syzbot


kernel BUG in ext4_ext_insert_extent (2)

Status: upstream: reported syz repro on 2025/04/11 16:16
Subsystems: ext4
[Documentation on labels]
Reported-by: syzbot+ad86dcdffd6785f56e03@syzkaller.appspotmail.com
First crash: 88d, last: 6d07h
Cause bisection: introduced by (bisect log) :
commit 665575cff098b696995ddaddf4646a4099941f5e
Author: Dave Hansen <dave.hansen@linux.intel.com>
Date: Fri Feb 28 20:37:22 2025 +0000

  filemap: move prefaulting out of hot write path

Crash: kernel BUG in ext4_ext_insert_extent (log)
Repro: syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [ext4?] kernel BUG in ext4_ext_insert_extent (2) 0 (3) 2025/06/29 05:10
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-54 kernel BUG in ext4_ext_insert_extent 1 1257d 1257d 0/2 auto-closed as invalid on 2022/05/24 20:39
upstream kernel BUG in ext4_ext_insert_extent ext4 1 1583d 1579d 0/29 auto-closed as invalid on 2021/06/02 20:11

Sample crash report:
loop1: detected capacity change from 0 to 1024
EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 305:freeing already freed block (bit 19); block bitmap corrupt.
------------[ cut here ]------------
kernel BUG at fs/ext4/extents.c:2153!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 6179 Comm: syz.1.20 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:ext4_ext_insert_extent+0x4ab7/0x4af0 fs/ext4/extents.c:2153
Code: 89 d9 80 e1 07 fe c1 38 c1 0f 8c a6 e7 ff ff 48 89 df e8 2c 8b b6 ff e9 99 e7 ff ff e8 62 0d 53 ff 90 0f 0b e8 5a 0d 53 ff 90 <0f> 0b e8 52 0d 53 ff 90 0f 0b 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c
RSP: 0018:ffffc900030a6c60 EFLAGS: 00010293
RAX: ffffffff826d4f26 RBX: 0000000000000021 RCX: ffff8880303b8000
RDX: 0000000000000000 RSI: 0000000000000021 RDI: 0000000000000021
RBP: ffffc900030a6e10 R08: ffff88805c9de747 R09: 1ffff1100b93bce8
R10: dffffc0000000000 R11: ffffed100b93bce9 R12: 0000000000000021
R13: dffffc0000000000 R14: ffff88807052843c R15: ffff8880283fd500
FS:  00007f52973d66c0(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000003000 CR3: 0000000079ac8000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 ext4_ext_map_blocks+0x1792/0x6ac0 fs/ext4/extents.c:4404
 ext4_map_create_blocks fs/ext4/inode.c:609 [inline]
 ext4_map_blocks+0x931/0x18d0 fs/ext4/inode.c:813
 _ext4_get_block+0x200/0x4c0 fs/ext4/inode.c:892
 ext4_get_block_unwritten+0x2e/0x100 fs/ext4/inode.c:925
 ext4_block_write_begin+0x6f8/0x14b0 fs/ext4/inode.c:1178
 ext4_write_begin+0xa4f/0x1680 fs/ext4/ext4_jbd2.h:-1
 ext4_da_write_begin+0x449/0xd20 fs/ext4/inode.c:3057
 generic_perform_write+0x2c7/0x910 mm/filemap.c:4112
 ext4_buffered_write_iter+0xce/0x3a0 fs/ext4/file.c:299
 ext4_file_write_iter+0x298/0x1bc0 fs/ext4/file.c:-1
 do_iter_readv_writev+0x56e/0x7f0 fs/read_write.c:-1
 vfs_writev+0x31a/0x960 fs/read_write.c:1057
 do_pwritev fs/read_write.c:1153 [inline]
 __do_sys_pwritev2 fs/read_write.c:1211 [inline]
 __se_sys_pwritev2+0x179/0x290 fs/read_write.c:1202
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f529658e929
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f52973d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
RAX: ffffffffffffffda RBX: 00007f52967b5fa0 RCX: 00007f529658e929
RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
RBP: 00007f5296610b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000005412 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f52967b5fa0 R15: 00007fff31395898
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:ext4_ext_insert_extent+0x4ab7/0x4af0 fs/ext4/extents.c:2153
Code: 89 d9 80 e1 07 fe c1 38 c1 0f 8c a6 e7 ff ff 48 89 df e8 2c 8b b6 ff e9 99 e7 ff ff e8 62 0d 53 ff 90 0f 0b e8 5a 0d 53 ff 90 <0f> 0b e8 52 0d 53 ff 90 0f 0b 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c
RSP: 0018:ffffc900030a6c60 EFLAGS: 00010293
RAX: ffffffff826d4f26 RBX: 0000000000000021 RCX: ffff8880303b8000
RDX: 0000000000000000 RSI: 0000000000000021 RDI: 0000000000000021
RBP: ffffc900030a6e10 R08: ffff88805c9de747 R09: 1ffff1100b93bce8
R10: dffffc0000000000 R11: ffffed100b93bce9 R12: 0000000000000021
R13: dffffc0000000000 R14: ffff88807052843c R15: ffff8880283fd500
FS:  00007f52973d66c0(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055610a901950 CR3: 0000000079ac8000 CR4: 0000000000350ef0

Crashes (23):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/22 20:04 upstream 739a6c93cc75 d6cdfb8a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 19:34 upstream 739a6c93cc75 d6cdfb8a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 18:31 upstream 739a6c93cc75 d6cdfb8a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 17:37 upstream 739a6c93cc75 d6cdfb8a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 16:05 upstream 739a6c93cc75 d6cdfb8a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/29 05:29 upstream dfba48a70cb6 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in ext4_ext_insert_extent
2025/06/22 17:25 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 17:01 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 17:00 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 16:53 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 16:33 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 16:19 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 16:13 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 15:20 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 15:18 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 15:08 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 15:02 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 14:51 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 14:46 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 14:37 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 14:33 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/06/22 14:18 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in ext4_ext_insert_extent
2025/04/07 16:06 upstream 0af2f6be1b42 a2ada0e7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root kernel BUG in ext4_ext_insert_extent
* Struck through repros no longer work on HEAD.