| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <68f9635d.a70a0220.3bf6c6.002b.GAE@google.com> Date: Wed, 22 Oct 2025 16:06:05 -0700 From: syzbot <syzbot+353de08f32ce69361b89@...kaller.appspotmail.com> To: agruenba@...hat.com, linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com Subject: Re: [syzbot] [gfs2?] kernel BUG in do_xmote Hello, syzbot has tested the proposed patch but the reproducer is still triggering an issue: kernel BUG in do_xmote gfs2: fsid=syz:syz.0: H: s:EX f:nW e:0 p:6520 [syz.0.22] alloc_dinode+0x16a/0x550 fs/gfs2/inode.c:414 gfs2: fsid=syz:syz.0: R: n:8336 f:80000000 b:952/952 i:7 q:936 r:0 e:7001 gfs2: fsid=syz:syz.0: B: n:9394 s:15443 f:936 ------------[ cut here ]------------ kernel BUG at fs/gfs2/glock.c:674! Oops: invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 1 UID: 0 PID: 56 Comm: kworker/1:1H Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 Workqueue: gfs2-glock/syz:syz glock_work_func RIP: 0010:do_xmote+0x706/0x750 fs/gfs2/glock.c:674 Code: 38 c1 0f 8c a9 fe ff ff 48 89 df e8 34 91 29 fe e9 9c fe ff ff e8 4a dc c3 fd 31 ff 48 89 de ba 01 00 00 00 e8 fb e8 fe ff 90 <0f> 0b e8 33 dc c3 fd 31 ff 48 89 de ba 01 00 00 00 e8 e4 e8 fe ff RSP: 0018:ffffc9000131f9a0 EFLAGS: 00010246 RAX: bef9e87af17bd500 RBX: ffff8880601ed5e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: 00000000ffffffff RBP: ffffffff8bb174e0 R08: ffff888075bc2bab R09: 1ffff1100eb78575 R10: dffffc0000000000 R11: ffffed100eb78576 R12: dffffc0000000000 R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000015 FS: 0000000000000000(0000) GS:ffff888125e0d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000200000663000 CR3: 00000000770dc000 CR4: 00000000003526f0 Call Trace: <TASK> glock_work_func+0x2a8/0x580 fs/gfs2/glock.c:1002 process_one_work kernel/workqueue.c:3263 [inline] process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427 kthread+0x711/0x8a0 kernel/kthread.c:463 ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:do_xmote+0x706/0x750 fs/gfs2/glock.c:674 Code: 38 c1 0f 8c a9 fe ff ff 48 89 df e8 34 91 29 fe e9 9c fe ff ff e8 4a dc c3 fd 31 ff 48 89 de ba 01 00 00 00 e8 fb e8 fe ff 90 <0f> 0b e8 33 dc c3 fd 31 ff 48 89 de ba 01 00 00 00 e8 e4 e8 fe ff RSP: 0018:ffffc9000131f9a0 EFLAGS: 00010246 RAX: bef9e87af17bd500 RBX: ffff8880601ed5e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: 00000000ffffffff RBP: ffffffff8bb174e0 R08: ffff888075bc2bab R09: 1ffff1100eb78575 R10: dffffc0000000000 R11: ffffed100eb78576 R12: dffffc0000000000 R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000015 FS: 0000000000000000(0000) GS:ffff888125e0d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000200000663000 CR3: 00000000770dc000 CR4: 00000000003526f0 Tested on: commit: a7f1196a gfs2: Get rid of had_lock in gfs2_drevalidate git tree: https://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2.git for-next console output: https://syzkaller.appspot.com/x/log.txt?x=15179b04580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9ad7b090a18654a7 dashboard link: https://syzkaller.appspot.com/bug?extid=353de08f32ce69361b89 compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8 Note: no patches were applied.
Powered by blists - more mailing lists