INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.30' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.086074] ------------[ cut here ]------------ [ 28.090967] kernel BUG at fs/ext4/extents.c:3190! [ 28.096091] invalid opcode: 0000 [#1] SMP KASAN [ 28.100738] Dumping ftrace buffer: [ 28.104247] (ftrace buffer empty) [ 28.107927] Modules linked in: [ 28.111095] CPU: 0 PID: 4422 Comm: syzkaller152353 Not tainted 4.16.0-rc7+ #9 [ 28.118334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.127669] RIP: 0010:ext4_split_extent_at+0x75d/0x1160 [ 28.133013] RSP: 0018:ffff8801c6b8e290 EFLAGS: 00010293 [ 28.138350] RAX: ffff8801acdc0080 RBX: ffff8801b425b018 RCX: ffffffff81e959ad [ 28.145592] RDX: 0000000000000000 RSI: ffff8801a79c11f0 RDI: ffff8801d96ce940 [ 28.152831] RBP: ffff8801c6b8e3f8 R08: 0000000000000010 R09: 0000000000000425 [ 28.160071] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d96ce930 [ 28.167312] R13: 0000000000003010 R14: 1ffff10038d71c5e R15: 0000000000000010 [ 28.174553] FS: 00000000014a2880(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000 [ 28.182757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.188607] CR2: 00007f8298ddf000 CR3: 00000001ad57f002 CR4: 00000000001606f0 [ 28.195850] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.203089] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.210330] Call Trace: [ 28.212899] ? ext4_ext_insert_extent+0x41d0/0x41d0 [ 28.217885] ? trace_hardirqs_off+0x10/0x10 [ 28.222179] ? ext4_ext_drop_refs+0xae/0xe0 [ 28.226469] ? ext4_find_extent+0x63c/0x930 [ 28.230761] ext4_split_extent.isra.36+0x2b6/0x490 [ 28.235660] ext4_ext_handle_unwritten_extents+0x1acd/0x3940 [ 28.241427] ? __find_get_block+0xd90/0xd90 [ 28.245718] ? vfs_fsync_range+0x110/0x260 [ 28.249919] ? ext4_file_write_iter+0x919/0x10c0 [ 28.254647] ? do_iter_readv_writev+0x55c/0x830 [ 28.259287] ? do_iter_write+0x154/0x540 [ 28.263316] ? vfs_iter_write+0x77/0xb0 [ 28.267264] ? get_reserved_cluster_alloc+0x660/0x660 [ 28.272425] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 28.277586] ? bh_uptodate_or_lock+0x3c/0x120 [ 28.282049] ? __read_extent_tree_block+0x44c/0x8c0 [ 28.287056] ? trace_hardirqs_off+0x10/0x10 [ 28.291346] ? __ext4_ext_check+0x1150/0x1150 [ 28.295811] ? rcu_read_lock_sched_held+0x108/0x120 [ 28.300799] ? __kmalloc+0x46e/0x760 [ 28.304479] ? lock_acquire+0x1d5/0x580 [ 28.308425] ? start_this_handle+0x465/0x1080 [ 28.312890] ? lock_acquire+0x1d5/0x580 [ 28.316833] ? start_this_handle+0x488/0x1080 [ 28.321298] ? __lock_is_held+0xb6/0x140 [ 28.325332] ext4_ext_map_blocks+0x12d1/0x4410 [ 28.329884] ? trace_hardirqs_off+0x10/0x10 [ 28.334178] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 28.339164] ? find_held_lock+0x35/0x1d0 [ 28.343197] ? trace_hardirqs_off+0x10/0x10 [ 28.347486] ? ext4_es_lookup_extent+0x3bf/0xce0 [ 28.352207] ? trace_hardirqs_off+0x10/0x10 [ 28.356496] ? lock_downgrade+0x980/0x980 [ 28.360612] ? lock_release+0xa40/0xa40 [ 28.364557] ? __lock_is_held+0xb6/0x140 [ 28.368589] ? lock_acquire+0x1d5/0x580 [ 28.372530] ? lock_acquire+0x1d5/0x580 [ 28.376472] ? ext4_map_blocks+0x377/0x1830 [ 28.380764] ? lock_release+0xa40/0xa40 [ 28.384706] ? check_same_owner+0x320/0x320 [ 28.388996] ? ext4_es_cache_extent+0x600/0x600 [ 28.393638] ? rcu_note_context_switch+0x710/0x710 [ 28.398538] ? __might_sleep+0x95/0x190 [ 28.402486] ? down_write+0x87/0x120 [ 28.406168] ? ext4_map_blocks+0x377/0x1830 [ 28.410458] ? down_read+0x150/0x150 [ 28.414142] ? trace_hardirqs_off+0x10/0x10 [ 28.418434] ext4_map_blocks+0xc90/0x1830 [ 28.422553] ? ext4_issue_zeroout+0x170/0x170 [ 28.427017] ? __lock_is_held+0xb6/0x140 [ 28.431052] ext4_writepages+0x2035/0x3c30 [ 28.435258] ? do_iter_write+0x154/0x540 [ 28.439298] ? ext4_mark_inode_dirty+0xa10/0xa10 [ 28.444023] ? lock_downgrade+0x980/0x980 [ 28.448142] ? trace_hardirqs_off+0x10/0x10 [ 28.452443] ? __lock_is_held+0xb6/0x140 [ 28.456473] ? jbd2_journal_stop+0x482/0x1490 [ 28.460939] ? jbd2_journal_stop+0x482/0x1490 [ 28.465404] ? find_held_lock+0x35/0x1d0 [ 28.469434] ? trace_hardirqs_off+0x10/0x10 [ 28.473731] ? lock_release+0xa40/0xa40 [ 28.477674] ? find_held_lock+0x35/0x1d0 [ 28.481707] ? trace_hardirqs_off+0x10/0x10 [ 28.486001] ? do_raw_spin_trylock+0x190/0x190 [ 28.490558] ? _raw_spin_unlock+0x22/0x30 [ 28.494673] ? wbc_attach_and_unlock_inode+0x1ad/0x8f0 [ 28.499921] ? __ext4_journal_stop+0x10e/0x1b0 [ 28.504473] ? ext4_mark_inode_dirty+0xa10/0xa10 [ 28.509201] do_writepages+0xff/0x170 [ 28.512970] ? do_writepages+0xff/0x170 [ 28.516914] __filemap_fdatawrite_range+0x32f/0x460 [ 28.521901] ? delete_from_page_cache_batch+0xdb0/0xdb0 [ 28.527234] ? trace_hardirqs_off+0x10/0x10 [ 28.531530] file_write_and_wait_range+0x8a/0x100 [ 28.536340] ext4_sync_file+0x4fb/0x1260 [ 28.540370] ? ext4_getfsmap+0xd20/0xd20 [ 28.544404] ? filemap_fdatawait_keep_errors+0xb0/0xb0 [ 28.549650] ? file_update_time+0xd3/0x5b0 [ 28.553870] ? current_time+0xc0/0xc0 [ 28.557640] ? clear_nlink+0xb0/0xb0 [ 28.561325] ? unwind_next_frame.part.6+0x1a6/0xb40 [ 28.566309] ? unwind_dump+0x4d0/0x4d0 [ 28.570168] ? up_write+0x6b/0x120 [ 28.573676] ? ext4_getfsmap+0xd20/0xd20 [ 28.577705] vfs_fsync_range+0x110/0x260 [ 28.581740] ext4_file_write_iter+0x919/0x10c0 [ 28.586292] ? unwind_get_return_address+0x61/0xa0 [ 28.591190] ? ext4_file_mmap+0x1f0/0x1f0 [ 28.595310] ? save_stack+0xa3/0xd0 [ 28.598907] ? save_stack+0x43/0xd0 [ 28.604548] ? kasan_kmalloc+0xad/0xe0 [ 28.608435] ? __kmalloc+0x162/0x760 [ 28.612148] ? iter_file_splice_write+0x247/0xf30 [ 28.616987] ? direct_splice_actor+0x125/0x180 [ 28.621565] ? splice_direct_to_actor+0x2c1/0x820 [ 28.626406] ? do_splice_direct+0x29b/0x3c0 [ 28.630725] ? do_sendfile+0x5c9/0xe80 [ 28.634606] ? SyS_sendfile64+0xbd/0x160 [ 28.638660] ? do_syscall_64+0x281/0x940 [ 28.642716] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.648077] ? save_stack+0x43/0xd0 [ 28.651673] ? __kasan_slab_free+0x11a/0x170 [ 28.656052] ? kasan_slab_free+0xe/0x10 [ 28.659996] ? kfree+0xd9/0x260 [ 28.663251] ? find_held_lock+0x35/0x1d0 [ 28.667286] ? print_irqtrace_events+0x270/0x270 [ 28.672016] do_iter_readv_writev+0x55c/0x830 [ 28.676480] ? vfs_dedupe_file_range+0x8f0/0x8f0 [ 28.681205] ? rw_verify_area+0xe5/0x2b0 [ 28.685236] do_iter_write+0x154/0x540 [ 28.689099] ? rcu_read_lock_sched_held+0x108/0x120 [ 28.694084] ? kfree+0xf3/0x260 [ 28.697333] vfs_iter_write+0x77/0xb0 [ 28.701110] iter_file_splice_write+0x7db/0xf30 [ 28.705750] ? page_cache_pipe_buf_steal+0x500/0x500 [ 28.710825] ? fsnotify_first_mark+0x2b0/0x2b0 [ 28.715378] ? pipe_read+0x7f0/0x7f0 [ 28.719065] ? rw_verify_area+0xe5/0x2b0 [ 28.723096] ? ext4_collapse_range+0x1000/0x1000 [ 28.727819] ? page_cache_pipe_buf_steal+0x500/0x500 [ 28.732889] direct_splice_actor+0x125/0x180 [ 28.737271] splice_direct_to_actor+0x2c1/0x820 [ 28.741907] ? generic_pipe_buf_nosteal+0x10/0x10 [ 28.746721] ? do_splice_to+0x160/0x160 [ 28.750664] ? security_file_permission+0x89/0x1e0 [ 28.755560] ? rw_verify_area+0xe5/0x2b0 [ 28.759589] do_splice_direct+0x29b/0x3c0 [ 28.763704] ? splice_direct_to_actor+0x820/0x820 [ 28.768518] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 28.773246] ? __sb_start_write+0x209/0x2a0 [ 28.777542] do_sendfile+0x5c9/0xe80 [ 28.781230] ? do_compat_pwritev64+0x100/0x100 [ 28.785779] ? __might_sleep+0x95/0x190 [ 28.789726] ? kasan_check_write+0x14/0x20 [ 28.793932] ? _copy_from_user+0x99/0x110 [ 28.798050] SyS_sendfile64+0xbd/0x160 [ 28.802407] ? SyS_sendfile+0x1a0/0x1a0 [ 28.806354] ? do_syscall_64+0xb7/0x940 [ 28.810299] ? SyS_sendfile+0x1a0/0x1a0 [ 28.814244] do_syscall_64+0x281/0x940 [ 28.818106] ? vmalloc_sync_all+0x30/0x30 [ 28.822224] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 28.827727] ? syscall_return_slowpath+0x550/0x550 [ 28.832623] ? syscall_return_slowpath+0x2ac/0x550 [ 28.837526] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 28.842862] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.847673] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.852834] RIP: 0033:0x440029 [ 28.855991] RSP: 002b:00007fff87fd7e68 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 28.863668] RAX: ffffffffffffffda RBX: 00000fffffeff000 RCX: 0000000000440029 [ 28.870906] RDX: 0000000020000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 28.878147] RBP: 00000000006cb018 R08: 00007fff87fd7e80 R09: 00007fff87fd7e80 [ 28.885384] R10: 0000000100000001 R11: 0000000000000217 R12: 0000000000401860 [ 28.892625] R13: 00000000004018f0 R14: 0000000000000000 R15: 0000000000000000 [ 28.899868] Code: fe ff ff 48 c7 c7 c0 9c 56 87 0f b7 43 08 4c 8d 04 40 49 c1 e0 04 49 01 d8 e8 a0 66 ff ff 41 89 c7 e9 f8 fd ff ff e8 93 0b 88 ff <0f> 0b e8 8c 0b 88 ff 48 8b 8d b8 fe ff ff 48 b8 00 00 00 00 00 [ 28.918944] RIP: ext4_split_extent_at+0x75d/0x1160 RSP: ffff8801c6b8e290 [ 28.926050] ---[ end trace d3416668281344cc ]--- [ 28.930797] Kernel panic - not syncing: Fatal exception [ 28.936520] Dumping ftrace buffer: [ 28.940030] (ftrace buffer empty) [ 28.943708] Kernel Offset: disabled [ 28.947308] Rebooting in 86400 seconds..