Re: [syzbot] [btrfs?] kernel BUG in __folio_start_writeback

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+aac7bff85be224de5156@syzkaller.appspotmail.com>
To: akpm@linux-foundation.org, clm@fb.com, dsterba@suse.com,
	 josef@toxicpanda.com, linux-btrfs@vger.kernel.org,
	 linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	 linux-mm@kvack.org, syzkaller-bugs@googlegroups.com,
	willy@infradead.org,  wqu@suse.com
Subject: Re: [syzbot] [btrfs?] kernel BUG in __folio_start_writeback
Date: Mon, 25 Nov 2024 23:35:04 -0800	[thread overview]
Message-ID: <67457a28.050a0220.21d33d.0010.GAE@google.com> (raw)
In-Reply-To: <43dc0351-7220-4326-ac07-ef37f6e5605a@suse.com>

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
kernel BUG in __folio_start_writeback

 do_group_exit+0x207/0x2c0 kernel/exit.c:1088
 get_signal+0x16a3/0x1740 kernel/signal.c:2918
 arch_do_signal_or_restart+0x96/0x860 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xc9/0x370 kernel/entry/common.c:218
 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
------------[ cut here ]------------
kernel BUG at mm/page-writeback.c:3119!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 1 UID: 0 PID: 3538 Comm: kworker/u8:10 Not tainted 6.12.0-rc7-syzkaller-00132-g21865e0dd679 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: btrfs-delalloc btrfs_work_helper
RIP: 0010:__folio_start_writeback+0xc06/0x1050 mm/page-writeback.c:3119
Code: 25 ff 0f 00 00 0f 84 d3 00 00 00 e8 14 79 c4 ff e9 ba f5 ff ff e8 0a 79 c4 ff 4c 89 f7 48 c7 c6 c0 0e f4 8b e8 6b 46 0d 00 90 <0f> 0b e8 f3 78 c4 ff 4c 89 f7 48 c7 c6 20 15 f4 8b e8 54 46 0d 00
RSP: 0018:ffffc9000ca9f500 EFLAGS: 00010246
RAX: 258fc5bd6608dc00 RBX: 0000000000000002 RCX: 0000000000000001
RDX: dffffc0000000000 RSI: ffffffff8beacb20 RDI: 0000000000000001
RBP: ffffc9000ca9f670 R08: ffffffff94059917 R09: 1ffffffff280b322
R10: dffffc0000000000 R11: fffffbfff280b323 R12: 0000000000000000
R13: 1ffff92001953eac R14: ffffea0001c40500 R15: ffff888073b564f8
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c0002adb80 CR3: 0000000027072000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 process_one_folio fs/btrfs/extent_io.c:187 [inline]
 __process_folios_contig+0x31c/0x540 fs/btrfs/extent_io.c:216
 submit_one_async_extent fs/btrfs/inode.c:1229 [inline]
 submit_compressed_extents+0xdb3/0x16e0 fs/btrfs/inode.c:1632
 run_ordered_work fs/btrfs/async-thread.c:245 [inline]
 btrfs_work_helper+0x56b/0xc50 fs/btrfs/async-thread.c:324
 process_one_work kernel/workqueue.c:3229 [inline]
 process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310
 worker_thread+0x870/0xd30 kernel/workqueue.c:3391
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__folio_start_writeback+0xc06/0x1050 mm/page-writeback.c:3119
Code: 25 ff 0f 00 00 0f 84 d3 00 00 00 e8 14 79 c4 ff e9 ba f5 ff ff e8 0a 79 c4 ff 4c 89 f7 48 c7 c6 c0 0e f4 8b e8 6b 46 0d 00 90 <0f> 0b e8 f3 78 c4 ff 4c 89 f7 48 c7 c6 20 15 f4 8b e8 54 46 0d 00
RSP: 0018:ffffc9000ca9f500 EFLAGS: 00010246
RAX: 258fc5bd6608dc00 RBX: 0000000000000002 RCX: 0000000000000001
RDX: dffffc0000000000 RSI: ffffffff8beacb20 RDI: 0000000000000001
RBP: ffffc9000ca9f670 R08: ffffffff94059917 R09: 1ffffffff280b322
R10: dffffc0000000000 R11: fffffbfff280b323 R12: 0000000000000000
R13: 1ffff92001953eac R14: ffffea0001c40500 R15: ffff888073b564f8
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fabe0e31440 CR3: 0000000032718000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400


Tested on:

commit:         21865e0d btrfs: use PTR_ERR() instead of PTR_ERR_OR_ZE..
git tree:       https://github.com/btrfs/linux.git for-next
console output: https://syzkaller.appspot.com/x/log.txt?x=10835778580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=fa4954ad2c62b915
dashboard link: https://syzkaller.appspot.com/bug?extid=aac7bff85be224de5156
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40

Note: no patches were applied.

next prev parent reply	other threads:[~2024-11-26  7:35 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-11-24 13:45 [syzbot] [btrfs?] kernel BUG in __folio_start_writeback syzbot
2024-11-24 21:26 ` Matthew Wilcox
2024-11-25  0:30   ` Qu Wenruo
2024-11-25 10:44     ` Aleksandr Nogikh
2024-11-26  8:43       ` Qu Wenruo
2024-11-26  6:42 ` Qu Wenruo
2024-11-26  7:35   ` syzbot [this message]
2024-11-28 18:56 ` syzbot
2024-11-28 21:26   ` Qu Wenruo
2024-11-29 21:17 ` Qu Wenruo
2024-11-30  1:51   ` syzbot
2024-11-30  4:27     ` Qu Wenruo
2024-11-30  6:36 ` Qu Wenruo
2024-11-30  7:01   ` syzbot
2025-01-23  5:06 ` syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=67457a28.050a0220.21d33d.0010.GAE@google.com \
    --to=syzbot+aac7bff85be224de5156@syzkaller.appspotmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=clm@fb.com \
    --cc=dsterba@suse.com \
    --cc=josef@toxicpanda.com \
    --cc=linux-btrfs@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=willy@infradead.org \
    --cc=wqu@suse.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.