Wno-format-security -Wno-trigraphs -Wno-frame-address -Wno-address-of-packed-member -Wmissing-declarations -Wmissing-prototypes -Wframe-larger-than=2048 -Wno-format-overflow-non-kprintf -Wno-format-truncation-non-kprintf -Wno-default-const-init-unsafe -Wno-type-limits -Wno-pointer-sign -Wcast-function-type -Wno-unterminated-string-initialization -Wimplicit-fallthrough -Werror=date-time -Wer

Title	Replies (including bot)	Last reply
[PATCH] gfs2: fix kernel BUG in __gfs2_ail_flush during withdraw	1 (1)	2026/04/02 07:35
[syzbot] [gfs2?] kernel BUG in gfs2_trans_add_revoke	0 (1)	2026/03/26 16:58

Title

Replies (including bot)

Last reply

[PATCH] gfs2: fix kernel BUG in __gfs2_ail_flush during withdraw

1 (1)

2026/04/02 07:35

[syzbot] [gfs2?] kernel BUG in gfs2_trans_add_revoke

0 (1)

2026/03/26 16:58

------------[ cut here ]------------ kernel BUG at fs/gfs2/trans.c:324! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 1 UID: 0 PID: 10029 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 RIP: 0010:gfs2_trans_add_revoke+0xd1/0xe0 fs/gfs2/trans.c:324 Code: 41 5c 41 5d 41 5e 41 5f e9 57 ce e7 fc cc 89 d9 80 e1 07 80 c1 03 38 c1 7c e3 48 89 df e8 67 8f 08 fe eb d9 e8 c0 51 9d fd 90 <0f> 0b 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 RSP: 0018:ffffc9000ffc7998 EFLAGS: 00010293 RAX: ffffffff842872d0 RBX: ffff88808fe5e820 RCX: ffff88807d168000 RDX: 0000000000000000 RSI: ffff88808f9e6070 RDI: ffff88809d098000 RBP: ffff88804e299078 R08: ffffffff9030ccf7 R09: 1ffffffff206199e R10: dffffc0000000000 R11: fffffbfff206199f R12: ffff88808f9e6088 R13: dffffc0000000000 R14: ffff88808f9e6070 R15: ffff88809d098000 FS: 00005555632e6500(0000) GS:ffff888125389000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc927422000 CR3: 000000003c00b000 CR4: 0000000000350ef0 Call Trace: <TASK> __gfs2_ail_flush+0x12c/0x220 fs/gfs2/glops.c:78 gfs2_ail_flush+0xbd/0x100 fs/gfs2/glops.c:152 evict_linked_inode fs/gfs2/super.c:1415 [inline] gfs2_evict_inode+0x7a2/0x1430 fs/gfs2/super.c:1481 evict+0x61e/0xb10 fs/inode.c:841 gfs2_evict_inodes fs/gfs2/ops_fstype.c:1760 [inline] gfs2_kill_sb+0x2bb/0x430 fs/gfs2/ops_fstype.c:1786 deactivate_locked_super+0xbc/0x130 fs/super.c:476 cleanup_mnt+0x437/0x4d0 fs/namespace.c:1312 task_work_run+0x1d9/0x270 kernel/task_work.c:233 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] __exit_to_user_mode_loop kernel/entry/common.c:67 [inline] exit_to_user_mode_loop+0xf3/0x4d0 kernel/entry/common.c:98 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline] syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:230 [inline] syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline] do_syscall_64+0x33e/0xf80 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f95e399e097 Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 RSP: 002b:00007fff35f51788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 00007f95e3a321ca RCX: 00007f95e399e097 RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff35f51840 RBP: 00007fff35f51840 R08: 00007fff35f52840 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff35f528d0 R13: 00007f95e3a321ca R14: 00000000001863d1 R15: 00007fff35f52910 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:gfs2_trans_add_revoke+0xd1/0xe0 fs/gfs2/trans.c:324 Code: 41 5c 41 5d 41 5e 41 5f e9 57 ce e7 fc cc 89 d9 80 e1 07 80 c1 03 38 c1 7c e3 48 89 df e8 67 8f 08 fe eb d9 e8 c0 51 9d fd 90 <0f> 0b 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 RSP: 0018:ffffc9000ffc7998 EFLAGS: 00010293 RAX: ffffffff842872d0 RBX: ffff88808fe5e820 RCX: ffff88807d168000 RDX: 0000000000000000 RSI: ffff88808f9e6070 RDI: ffff88809d098000 RBP: ffff88804e299078 R08: ffffffff9030ccf7 R09: 1ffffffff206199e R10: dffffc0000000000 R11: fffffbfff206199f R12: ffff88808f9e6088 R13: dffffc0000000000 R14: ffff88808f9e6070 R15: ffff88809d098000 FS: 00005555632e6500(0000) GS:ffff888125389000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc927422000 CR3: 000000003c00b000 CR4: 0000000000350ef0

Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/05/19 21:08	upstream	ab5fce87a778	223544dc	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/05/15 17:55	upstream	70eda68668d1	9cd3beaa	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-badwrites-root	kernel BUG in gfs2_trans_add_revoke
2026/05/14 18:20	upstream	e1914add2799	6ccb967e	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/05/14 07:24	upstream	e1914add2799	6ccb967e	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/05/14 07:20	upstream	e1914add2799	6ccb967e	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/05/11 06:27	upstream	aa54b1d27fe0	29233ece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-badwrites-root	kernel BUG in gfs2_trans_add_revoke
2026/05/10 09:21	upstream	1bfaee9d3351	29233ece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/05/09 17:42	upstream	70390501d194	29233ece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-badwrites-root	kernel BUG in gfs2_trans_add_revoke
2026/04/25 14:53	linux-next	7080e32d3f09	9c2d0995	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/04/07 16:14	linux-next	cc13002a9f98	628666c6	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/03/27 19:18	linux-next	e77a5a5cfe43	74a13a23	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/03/22 17:10	linux-next	785f0eb2f85d	5b92003d	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke
2026/03/22 16:56	linux-next	785f0eb2f85d	5b92003d	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	kernel BUG in gfs2_trans_add_revoke