* WARNING in ext4_da_update_reserve_space
@ 2020-04-02 11:02 syzbot
2020-04-02 14:06 ` Murilo Opsfelder Araújo
2020-04-04 18:37 ` Theodore Y. Ts'o
0 siblings, 2 replies; 5+ messages in thread
From: syzbot @ 2020-04-02 11:02 UTC (permalink / raw)
To: a, adilger.kernel, b.a.t.m.a.n, benh, davem, linux-ext4,
linux-kernel, linuxppc-dev, mareklindner, mpe, muriloo, netdev,
paulus, sw, syzkaller-bugs, tytso
Hello,
syzbot found the following crash on:
HEAD commit: 1a147b74 Merge branch 'DSA-mtu'
git tree: net-next
console output: https://syzkaller.appspot.com/x/log.txt?x=14237713e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=46ee14d4915944bc
dashboard link: https://syzkaller.appspot.com/bug?extid=67e4f16db666b1c8253c
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12237713e00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10ec7c97e00000
The bug was bisected to:
commit 658b0f92bc7003bc734471f61bf7cd56339eb8c3
Author: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
Date: Wed Aug 1 21:33:15 2018 +0000
powerpc/traps: Print unhandled signals in a separate function
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15979f5be00000
final crash: https://syzkaller.appspot.com/x/report.txt?x=17979f5be00000
console output: https://syzkaller.appspot.com/x/log.txt?x=13979f5be00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+67e4f16db666b1c8253c@syzkaller.appspotmail.com
Fixes: 658b0f92bc70 ("powerpc/traps: Print unhandled signals in a separate function")
EXT4-fs warning (device sda1): ext4_da_update_reserve_space:344: ext4_da_update_reserve_space: ino 15722, used 1 with only 0 reserved data blocks
------------[ cut here ]------------
WARNING: CPU: 1 PID: 359 at fs/ext4/inode.c:348 ext4_da_update_reserve_space+0x622/0x7d0 fs/ext4/inode.c:344
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 359 Comm: kworker/u4:5 Not tainted 5.6.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: writeback wb_workfn (flush-8:0)
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x188/0x20d lib/dump_stack.c:118
panic+0x2e3/0x75c kernel/panic.c:221
__warn.cold+0x2f/0x35 kernel/panic.c:582
report_bug+0x27b/0x2f0 lib/bug.c:195
fixup_bug arch/x86/kernel/traps.c:174 [inline]
fixup_bug arch/x86/kernel/traps.c:169 [inline]
do_error_trap+0x12b/0x220 arch/x86/kernel/traps.c:267
do_invalid_op+0x32/0x40 arch/x86/kernel/traps.c:286
invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:ext4_da_update_reserve_space+0x622/0x7d0 fs/ext4/inode.c:348
Code: 02 00 0f 85 94 01 00 00 48 8b 7d 28 49 c7 c0 20 72 3c 88 41 56 48 c7 c1 80 60 3c 88 53 ba 58 01 00 00 4c 89 c6 e8 1e 6d 0d 00 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 0f b6 04
RSP: 0018:ffffc90002197288 EFLAGS: 00010296
RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff820bf066 RDI: fffff52000432e21
RBP: ffff888086b744c8 R08: 0000000000000091 R09: ffffed1015ce6659
R10: ffffed1015ce6658 R11: ffff8880ae7332c7 R12: 0000000000000001
R13: ffff888086b74990 R14: 0000000000000000 R15: ffff888086b74a40
ext4_ext_map_blocks+0x24aa/0x37d0 fs/ext4/extents.c:4500
ext4_map_blocks+0x4cb/0x1650 fs/ext4/inode.c:622
mpage_map_one_extent fs/ext4/inode.c:2365 [inline]
mpage_map_and_submit_extent fs/ext4/inode.c:2418 [inline]
ext4_writepages+0x19eb/0x3080 fs/ext4/inode.c:2772
do_writepages+0xfa/0x2a0 mm/page-writeback.c:2344
__writeback_single_inode+0x12a/0x1410 fs/fs-writeback.c:1452
writeback_sb_inodes+0x515/0xdd0 fs/fs-writeback.c:1716
wb_writeback+0x2a5/0xd90 fs/fs-writeback.c:1892
wb_do_writeback fs/fs-writeback.c:2037 [inline]
wb_workfn+0x339/0x11c0 fs/fs-writeback.c:2078
process_one_work+0x94b/0x1690 kernel/workqueue.c:2266
worker_thread+0x96/0xe20 kernel/workqueue.c:2412
kthread+0x357/0x430 kernel/kthread.c:255
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING in ext4_da_update_reserve_space
2020-04-02 11:02 WARNING in ext4_da_update_reserve_space syzbot
@ 2020-04-02 14:06 ` Murilo Opsfelder Araújo
2020-04-02 14:31 ` Dmitry Vyukov
2020-04-04 18:37 ` Theodore Y. Ts'o
1 sibling, 1 reply; 5+ messages in thread
From: Murilo Opsfelder Araújo @ 2020-04-02 14:06 UTC (permalink / raw)
To: syzbot
Cc: a, adilger.kernel, b.a.t.m.a.n, benh, davem, linux-ext4,
linux-kernel, linuxppc-dev, mareklindner, mpe, netdev, paulus,
sw, syzkaller-bugs, tytso
On Thursday, April 2, 2020 8:02:11 AM -03 syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 1a147b74 Merge branch 'DSA-mtu'
> git tree: net-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=14237713e00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=46ee14d4915944bc
> dashboard link: https://syzkaller.appspot.com/bug?extid=67e4f16db666b1c8253c
> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12237713e00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10ec7c97e00000
>
> The bug was bisected to:
>
> commit 658b0f92bc7003bc734471f61bf7cd56339eb8c3
> Author: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
> Date: Wed Aug 1 21:33:15 2018 +0000
>
> powerpc/traps: Print unhandled signals in a separate function
This commit is specific to powerpc and the crash is from an x86_64 system.
There is a bunch of scp errors in the logs:
scp: ./syz-executor998635077: No space left on device
Is it possible that these errors might be misleading the syzbot?
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15979f5be00000
> final crash: https://syzkaller.appspot.com/x/report.txt?x=17979f5be00000
> console output: https://syzkaller.appspot.com/x/log.txt?x=13979f5be00000
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+67e4f16db666b1c8253c@syzkaller.appspotmail.com
> Fixes: 658b0f92bc70 ("powerpc/traps: Print unhandled signals in a separate
> function")
>
> EXT4-fs warning (device sda1): ext4_da_update_reserve_space:344:
> ext4_da_update_reserve_space: ino 15722, used 1 with only 0 reserved data
> blocks ------------[ cut here ]------------
> WARNING: CPU: 1 PID: 359 at fs/ext4/inode.c:348
> ext4_da_update_reserve_space+0x622/0x7d0 fs/ext4/inode.c:344 Kernel panic -
> not syncing: panic_on_warn set ...
> CPU: 1 PID: 359 Comm: kworker/u4:5 Not tainted 5.6.0-rc7-syzkaller #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011 Workqueue: writeback wb_workfn (flush-8:0)
> Call Trace:
> __dump_stack lib/dump_stack.c:77 [inline]
> dump_stack+0x188/0x20d lib/dump_stack.c:118
> panic+0x2e3/0x75c kernel/panic.c:221
> __warn.cold+0x2f/0x35 kernel/panic.c:582
> report_bug+0x27b/0x2f0 lib/bug.c:195
> fixup_bug arch/x86/kernel/traps.c:174 [inline]
> fixup_bug arch/x86/kernel/traps.c:169 [inline]
> do_error_trap+0x12b/0x220 arch/x86/kernel/traps.c:267
> do_invalid_op+0x32/0x40 arch/x86/kernel/traps.c:286
> invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
> RIP: 0010:ext4_da_update_reserve_space+0x622/0x7d0 fs/ext4/inode.c:348
> Code: 02 00 0f 85 94 01 00 00 48 8b 7d 28 49 c7 c0 20 72 3c 88 41 56 48 c7
> c1 80 60 3c 88 53 ba 58 01 00 00 4c 89 c6 e8 1e 6d 0d 00 <0f> 0b 48 b8 00
> 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 0f b6 04 RSP:
> 0018:ffffc90002197288 EFLAGS: 00010296
> RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
> RDX: 0000000000000000 RSI: ffffffff820bf066 RDI: fffff52000432e21
> RBP: ffff888086b744c8 R08: 0000000000000091 R09: ffffed1015ce6659
> R10: ffffed1015ce6658 R11: ffff8880ae7332c7 R12: 0000000000000001
> R13: ffff888086b74990 R14: 0000000000000000 R15: ffff888086b74a40
> ext4_ext_map_blocks+0x24aa/0x37d0 fs/ext4/extents.c:4500
> ext4_map_blocks+0x4cb/0x1650 fs/ext4/inode.c:622
> mpage_map_one_extent fs/ext4/inode.c:2365 [inline]
> mpage_map_and_submit_extent fs/ext4/inode.c:2418 [inline]
> ext4_writepages+0x19eb/0x3080 fs/ext4/inode.c:2772
> do_writepages+0xfa/0x2a0 mm/page-writeback.c:2344
> __writeback_single_inode+0x12a/0x1410 fs/fs-writeback.c:1452
> writeback_sb_inodes+0x515/0xdd0 fs/fs-writeback.c:1716
> wb_writeback+0x2a5/0xd90 fs/fs-writeback.c:1892
> wb_do_writeback fs/fs-writeback.c:2037 [inline]
> wb_workfn+0x339/0x11c0 fs/fs-writeback.c:2078
> process_one_work+0x94b/0x1690 kernel/workqueue.c:2266
> worker_thread+0x96/0xe20 kernel/workqueue.c:2412
> kthread+0x357/0x430 kernel/kthread.c:255
> ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
> Kernel Offset: disabled
> Rebooting in 86400 seconds..
>
>
> ---
> This bug is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
>
> syzbot will keep track of this bug report. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> syzbot can test patches for this bug, for details see:
> https://goo.gl/tpsmEJ#testing-patches
--
Murilo
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING in ext4_da_update_reserve_space
2020-04-02 14:06 ` Murilo Opsfelder Araújo
@ 2020-04-02 14:31 ` Dmitry Vyukov
0 siblings, 0 replies; 5+ messages in thread
From: Dmitry Vyukov @ 2020-04-02 14:31 UTC (permalink / raw)
To: Murilo Opsfelder Araújo
Cc: syzbot, a, Andreas Dilger, b.a.t.m.a.n, Benjamin Herrenschmidt,
David Miller, linux-ext4, LKML, linuxppc-dev, mareklindner,
Michael Ellerman, netdev, Paul Mackerras, sw, syzkaller-bugs,
Theodore Ts'o
On Thu, Apr 2, 2020 at 4:06 PM Murilo Opsfelder Araújo
<muriloo@linux.ibm.com> wrote:
>
> On Thursday, April 2, 2020 8:02:11 AM -03 syzbot wrote:
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit: 1a147b74 Merge branch 'DSA-mtu'
> > git tree: net-next
> > console output: https://syzkaller.appspot.com/x/log.txt?x=14237713e00000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=46ee14d4915944bc
> > dashboard link: https://syzkaller.appspot.com/bug?extid=67e4f16db666b1c8253c
> > compiler: gcc (GCC) 9.0.0 20181231 (experimental)
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12237713e00000
> > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10ec7c97e00000
> >
> > The bug was bisected to:
> >
> > commit 658b0f92bc7003bc734471f61bf7cd56339eb8c3
> > Author: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
> > Date: Wed Aug 1 21:33:15 2018 +0000
> >
> > powerpc/traps: Print unhandled signals in a separate function
>
> This commit is specific to powerpc and the crash is from an x86_64 system.
>
> There is a bunch of scp errors in the logs:
>
> scp: ./syz-executor998635077: No space left on device
>
> Is it possible that these errors might be misleading the syzbot?
You may see how it reacted on them based on
# git bisect bad/good
lines. As far as I see these errors did not confuse it.
But this guy did:
run #0: crashed: general protection fault in batadv_iv_ogm_queue_add
> > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15979f5be00000
> > final crash: https://syzkaller.appspot.com/x/report.txt?x=17979f5be00000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=13979f5be00000
> >
> > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > Reported-by: syzbot+67e4f16db666b1c8253c@syzkaller.appspotmail.com
> > Fixes: 658b0f92bc70 ("powerpc/traps: Print unhandled signals in a separate
> > function")
> >
> > EXT4-fs warning (device sda1): ext4_da_update_reserve_space:344:
> > ext4_da_update_reserve_space: ino 15722, used 1 with only 0 reserved data
> > blocks ------------[ cut here ]------------
> > WARNING: CPU: 1 PID: 359 at fs/ext4/inode.c:348
> > ext4_da_update_reserve_space+0x622/0x7d0 fs/ext4/inode.c:344 Kernel panic -
> > not syncing: panic_on_warn set ...
> > CPU: 1 PID: 359 Comm: kworker/u4:5 Not tainted 5.6.0-rc7-syzkaller #0
> > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> > Google 01/01/2011 Workqueue: writeback wb_workfn (flush-8:0)
> > Call Trace:
> > __dump_stack lib/dump_stack.c:77 [inline]
> > dump_stack+0x188/0x20d lib/dump_stack.c:118
> > panic+0x2e3/0x75c kernel/panic.c:221
> > __warn.cold+0x2f/0x35 kernel/panic.c:582
> > report_bug+0x27b/0x2f0 lib/bug.c:195
> > fixup_bug arch/x86/kernel/traps.c:174 [inline]
> > fixup_bug arch/x86/kernel/traps.c:169 [inline]
> > do_error_trap+0x12b/0x220 arch/x86/kernel/traps.c:267
> > do_invalid_op+0x32/0x40 arch/x86/kernel/traps.c:286
> > invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
> > RIP: 0010:ext4_da_update_reserve_space+0x622/0x7d0 fs/ext4/inode.c:348
> > Code: 02 00 0f 85 94 01 00 00 48 8b 7d 28 49 c7 c0 20 72 3c 88 41 56 48 c7
> > c1 80 60 3c 88 53 ba 58 01 00 00 4c 89 c6 e8 1e 6d 0d 00 <0f> 0b 48 b8 00
> > 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 0f b6 04 RSP:
> > 0018:ffffc90002197288 EFLAGS: 00010296
> > RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
> > RDX: 0000000000000000 RSI: ffffffff820bf066 RDI: fffff52000432e21
> > RBP: ffff888086b744c8 R08: 0000000000000091 R09: ffffed1015ce6659
> > R10: ffffed1015ce6658 R11: ffff8880ae7332c7 R12: 0000000000000001
> > R13: ffff888086b74990 R14: 0000000000000000 R15: ffff888086b74a40
> > ext4_ext_map_blocks+0x24aa/0x37d0 fs/ext4/extents.c:4500
> > ext4_map_blocks+0x4cb/0x1650 fs/ext4/inode.c:622
> > mpage_map_one_extent fs/ext4/inode.c:2365 [inline]
> > mpage_map_and_submit_extent fs/ext4/inode.c:2418 [inline]
> > ext4_writepages+0x19eb/0x3080 fs/ext4/inode.c:2772
> > do_writepages+0xfa/0x2a0 mm/page-writeback.c:2344
> > __writeback_single_inode+0x12a/0x1410 fs/fs-writeback.c:1452
> > writeback_sb_inodes+0x515/0xdd0 fs/fs-writeback.c:1716
> > wb_writeback+0x2a5/0xd90 fs/fs-writeback.c:1892
> > wb_do_writeback fs/fs-writeback.c:2037 [inline]
> > wb_workfn+0x339/0x11c0 fs/fs-writeback.c:2078
> > process_one_work+0x94b/0x1690 kernel/workqueue.c:2266
> > worker_thread+0x96/0xe20 kernel/workqueue.c:2412
> > kthread+0x357/0x430 kernel/kthread.c:255
> > ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
> > Kernel Offset: disabled
> > Rebooting in 86400 seconds..
> >
> >
> > ---
> > This bug is generated by a bot. It may contain errors.
> > See https://goo.gl/tpsmEJ for more information about syzbot.
> > syzbot engineers can be reached at syzkaller@googlegroups.com.
> >
> > syzbot will keep track of this bug report. See:
> > https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> > syzbot can test patches for this bug, for details see:
> > https://goo.gl/tpsmEJ#testing-patches
>
> --
> Murilo
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/2094673.WoIe4zePQG%40kermit.br.ibm.com.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING in ext4_da_update_reserve_space
2020-04-02 11:02 WARNING in ext4_da_update_reserve_space syzbot
2020-04-02 14:06 ` Murilo Opsfelder Araújo
@ 2020-04-04 18:37 ` Theodore Y. Ts'o
2020-04-04 22:13 ` syzbot
1 sibling, 1 reply; 5+ messages in thread
From: Theodore Y. Ts'o @ 2020-04-04 18:37 UTC (permalink / raw)
To: syzbot
Cc: a, adilger.kernel, b.a.t.m.a.n, benh, davem, linux-ext4,
linux-kernel, linuxppc-dev, mareklindner, mpe, muriloo, netdev,
paulus, sw, syzkaller-bugs
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git dev
I'm curious why this is only showing up as failing on next-next.
Let's see if it fails on the ext4.git tree.
From the bisect logs syzbot is able to repro on all of v5.x and
v4.20.0. However, I'm not able to repro it using kvm with either
v5.6-rc4 or the tip of the ext4 git tree. So let's see what syzbot
can do with the tip of the dev tree.
- Ted
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING in ext4_da_update_reserve_space
2020-04-04 18:37 ` Theodore Y. Ts'o
@ 2020-04-04 22:13 ` syzbot
0 siblings, 0 replies; 5+ messages in thread
From: syzbot @ 2020-04-04 22:13 UTC (permalink / raw)
To: a, adilger.kernel, b.a.t.m.a.n, benh, davem, linux-ext4,
linux-kernel, linuxppc-dev, mareklindner, mpe, muriloo, netdev,
paulus, sw, syzkaller-bugs, tytso
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger crash:
Reported-and-tested-by: syzbot+67e4f16db666b1c8253c@syzkaller.appspotmail.com
Tested on:
commit: 54d3adbc ext4: save all error info in save_error_info() an..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git dev
kernel config: https://syzkaller.appspot.com/x/.config?x=4527d1e2fb19fd5c
dashboard link: https://syzkaller.appspot.com/bug?extid=67e4f16db666b1c8253c
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Note: testing is done by a robot and is best-effort only.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-04-04 22:13 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-02 11:02 WARNING in ext4_da_update_reserve_space syzbot
2020-04-02 14:06 ` Murilo Opsfelder Araújo
2020-04-02 14:31 ` Dmitry Vyukov
2020-04-04 18:37 ` Theodore Y. Ts'o
2020-04-04 22:13 ` syzbot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).