[syzbot] [btrfs?] WARNING in emit_fiemap

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [syzbot] [btrfs?] WARNING in emit_fiemap_extent
@ 2023-06-20 21:34 syzbot
  2023-06-21 12:33 ` David Sterba
                   ` (3 more replies)
  0 siblings, 4 replies; 6+ messages in thread
From: syzbot @ 2023-06-20 21:34 UTC (permalink / raw)
  To: clm, dsterba, josef, linux-btrfs, linux-fsdevel, linux-kernel,
	syzkaller-bugs

Hello,

syzbot found the following issue on:

HEAD commit:    40f71e7cd3c6 Merge tag 'net-6.4-rc7' of git://git.kernel.o..
git tree:       upstream
console+strace: https://syzkaller.appspot.com/x/log.txt?x=166d2acf280000
kernel config:  https://syzkaller.appspot.com/x/.config?x=7ff8f87c7ab0e04e
dashboard link: https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb
compiler:       Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10c65e87280000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1094a78b280000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2dc89d5fee38/disk-40f71e7c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0ced5a475218/vmlinux-40f71e7c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d543a4f69684/bzImage-40f71e7c.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/7cde8d2312ae/mount_0.gz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9992306148b06272f3bb@syzkaller.appspotmail.com

------------[ cut here ]------------
WARNING: CPU: 1 PID: 5351 at fs/btrfs/extent_io.c:2824 emit_fiemap_extent+0xee/0x410
Modules linked in:
CPU: 1 PID: 5351 Comm: syz-executor148 Not tainted 6.4.0-rc6-syzkaller-00195-g40f71e7cd3c6 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
RIP: 0010:emit_fiemap_extent+0xee/0x410 fs/btrfs/extent_io.c:2824
Code: d8 24 52 fe 49 8b 45 00 48 89 04 24 48 8b 4c 24 28 48 8d 2c 08 48 89 ef 4c 89 f6 e8 3c 4f fa fd 4c 39 f5 76 1b e8 22 4d fa fd <0f> 0b bd ea ff ff ff e9 25 02 00 00 e8 11 4d fa fd e9 97 01 00 00
RSP: 0018:ffffc90004b7f4a8 EFLAGS: 00010293
RAX: ffffffff8391327e RBX: ffffc90004b7f8e0 RCX: ffff88807658bb80
RDX: 0000000000000000 RSI: 00000000000b3000 RDI: 0000000000101000
RBP: 0000000000101000 R08: ffffffff83913274 R09: 0000000000000800
R10: ffffc90004b7f478 R11: dffffc0000000001 R12: 1ffff9200096ff1f
R13: ffffc90004b7f8f0 R14: 00000000000b3000 R15: 1ffff9200096ff1e
FS:  00007f2063529700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055dbf02d3668 CR3: 0000000079ce7000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 fiemap_process_hole+0xa27/0xaf0 fs/btrfs/extent_io.c:3104
 extent_fiemap+0xe7d/0x1fc0
 btrfs_fiemap+0x178/0x1e0 fs/btrfs/inode.c:7802
 ioctl_fiemap fs/ioctl.c:219 [inline]
 do_vfs_ioctl+0x19ba/0x2b10 fs/ioctl.c:810
 __do_sys_ioctl fs/ioctl.c:868 [inline]
 __se_sys_ioctl+0x81/0x160 fs/ioctl.c:856
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f206a99eae9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f20635292f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f206aa287f0 RCX: 00007f206a99eae9
RDX: 00000000200012c0 RSI: 00000000c020660b RDI: 0000000000000004
RBP: 00007f206a9f5290 R08: 00007f2063529700 R09: 0000000000000000
R10: 00007f2063529700 R11: 0000000000000246 R12: 5f65646f6e696f6e
R13: 0032656c69662f2e R14: 8000000000000001 R15: 00007f206aa287f8
 </TASK>


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to change bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [syzbot] [btrfs?] WARNING in emit_fiemap_extent
  2023-06-20 21:34 [syzbot] [btrfs?] WARNING in emit_fiemap_extent syzbot
@ 2023-06-21 12:33 ` David Sterba
  2023-07-29 21:45 ` syzbot
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 6+ messages in thread
From: David Sterba @ 2023-06-21 12:33 UTC (permalink / raw)
  To: syzbot
  Cc: clm, dsterba, josef, linux-btrfs, linux-fsdevel, linux-kernel,
	syzkaller-bugs

On Tue, Jun 20, 2023 at 02:34:46PM -0700, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    40f71e7cd3c6 Merge tag 'net-6.4-rc7' of git://git.kernel.o..
> git tree:       upstream
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=166d2acf280000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=7ff8f87c7ab0e04e
> dashboard link: https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb
> compiler:       Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10c65e87280000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1094a78b280000
> 
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/2dc89d5fee38/disk-40f71e7c.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/0ced5a475218/vmlinux-40f71e7c.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/d543a4f69684/bzImage-40f71e7c.xz
> mounted in repro: https://storage.googleapis.com/syzbot-assets/7cde8d2312ae/mount_0.gz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+9992306148b06272f3bb@syzkaller.appspotmail.com
> 
> ------------[ cut here ]------------
> WARNING: CPU: 1 PID: 5351 at fs/btrfs/extent_io.c:2824 emit_fiemap_extent+0xee/0x410

2804 static int emit_fiemap_extent(struct fiemap_extent_info *fieinfo,
2805                                 struct fiemap_cache *cache,
2806                                 u64 offset, u64 phys, u64 len, u32 flags)
2807 {
2808         int ret = 0;
2809
2810         /* Set at the end of extent_fiemap(). */
2811         ASSERT((flags & FIEMAP_EXTENT_LAST) == 0);
2812
2813         if (!cache->cached)
2814                 goto assign;
2815
2816         /*
2817          * Sanity check, extent_fiemap() should have ensured that new
2818          * fiemap extent won't overlap with cached one.
2819          * Not recoverable.
2820          *
2821          * NOTE: Physical address can overlap, due to compression
2822          */
2823         if (cache->offset + cache->len > offset) {
2824                 WARN_ON(1);
2825                 return -EINVAL;
2826         }

Either we can drop the warning as the error is handled, or there was
another issue that was supposed to be caught earlier.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [syzbot] [btrfs?] WARNING in emit_fiemap_extent
  2023-06-20 21:34 [syzbot] [btrfs?] WARNING in emit_fiemap_extent syzbot
  2023-06-21 12:33 ` David Sterba
@ 2023-07-29 21:45 ` syzbot
  2023-08-02 14:46   ` Aleksandr Nogikh
  2024-05-16 15:04 ` David Sterba
  2024-05-16 15:08 ` David Sterba
  3 siblings, 1 reply; 6+ messages in thread
From: syzbot @ 2023-07-29 21:45 UTC (permalink / raw)
  To: axboe, brauner, clm, dhowells, dsterba, dsterba, hch, josef,
	linux-btrfs, linux-fsdevel, linux-kernel, syzkaller-bugs

syzbot suspects this issue was fixed by commit:

commit aa3dbde878961dd333cdd3c326b93e6c84a23ed4
Author: David Howells <dhowells@redhat.com>
Date:   Mon May 22 13:49:54 2023 +0000

    splice: Make splice from an O_DIRECT fd use copy_splice_read()

bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=14dc6319a80000
start commit:   40f71e7cd3c6 Merge tag 'net-6.4-rc7' of git://git.kernel.o..
git tree:       upstream
kernel config:  https://syzkaller.appspot.com/x/.config?x=7ff8f87c7ab0e04e
dashboard link: https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10c65e87280000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1094a78b280000

If the result looks correct, please mark the issue as fixed by replying with:

#syz fix: splice: Make splice from an O_DIRECT fd use copy_splice_read()

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [syzbot] [btrfs?] WARNING in emit_fiemap_extent
  2023-07-29 21:45 ` syzbot
@ 2023-08-02 14:46   ` Aleksandr Nogikh
  0 siblings, 0 replies; 6+ messages in thread
From: Aleksandr Nogikh @ 2023-08-02 14:46 UTC (permalink / raw)
  To: syzbot
  Cc: axboe, brauner, clm, dhowells, dsterba, dsterba, hch, josef,
	linux-btrfs, linux-fsdevel, linux-kernel, syzkaller-bugs

On Sat, Jul 29, 2023 at 11:45 PM syzbot
<syzbot+9992306148b06272f3bb@syzkaller.appspotmail.com> wrote:
>
> syzbot suspects this issue was fixed by commit:
>
> commit aa3dbde878961dd333cdd3c326b93e6c84a23ed4
> Author: David Howells <dhowells@redhat.com>
> Date:   Mon May 22 13:49:54 2023 +0000
>
>     splice: Make splice from an O_DIRECT fd use copy_splice_read()
>
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=14dc6319a80000
> start commit:   40f71e7cd3c6 Merge tag 'net-6.4-rc7' of git://git.kernel.o..
> git tree:       upstream
> kernel config:  https://syzkaller.appspot.com/x/.config?x=7ff8f87c7ab0e04e
> dashboard link: https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10c65e87280000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1094a78b280000
>
> If the result looks correct, please mark the issue as fixed by replying with:
>
> #syz fix: splice: Make splice from an O_DIRECT fd use copy_splice_read()

Hmm, no. It looks like this change indeed stopped that particular
reproducer from triggering the bug (the commit changed the kernel code
that is executed by sendfile(r0, r0, 0x0, 0x8800d00)), but the bug
itself is still present.

Today syzbot has found a new reproducer, see
https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb

>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection
>

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [syzbot] [btrfs?] WARNING in emit_fiemap_extent
  2023-06-20 21:34 [syzbot] [btrfs?] WARNING in emit_fiemap_extent syzbot
  2023-06-21 12:33 ` David Sterba
  2023-07-29 21:45 ` syzbot
@ 2024-05-16 15:04 ` David Sterba
  2024-05-16 15:08 ` David Sterba
  3 siblings, 0 replies; 6+ messages in thread
From: David Sterba @ 2024-05-16 15:04 UTC (permalink / raw)
  To: syzbot
  Cc: clm, dsterba, josef, linux-btrfs, linux-fsdevel, linux-kernel,
	syzkaller-bugs

On Tue, Jun 20, 2023 at 02:34:46PM -0700, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    40f71e7cd3c6 Merge tag 'net-6.4-rc7' of git://git.kernel.o..
> git tree:       upstream
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=166d2acf280000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=7ff8f87c7ab0e04e
> dashboard link: https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb
> compiler:       Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10c65e87280000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1094a78b280000
> 
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/2dc89d5fee38/disk-40f71e7c.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/0ced5a475218/vmlinux-40f71e7c.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/d543a4f69684/bzImage-40f71e7c.xz
> mounted in repro: https://storage.googleapis.com/syzbot-assets/7cde8d2312ae/mount_0.gz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+9992306148b06272f3bb@syzkaller.appspotmail.com
> 
> ------------[ cut here ]------------
> WARNING: CPU: 1 PID: 5351 at fs/btrfs/extent_io.c:2824 emit_fiemap_extent+0xee/0x410

#syx fix: btrfs: fix race between ordered extent completion and fiemap

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [syzbot] [btrfs?] WARNING in emit_fiemap_extent
  2023-06-20 21:34 [syzbot] [btrfs?] WARNING in emit_fiemap_extent syzbot
                   ` (2 preceding siblings ...)
  2024-05-16 15:04 ` David Sterba
@ 2024-05-16 15:08 ` David Sterba
  3 siblings, 0 replies; 6+ messages in thread
From: David Sterba @ 2024-05-16 15:08 UTC (permalink / raw)
  To: syzbot
  Cc: clm, dsterba, josef, linux-btrfs, linux-fsdevel, linux-kernel,
	syzkaller-bugs

On Tue, Jun 20, 2023 at 02:34:46PM -0700, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    40f71e7cd3c6 Merge tag 'net-6.4-rc7' of git://git.kernel.o..
> git tree:       upstream
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=166d2acf280000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=7ff8f87c7ab0e04e
> dashboard link: https://syzkaller.appspot.com/bug?extid=9992306148b06272f3bb
> compiler:       Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10c65e87280000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1094a78b280000
> 
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/2dc89d5fee38/disk-40f71e7c.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/0ced5a475218/vmlinux-40f71e7c.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/d543a4f69684/bzImage-40f71e7c.xz
> mounted in repro: https://storage.googleapis.com/syzbot-assets/7cde8d2312ae/mount_0.gz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+9992306148b06272f3bb@syzkaller.appspotmail.com
> 
> ------------[ cut here ]------------
> WARNING: CPU: 1 PID: 5351 at fs/btrfs/extent_io.c:2824 emit_fiemap_extent+0xee/0x410

#syz fix: btrfs: fix race between ordered extent completion and fiemap

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2024-05-16 15:08 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-20 21:34 [syzbot] [btrfs?] WARNING in emit_fiemap_extent syzbot
2023-06-21 12:33 ` David Sterba
2023-07-29 21:45 ` syzbot
2023-08-02 14:46   ` Aleksandr Nogikh
2024-05-16 15:04 ` David Sterba
2024-05-16 15:08 ` David Sterba

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).