syzbot

 sign-in | mailing list | source | docs
🐞 Open [1500]
Subsystems
🐞 Fixed [6525]
🐞 Invalid [16609]
Missing Backports [205]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

kernel BUG in f2fs_write_end_io

Status: upstream: reported C repro on 2025/04/02 00:00
Subsystems: f2fs
[Documentation on labels]
Reported-by: syzbot+803dd716c4310d16ff3a@syzkaller.appspotmail.com
First crash: 146d, last: 21h26m
Cause bisection: the cause commit could be any of (bisect log):
  2aac2538a97d f2fs: do sanity check on xattr node footer in f2fs_get_xnode_page()
  1788971e0bfa f2fs: introduce FAULT_INCONSISTENT_FOOTER
  1cf6b5670af1 f2fs: do sanity check on inode footer in f2fs_get_inode_page()
  986c50f6bca1 f2fs: fix to avoid accessing uninitialized curseg
  c2ecba026586 f2fs: control nat_bits feature via mount option
  19426c4988aa Revert "f2fs: rebuild nat_bits during umount"
   
Discussions (4)
Title Replies (including bot) Last reply
[syzbot] [f2fs?] kernel BUG in f2fs_write_end_io 2 (6) 2025/08/11 12:10
[syzbot] Monthly f2fs report (Aug 2025) 0 (1) 2025/08/01 13:49
[syzbot] Monthly f2fs report (May 2025) 0 (1) 2025/06/03 11:11
[syzbot] Monthly f2fs report (Apr 2025) 0 (1) 2025/04/29 12:47
Last patch testing requests (3)
Created Duration User Patch Repo Result
2025/08/11 11:41 14m chao@kernel.org https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/common report log
2025/08/11 11:05 21m chao@kernel.org https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/common report log
2025/04/29 14:18 15m retest repro upstream report log

Sample crash report:
------------[ cut here ]------------
kernel BUG at fs/f2fs/data.c:358!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 1 UID: 0 PID: 79 Comm: kworker/u8:5 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bat_events batadv_nc_worker
RIP: 0010:f2fs_write_end_io+0x806/0x810 fs/f2fs/data.c:357
Code: 80 35 1a fe e9 95 fe ff ff 44 89 f9 80 e1 07 38 c1 0f 8c ea fe ff ff 4c 89 ff e8 f5 35 1a fe e9 dd fe ff ff e8 4b 4e ba fd 90 <0f> 0b 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90000a08c98 EFLAGS: 00010246
RAX: ffffffff8405d775 RBX: dffffc0000000000 RCX: ffff88801cf59e00
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 000000000000000b
RBP: ffff88802cb35a00 R08: ffffea0001e1c16f R09: 1ffffd40003c382d
R10: dffffc0000000000 R11: fffff940003c382e R12: 000000000000000b
R13: ffffea0001e1c140 R14: 0000000000000001 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f47489bd000 CR3: 0000000027f34000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 blk_update_request+0x5eb/0xe70 block/blk-mq.c:987
 blk_mq_end_request+0x3e/0x70 block/blk-mq.c:1149
 blk_complete_reqs block/blk-mq.c:1224 [inline]
 blk_done_softirq+0x107/0x160 block/blk-mq.c:1229
 handle_softirqs+0x283/0x870 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:696
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1050
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x175/0x360 kernel/locking/lockdep.c:5875
Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 6b 55 fe 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc9000237f980 EFLAGS: 00000206
RAX: 4e8787c037617300 RBX: 0000000000000000 RCX: 4e8787c037617300
RDX: 0000000000000000 RSI: ffffffff8db6fcc6 RDI: ffffffff8be1ba40
RBP: ffffffff8b345592 R08: 0000000000000000 R09: ffffffff8b345592
R10: dffffc0000000000 R11: ffffffff8b3454c0 R12: 0000000000000002
R13: ffffffff8e13f0e0 R14: 0000000000000000 R15: 0000000000000246
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 batadv_nc_purge_orig_hash net/batman-adv/network-coding.c:408 [inline]
 batadv_nc_worker+0xef/0x610 net/batman-adv/network-coding.c:719
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x70e/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:f2fs_write_end_io+0x806/0x810 fs/f2fs/data.c:357
Code: 80 35 1a fe e9 95 fe ff ff 44 89 f9 80 e1 07 38 c1 0f 8c ea fe ff ff 4c 89 ff e8 f5 35 1a fe e9 dd fe ff ff e8 4b 4e ba fd 90 <0f> 0b 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90000a08c98 EFLAGS: 00010246
RAX: ffffffff8405d775 RBX: dffffc0000000000 RCX: ffff88801cf59e00
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 000000000000000b
RBP: ffff88802cb35a00 R08: ffffea0001e1c16f R09: 1ffffd40003c382d
R10: dffffc0000000000 R11: fffff940003c382e R12: 000000000000000b
R13: ffffea0001e1c140 R14: 0000000000000001 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f47489bd000 CR3: 0000000027f34000 CR4: 00000000003526f0
----------------
Code disassembly (best guess):
   0:	00 00                	add    %al,(%rax)
   2:	00 00                	add    %al,(%rax)
   4:	9c                   	pushf
   5:	8f 44 24 30          	pop    0x30(%rsp)
   9:	f7 44 24 30 00 02 00 	testl  $0x200,0x30(%rsp)
  10:	00
  11:	0f 85 cd 00 00 00    	jne    0xe4
  17:	f7 44 24 08 00 02 00 	testl  $0x200,0x8(%rsp)
  1e:	00
  1f:	74 01                	je     0x22
  21:	fb                   	sti
  22:	65 48 8b 05 6b 55 fe 	mov    %gs:0x10fe556b(%rip),%rax        # 0x10fe5595
  29:	10
* 2a:	48 3b 44 24 58       	cmp    0x58(%rsp),%rax <-- trapping instruction
  2f:	0f 85 f2 00 00 00    	jne    0x127
  35:	48 83 c4 60          	add    $0x60,%rsp
  39:	5b                   	pop    %rbx
  3a:	41 5c                	pop    %r12
  3c:	41 5d                	pop    %r13
  3e:	41 5e                	pop    %r14

Crashes (53):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/07/28 21:00 upstream 038d61fd6422 6654ea9c .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (corrupt fs)] [mounted in repro #2 (corrupt fs)] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/04/15 14:13 upstream 834a4a689699 85125322 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-snapshot-upstream-root kernel BUG in f2fs_write_end_io
2025/08/21 14:02 upstream 068a56e56fa8 3e79b825 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/20 02:34 upstream b19a97d57c15 79512909 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/19 08:14 upstream be48bcf004f9 523f460e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/18 19:12 upstream c17b750b3ad9 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/18 16:44 upstream c17b750b3ad9 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/17 18:53 upstream 99bade344cfa 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/16 23:50 upstream 90d970cade8e 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/15 06:33 upstream 24ea63ea3877 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/12 08:45 upstream 53e760d89498 c06e8995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/10 04:27 upstream 561c80369df0 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/08 09:08 upstream bec077162bd0 6a893178 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/05 02:33 upstream d632ab86aff2 f5bcc8dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/03 06:08 upstream 186f3edfdd41 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/08/02 05:17 upstream 0905809b38bd 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/29 08:11 upstream ae388edd4a8f c4a95487 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/29 07:43 upstream ae388edd4a8f c4a95487 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/29 07:34 upstream ae388edd4a8f c4a95487 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/29 01:16 upstream 038d61fd6422 6654ea9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/29 01:15 upstream 038d61fd6422 6654ea9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/29 01:07 upstream 038d61fd6422 6654ea9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/28 19:23 upstream 038d61fd6422 6654ea9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/24 14:11 upstream 25fae0b93d1d 65d60d73 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/24 08:05 upstream 01a412d06bc5 0c1d6ded .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/23 19:18 upstream 01a412d06bc5 e1dd4f22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/21 21:17 upstream 89be9a83ccf1 56d87229 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/16 03:00 upstream 155a3c003e55 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/13 14:57 upstream 3f31a806a62e 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/11 04:16 upstream bc9ff192a6c9 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in f2fs_write_end_io
2025/07/10 17:20 upstream 8c2e52ebbe88 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/09 08:56 upstream 733923397fd9 f4e5e155 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/03 08:24 upstream b4911fb0b060 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/07/03 07:04 upstream b4911fb0b060 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/06/09 04:02 upstream 939f15e640f1 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/06/09 03:58 upstream 939f15e640f1 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/25 09:43 upstream d0c22de9995b ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/20 04:55 upstream a5806cd506af b84f0537 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/19 10:05 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/15 02:06 upstream c94d59a126cb d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/14 10:00 upstream 9f35e33144ae 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/14 05:10 upstream 9f35e33144ae 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/03/31 13:06 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/03/29 03:33 upstream 15cb9a2b66fc 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/03/28 20:13 upstream acb4f33713b9 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in f2fs_write_end_io
2025/05/20 06:23 upstream a5806cd506af b84f0537 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in f2fs_write_end_io
2025/04/15 13:26 upstream 834a4a689699 85125322 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in f2fs_write_end_io
2025/04/14 01:25 upstream 5aaaedb0cb54 0bd6db41 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in f2fs_write_end_io
2025/04/13 11:59 upstream 7cdabafc0012 0bd6db41 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in f2fs_write_end_io
2025/04/07 12:00 upstream 0af2f6be1b42 2f0c9720 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in f2fs_write_end_io
2025/07/16 09:57 linux-next 0be23810e32e c118d736 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root kernel BUG in f2fs_write_end_io
2025/07/03 17:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 25b50375179c 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in f2fs_write_end_io
2025/07/03 16:05 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 25b50375179c 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in f2fs_write_end_io
* Struck through repros no longer work on HEAD.