From: syzbot <syzbot+3ba856e07b7127889d8c@syzkaller.appspotmail.com>
To: clm@fb.com, dsterba@suse.com, josef@toxicpanda.com,
linux-btrfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [btrfs?] kernel BUG in add_new_free_space
Date: Thu, 29 Jun 2023 18:12:49 -0700 [thread overview]
Message-ID: <000000000000e9cb8305ff4e8327@google.com> (raw)
In-Reply-To: <00000000000053541905f9eb3439@google.com>
syzbot has found a reproducer for the following issue on:
HEAD commit: e40939bbfc68 Merge branch 'for-next/core' into for-kernelci
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=1434d99f280000
kernel config: https://syzkaller.appspot.com/x/.config?x=e95897d034d60fb8
dashboard link: https://syzkaller.appspot.com/bug?extid=3ba856e07b7127889d8c
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16f13920a80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=177d9efb280000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/53d4a5f0770f/disk-e40939bb.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0e95bdd1a8a6/vmlinux-e40939bb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/8890839e5fd6/Image-e40939bb.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/512ce39b94e9/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3ba856e07b7127889d8c@syzkaller.appspotmail.com
el0_svc_common+0x138/0x244 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:191
el0_svc+0x4c/0x160 arch/arm64/kernel/entry-common.c:647
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591
------------[ cut here ]------------
kernel BUG at fs/btrfs/block-group.c:528!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 6029 Comm: syz-executor128 Not tainted 6.4.0-rc7-syzkaller-ge40939bbfc68 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : add_new_free_space+0x290/0x294 fs/btrfs/block-group.c:528
lr : add_new_free_space+0x290/0x294 fs/btrfs/block-group.c:528
sp : ffff800096f17440
x29: ffff800096f174e0 x28: 1ffff00012de2e94 x27: dfff800000000000
x26: 0000000000000001 x25: ffff0000de3c0190 x24: ffff800096f174a0
x23: 0000000000820000 x22: ffff800096f17480 x21: 0000000000000000
x20: 00000000007e0000 x19: 00000000fffffff4 x18: 1fffe000368447c6
x17: 0000000000000000 x16: ffff80008a443320 x15: 0000000000000001
x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000
x8 : ffff0000c74f3780 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800096f16978 x4 : ffff80008df9ee80 x3 : ffff800082cfd768
x2 : 0000000000000001 x1 : 00000000fffffff4 x0 : 0000000000000000
Call trace:
add_new_free_space+0x290/0x294 fs/btrfs/block-group.c:528
btrfs_make_block_group+0x32c/0x858 fs/btrfs/block-group.c:2700
create_chunk fs/btrfs/volumes.c:5440 [inline]
btrfs_create_chunk+0x13a0/0x1e5c fs/btrfs/volumes.c:5526
reserve_chunk_space+0x148/0x2a0 fs/btrfs/block-group.c:4083
check_system_chunk fs/btrfs/block-group.c:4132 [inline]
btrfs_inc_block_group_ro+0x4e8/0x570 fs/btrfs/block-group.c:2854
scrub_enumerate_chunks+0x79c/0x1330 fs/btrfs/scrub.c:2536
btrfs_scrub_dev+0x5f0/0xb84 fs/btrfs/scrub.c:2928
btrfs_ioctl_scrub+0x1f4/0x3e8 fs/btrfs/ioctl.c:3177
btrfs_ioctl+0x6a4/0xb08 fs/btrfs/ioctl.c:4626
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl fs/ioctl.c:856 [inline]
__arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:856
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x244 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:191
el0_svc+0x4c/0x160 arch/arm64/kernel/entry-common.c:647
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591
Code: 956f741e 97875f26 d4210000 97875f24 (d4210000)
---[ end trace 0000000000000000 ]---
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
prev parent reply other threads:[~2023-06-30 1:12 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-22 11:37 [syzbot] [btrfs?] kernel BUG in add_new_free_space syzbot
2023-06-30 1:12 ` syzbot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000e9cb8305ff4e8327@google.com \
--to=syzbot+3ba856e07b7127889d8c@syzkaller.appspotmail.com \
--cc=clm@fb.com \
--cc=dsterba@suse.com \
--cc=josef@toxicpanda.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.