syzbot

 sign-in | mailing list | source | docs
🐞 Open [948] 🐞 Fixed [4019] 🐞 Invalid [8930] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

WARNING in udf_truncate_extents

Status: upstream: reported syz repro on 2020/10/12 13:20
Reported-by: syzbot+43fc5ba6dcb33e3261ca@syzkaller.appspotmail.com
First crash: 716d, last: 94d

Cause bisection: introduced by (bisect log) :
commit 2004bfdef945fe55196db6b9cdf321fbc75bb0de
Author: Bart Van Assche <bvanassche@acm.org>
Date: Tue Mar 10 04:26:21 2020 +0000

  null_blk: Fix the null_add_dev() error path

Crash: WARNING in udf_truncate_extents (log)
Repro: syz .config

Fix bisection: failed (bisect log)
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 WARNING in udf_truncate_extents C error 4 11h50m 211d 0/1 upstream: reported C repro on 2022/03/01 11:21
linux-4.19 WARNING in udf_truncate_extents C error 18 24d 370d 0/1 upstream: reported C repro on 2021/09/23 06:31

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4005 at fs/udf/truncate.c:226 udf_truncate_extents+0x844/0x930 fs/udf/truncate.c:226
Modules linked in:
CPU: 2 PID: 4005 Comm: syz-executor.0 Not tainted 5.19.0-rc3-syzkaller-00279-g8c23f235a6a8 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
RIP: 0010:udf_truncate_extents+0x844/0x930 fs/udf/truncate.c:226
Code: 84 d2 74 05 e8 8d 43 ee fe 8b 44 24 20 be 07 00 00 00 48 89 df 89 83 cc fe ff ff e8 46 8b 09 ff e9 a5 fd ff ff e8 4c 1f a2 fe <0f> 0b e9 1f fe ff ff e8 40 1f a2 fe 0f 0b 48 8b 7c 24 18 e8 f4 42
RSP: 0018:ffffc9000408f7e8 EFLAGS: 00010293

RAX: 0000000000000000 RBX: ffff88804ff79418 RCX: 0000000000000000
RDX: ffff88801e67e0c0 RSI: ffffffff82d77884 RDI: 0000000000000007
RBP: ffffc9000408f8d0 R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000400 R11: 0000000000000001 R12: ffffc9000408f890
R13: 0000000000000400 R14: 00000000000000ff R15: ffff88802b71c000
FS:  00007fa93bf0d700(0000) GS:ffff88802c900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa465da0000 CR3: 000000004b800000 CR4: 0000000000150ee0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 udf_write_failed.isra.0+0x173/0x1c0 fs/udf/inode.c:179
 udf_write_begin+0x7f/0xa0 fs/udf/inode.c:214
 generic_perform_write+0x244/0x560 mm/filemap.c:3779
 __generic_file_write_iter+0x2aa/0x4d0 mm/filemap.c:3907
 udf_file_write_iter+0x2cc/0x530 fs/udf/file.c:170
 call_write_iter include/linux/fs.h:2058 [inline]
 do_iter_readv_writev+0x3d1/0x640 fs/read_write.c:742
 do_iter_write+0x182/0x700 fs/read_write.c:868
 vfs_writev+0x1aa/0x630 fs/read_write.c:941
 do_pwritev fs/read_write.c:1038 [inline]
 __do_sys_pwritev fs/read_write.c:1085 [inline]
 __se_sys_pwritev fs/read_write.c:1080 [inline]
 __x64_sys_pwritev+0x22b/0x310 fs/read_write.c:1080
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fa93ae89109
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa93bf0d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 00007fa93af9bf60 RCX: 00007fa93ae89109
RDX: 0000000000000001 RSI: 00000000200014c0 RDI: 0000000000000003
RBP: 00007fa93aee305d R08: 0000000000000020 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffdffd1795f R14: 00007fa93bf0d300 R15: 0000000000022000
 </TASK>

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-qemu-upstream 2022/06/25 20:06 upstream 8c23f235a6a8 a371c43c .config log report syz WARNING in udf_truncate_extents
ci-upstream-kasan-gce-smack-root 2020/10/11 21:25 upstream da690031a5d6 4a77ae0b .config log report syz
* Struck through repros no longer work on HEAD.