From: syzbot <syzbot+0d5b462a6f07447991b3@syzkaller.appspotmail.com>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] [syzbot] WARNING in __set_page_dirty
Date: Thu, 12 Aug 2021 20:30:25 -0700 [thread overview]
Message-ID: <000000000000dd0bf405c96878b9@google.com> (raw)
In-Reply-To: <000000000000b25bb805c798a1a5@google.com>
syzbot has found a reproducer for the following issue on:
HEAD commit: f8fbb47c6e86 Merge branch 'for-v5.14' of git://git.kernel...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=125aadf6300000
kernel config: https://syzkaller.appspot.com/x/.config?x=e3a20bae04b96ccd
dashboard link: https://syzkaller.appspot.com/bug?extid=0d5b462a6f07447991b3
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.1
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=122742ee300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17925381300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0d5b462a6f07447991b3 at syzkaller.appspotmail.com
NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
------------[ cut here ]------------
WARNING: CPU: 0 PID: 8496 at include/linux/backing-dev.h:283 inode_to_wb include/linux/backing-dev.h:283 [inline]
WARNING: CPU: 0 PID: 8496 at include/linux/backing-dev.h:283 account_page_dirtied mm/page-writeback.c:2435 [inline]
WARNING: CPU: 0 PID: 8496@include/linux/backing-dev.h:283 __set_page_dirty+0xace/0x1070 mm/page-writeback.c:2483
Modules linked in:
CPU: 0 PID: 8496 Comm: segctord Not tainted 5.14.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:inode_to_wb include/linux/backing-dev.h:283 [inline]
RIP: 0010:account_page_dirtied mm/page-writeback.c:2435 [inline]
RIP: 0010:__set_page_dirty+0xace/0x1070 mm/page-writeback.c:2483
Code: a8 01 00 00 be ff ff ff ff 48 8d 78 70 e8 ea 60 8d 07 31 ff 89 c3 89 c6 e8 cf a6 d8 ff 85 db 0f 85 ac f7 ff ff e8 82 9f d8 ff <0f> 0b e9 a0 f7 ff ff e8 76 9f d8 ff 4c 8d 75 08 48 b8 00 00 00 00
RSP: 0018:ffffc9000175f8c8 EFLAGS: 00010093
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff8880263b9c40 RSI: ffffffff819d083e RDI: 0000000000000003
RBP: ffffea000082dac0 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff819d0831 R11: 0000000000000000 R12: 0000000000000293
R13: ffff888037e60138 R14: ffff888037e60488 R15: ffff888037e602e0
FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005593610abbe0 CR3: 0000000016882000 CR4: 0000000000350ef0
Call Trace:
mark_buffer_dirty+0x49a/0x5e0 fs/buffer.c:1108
nilfs_btree_propagate_p fs/nilfs2/btree.c:1889 [inline]
nilfs_btree_propagate+0x4ae/0xea0 fs/nilfs2/btree.c:2085
nilfs_bmap_propagate+0x73/0x170 fs/nilfs2/bmap.c:337
nilfs_collect_dat_data+0x45/0xd0 fs/nilfs2/segment.c:625
nilfs_segctor_apply_buffers+0x14a/0x470 fs/nilfs2/segment.c:1009
nilfs_segctor_scan_file+0x3e4/0x700 fs/nilfs2/segment.c:1058
nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1224 [inline]
nilfs_segctor_collect fs/nilfs2/segment.c:1494 [inline]
nilfs_segctor_do_construct+0x16ee/0x6b20 fs/nilfs2/segment.c:2036
nilfs_segctor_construct+0x7a7/0xb30 fs/nilfs2/segment.c:2372
nilfs_segctor_thread_construct fs/nilfs2/segment.c:2480 [inline]
nilfs_segctor_thread+0x3c3/0xf90 fs/nilfs2/segment.c:2563
kthread+0x3e5/0x4d0 kernel/kthread.c:319
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
----------------
Code disassembly (best guess):
0: a8 01 test $0x1,%al
2: 00 00 add %al,(%rax)
4: be ff ff ff ff mov $0xffffffff,%esi
9: 48 8d 78 70 lea 0x70(%rax),%rdi
d: e8 ea 60 8d 07 callq 0x78d60fc
12: 31 ff xor %edi,%edi
14: 89 c3 mov %eax,%ebx
16: 89 c6 mov %eax,%esi
18: e8 cf a6 d8 ff callq 0xffd8a6ec
1d: 85 db test %ebx,%ebx
1f: 0f 85 ac f7 ff ff jne 0xfffff7d1
25: e8 82 9f d8 ff callq 0xffd89fac
2a: 0f 0b ud2 <-- trapping instruction
2c: e9 a0 f7 ff ff jmpq 0xfffff7d1
31: e8 76 9f d8 ff callq 0xffd89fac
36: 4c 8d 75 08 lea 0x8(%rbp),%r14
3a: 48 rex.W
3b: b8 00 00 00 00 mov $0x0,%eax
WARNING: multiple messages have this Message-ID (diff)
From: syzbot <syzbot+0d5b462a6f07447991b3@syzkaller.appspotmail.com>
To: agruenba@redhat.com, akpm@linux-foundation.org,
cluster-devel@redhat.com, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, rpeterso@redhat.com, swhiteho@redhat.com,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] WARNING in __set_page_dirty
Date: Thu, 12 Aug 2021 20:30:25 -0700 [thread overview]
Message-ID: <000000000000dd0bf405c96878b9@google.com> (raw)
In-Reply-To: <000000000000b25bb805c798a1a5@google.com>
syzbot has found a reproducer for the following issue on:
HEAD commit: f8fbb47c6e86 Merge branch 'for-v5.14' of git://git.kernel...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=125aadf6300000
kernel config: https://syzkaller.appspot.com/x/.config?x=e3a20bae04b96ccd
dashboard link: https://syzkaller.appspot.com/bug?extid=0d5b462a6f07447991b3
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.1
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=122742ee300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17925381300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0d5b462a6f07447991b3@syzkaller.appspotmail.com
NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
------------[ cut here ]------------
WARNING: CPU: 0 PID: 8496 at include/linux/backing-dev.h:283 inode_to_wb include/linux/backing-dev.h:283 [inline]
WARNING: CPU: 0 PID: 8496 at include/linux/backing-dev.h:283 account_page_dirtied mm/page-writeback.c:2435 [inline]
WARNING: CPU: 0 PID: 8496 at include/linux/backing-dev.h:283 __set_page_dirty+0xace/0x1070 mm/page-writeback.c:2483
Modules linked in:
CPU: 0 PID: 8496 Comm: segctord Not tainted 5.14.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:inode_to_wb include/linux/backing-dev.h:283 [inline]
RIP: 0010:account_page_dirtied mm/page-writeback.c:2435 [inline]
RIP: 0010:__set_page_dirty+0xace/0x1070 mm/page-writeback.c:2483
Code: a8 01 00 00 be ff ff ff ff 48 8d 78 70 e8 ea 60 8d 07 31 ff 89 c3 89 c6 e8 cf a6 d8 ff 85 db 0f 85 ac f7 ff ff e8 82 9f d8 ff <0f> 0b e9 a0 f7 ff ff e8 76 9f d8 ff 4c 8d 75 08 48 b8 00 00 00 00
RSP: 0018:ffffc9000175f8c8 EFLAGS: 00010093
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff8880263b9c40 RSI: ffffffff819d083e RDI: 0000000000000003
RBP: ffffea000082dac0 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff819d0831 R11: 0000000000000000 R12: 0000000000000293
R13: ffff888037e60138 R14: ffff888037e60488 R15: ffff888037e602e0
FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005593610abbe0 CR3: 0000000016882000 CR4: 0000000000350ef0
Call Trace:
mark_buffer_dirty+0x49a/0x5e0 fs/buffer.c:1108
nilfs_btree_propagate_p fs/nilfs2/btree.c:1889 [inline]
nilfs_btree_propagate+0x4ae/0xea0 fs/nilfs2/btree.c:2085
nilfs_bmap_propagate+0x73/0x170 fs/nilfs2/bmap.c:337
nilfs_collect_dat_data+0x45/0xd0 fs/nilfs2/segment.c:625
nilfs_segctor_apply_buffers+0x14a/0x470 fs/nilfs2/segment.c:1009
nilfs_segctor_scan_file+0x3e4/0x700 fs/nilfs2/segment.c:1058
nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1224 [inline]
nilfs_segctor_collect fs/nilfs2/segment.c:1494 [inline]
nilfs_segctor_do_construct+0x16ee/0x6b20 fs/nilfs2/segment.c:2036
nilfs_segctor_construct+0x7a7/0xb30 fs/nilfs2/segment.c:2372
nilfs_segctor_thread_construct fs/nilfs2/segment.c:2480 [inline]
nilfs_segctor_thread+0x3c3/0xf90 fs/nilfs2/segment.c:2563
kthread+0x3e5/0x4d0 kernel/kthread.c:319
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
----------------
Code disassembly (best guess):
0: a8 01 test $0x1,%al
2: 00 00 add %al,(%rax)
4: be ff ff ff ff mov $0xffffffff,%esi
9: 48 8d 78 70 lea 0x70(%rax),%rdi
d: e8 ea 60 8d 07 callq 0x78d60fc
12: 31 ff xor %edi,%edi
14: 89 c3 mov %eax,%ebx
16: 89 c6 mov %eax,%esi
18: e8 cf a6 d8 ff callq 0xffd8a6ec
1d: 85 db test %ebx,%ebx
1f: 0f 85 ac f7 ff ff jne 0xfffff7d1
25: e8 82 9f d8 ff callq 0xffd89fac
2a: 0f 0b ud2 <-- trapping instruction
2c: e9 a0 f7 ff ff jmpq 0xfffff7d1
31: e8 76 9f d8 ff callq 0xffd89fac
36: 4c 8d 75 08 lea 0x8(%rbp),%r14
3a: 48 rex.W
3b: b8 00 00 00 00 mov $0x0,%eax
next prev parent reply other threads:[~2021-08-13 3:30 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-21 2:07 [syzbot] WARNING in __set_page_dirty syzbot
2021-07-21 21:58 ` [Cluster-devel] " Andrew Morton
2021-07-21 21:58 ` Andrew Morton
2021-07-22 12:24 ` [Cluster-devel] " Bob Peterson
2021-07-22 12:24 ` Bob Peterson
2021-07-22 13:16 ` [Cluster-devel] " Bob Peterson
2021-07-22 13:16 ` Bob Peterson
2021-07-22 13:52 ` [Cluster-devel] " Steven Whitehouse
2021-07-22 13:52 ` Steven Whitehouse
2021-08-13 3:30 ` syzbot [this message]
2021-08-13 3:30 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000dd0bf405c96878b9@google.com \
--to=syzbot+0d5b462a6f07447991b3@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.