* [Bug] v6.15+: kernel panic when mount & umount btrfs
@ 2025-05-27 4:06 Ming Lei
2025-05-27 5:21 ` Qu Wenruo
0 siblings, 1 reply; 3+ messages in thread
From: Ming Lei @ 2025-05-27 4:06 UTC (permalink / raw)
To: Btrfs BTRFS, linux-fsdevel, David Sterba
Hello,
Just try the latest linus tree by running `rublk` builtin test on
Fedora, and found
the following panic:
git clone https://github.com/ublk-org/rublk
cd rublk
cargo test
[ 24.153674] BTRFS: device fsid b99703ee-349d-40fa-b3d6-b5b451f979ab
devid 1 transid 8 /dev/ublkb1 (259:3) scanned by moun)
[ 24.154624] BTRFS info (device ublkb1): first mount of filesystem
b99703ee-349d-40fa-b3d6-b5b451f979ab
[ 24.155123] BTRFS info (device ublkb1): using crc32c (crc32c-x86)
checksum algorithm
[ 24.155777] BTRFS info (device ublkb1): using free-space-tree
[ 24.157502] BTRFS info (device ublkb1): host-managed zoned block
device /dev/ublkb1, 256 zones of 4194304 bytes
[ 24.158503] BTRFS info (device ublkb1): zoned mode enabled with
zone size 4194304
[ 24.159541] BTRFS info (device ublkb1): checking UUID tree
[ 24.166324] EXT4-fs (ublkb5): mounted filesystem
ae8f9776-4cb7-4edd-9acd-44291433e146 r/w with ordered data mode. Quota
mode: none.
[ 24.169139] EXT4-fs (ublkb8): mounted filesystem
4beadbbc-d9c3-484d-b37b-8ea7ceb4cade r/w with ordered data mode. Quota
mode: none.
[ 24.171259] EXT4-fs (ublkb5): unmounting filesystem
ae8f9776-4cb7-4edd-9acd-44291433e146.
[ 24.173862] EXT4-fs (ublkb8): unmounting filesystem
4beadbbc-d9c3-484d-b37b-8ea7ceb4cade.
[ 24.336068] ------------[ cut here ]------------
[ 24.336449] kernel BUG at fs/btrfs/extent_io.c:2776!
[ 24.336786] Oops: invalid opcode: 0000 [#1] SMP NOPTI
[ 24.337064] CPU: 7 UID: 0 PID: 119 Comm: kworker/u64:2 Not tainted
6.15.0+ #279 PREEMPT(full)
[ 24.337530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),
BIOS 1.16.3-1.fc39 04/01/2014
[ 24.337985] Workqueue: writeback wb_workfn (flush-btrfs-2)
[ 24.338293] RIP: 0010:detach_extent_buffer_folio+0xca/0xd0
[ 24.338595] Code: 4d 34 74 18 84 db 74 96 4d 8d 75 7c 5b 4c 89 f7
5d 41 5c 41 5d 41 5e e9 54 f7 aa 00 48 89 ef e8 8c 48 d0 ff eb de 0f
0b0
[ 24.339599] RSP: 0018:ffffd34500477880 EFLAGS: 00010202
[ 24.339887] RAX: 0017ffffc000400a RBX: 0000000000000001 RCX: ffffd34500477838
[ 24.340280] RDX: 0000000000000001 RSI: fffff5a2442fb280 RDI: ffff8bf88590ef74
[ 24.340697] RBP: fffff5a2442fb280 R08: 0000000000000024 R09: 0000000000000000
[ 24.341143] R10: 0000000000000001 R11: ffff8bf896b39500 R12: ffff8bf88de8cd20
[ 24.341597] R13: ffff8bf88590eef8 R14: ffff8bf88590ef74 R15: ffffd34500477970
[ 24.342106] FS: 0000000000000000(0000) GS:ffff8bfd3ffb6000(0000)
knlGS:0000000000000000
[ 24.342739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 24.343087] CR2: 00007f55e0cdff10 CR3: 00000002af824002 CR4: 0000000000772ef0
[ 24.343504] PKRU: 55555554
[ 24.343667] Call Trace:
[ 24.343823] <TASK>
[ 24.343956] release_extent_buffer+0x9b/0xd0
[ 24.344209] btree_write_cache_pages+0x1de/0x590
[ 24.344486] do_writepages+0xc8/0x170
[ 24.344707] __writeback_single_inode+0x41/0x340
[ 24.344979] writeback_sb_inodes+0x21b/0x4e0
[ 24.345234] wb_writeback+0x98/0x330
[ 24.345449] wb_workfn+0xc2/0x450
[ 24.345648] ? try_to_wake_up+0x308/0x740
[ 24.346052] process_one_work+0x188/0x340
[ 24.346445] worker_thread+0x257/0x3a0
[ 24.346811] ? __pfx_worker_thread+0x10/0x10
[ 24.347206] kthread+0xfc/0x240
[ 24.347560] ? __pfx_kthread+0x10/0x10
[ 24.347924] ret_from_fork+0x34/0x50
[ 24.348284] ? __pfx_kthread+0x10/0x10
[ 24.348672] ret_from_fork_asm+0x1a/0x30
[ 24.349046] </TASK>
[ 24.349344] Modules linked in: iscsi_tcp libiscsi_tcp libiscsi
scsi_transport_iscsi target_core_pscsi target_core_file
target_core_iblockg
[ 24.353785] Dumping ftrace buffer:
[ 24.354170] (ftrace buffer empty)
[ 24.354584] ---[ end trace 0000000000000000 ]---
[ 24.355021] RIP: 0010:detach_extent_buffer_folio+0xca/0xd0
[ 24.355525] Code: 4d 34 74 18 84 db 74 96 4d 8d 75 7c 5b 4c 89 f7
5d 41 5c 41 5d 41 5e e9 54 f7 aa 00 48 89 ef e8 8c 48 d0 ff eb de 0f
0b0
[ 24.357039] RSP: 0018:ffffd34500477880 EFLAGS: 00010202
[ 24.357571] RAX: 0017ffffc000400a RBX: 0000000000000001 RCX: ffffd34500477838
[ 24.358183] RDX: 0000000000000001 RSI: fffff5a2442fb280 RDI: ffff8bf88590ef74
[ 24.358807] RBP: fffff5a2442fb280 R08: 0000000000000024 R09: 0000000000000000
[ 24.359443] R10: 0000000000000001 R11: ffff8bf896b39500 R12: ffff8bf88de8cd20
[ 24.360070] R13: ffff8bf88590eef8 R14: ffff8bf88590ef74 R15: ffffd34500477970
[ 24.360746] FS: 0000000000000000(0000) GS:ffff8bfd3ffb6000(0000)
knlGS:0000000000000000
[ 24.361451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 24.362055] CR2: 00007f55e0cdff10 CR3: 00000002af824002 CR4: 0000000000772ef0
[ 24.362812] PKRU: 55555554
[ 24.363145] Kernel panic - not syncing: Fatal exception
[ 24.363845] Dumping ftrace buffer:
[ 24.364213] (ftrace buffer empty)
[ 24.364602] Kernel Offset: 0x27000000 from 0xffffffff81000000
(relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 24.365385] ---[ end Kernel panic - not syncing: Fatal exception ]---
Thanks,
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Bug] v6.15+: kernel panic when mount & umount btrfs
2025-05-27 4:06 [Bug] v6.15+: kernel panic when mount & umount btrfs Ming Lei
@ 2025-05-27 5:21 ` Qu Wenruo
2025-05-28 22:21 ` David Sterba
0 siblings, 1 reply; 3+ messages in thread
From: Qu Wenruo @ 2025-05-27 5:21 UTC (permalink / raw)
To: Ming Lei, Btrfs BTRFS, linux-fsdevel, David Sterba
在 2025/5/27 13:36, Ming Lei 写道:
> Hello,
>
> Just try the latest linus tree by running `rublk` builtin test on
> Fedora, and found
> the following panic:
>
> git clone https://github.com/ublk-org/rublk
> cd rublk
> cargo test
There is a bug in commit 5e121ae687b8 ("btrfs: use buffer xarray for
extent buffer writeback operations"), and there is already a fix queued
for the next pull request:
https://lore.kernel.org/linux-btrfs/b964b92f482453cbd122743995ff23aa7158b2cb.1747677774.git.josef@toxicpanda.com/
Thanks,
Qu
>
>
> [ 24.153674] BTRFS: device fsid b99703ee-349d-40fa-b3d6-b5b451f979ab
> devid 1 transid 8 /dev/ublkb1 (259:3) scanned by moun)
> [ 24.154624] BTRFS info (device ublkb1): first mount of filesystem
> b99703ee-349d-40fa-b3d6-b5b451f979ab
> [ 24.155123] BTRFS info (device ublkb1): using crc32c (crc32c-x86)
> checksum algorithm
> [ 24.155777] BTRFS info (device ublkb1): using free-space-tree
> [ 24.157502] BTRFS info (device ublkb1): host-managed zoned block
> device /dev/ublkb1, 256 zones of 4194304 bytes
> [ 24.158503] BTRFS info (device ublkb1): zoned mode enabled with
> zone size 4194304
> [ 24.159541] BTRFS info (device ublkb1): checking UUID tree
> [ 24.166324] EXT4-fs (ublkb5): mounted filesystem
> ae8f9776-4cb7-4edd-9acd-44291433e146 r/w with ordered data mode. Quota
> mode: none.
> [ 24.169139] EXT4-fs (ublkb8): mounted filesystem
> 4beadbbc-d9c3-484d-b37b-8ea7ceb4cade r/w with ordered data mode. Quota
> mode: none.
> [ 24.171259] EXT4-fs (ublkb5): unmounting filesystem
> ae8f9776-4cb7-4edd-9acd-44291433e146.
> [ 24.173862] EXT4-fs (ublkb8): unmounting filesystem
> 4beadbbc-d9c3-484d-b37b-8ea7ceb4cade.
> [ 24.336068] ------------[ cut here ]------------
> [ 24.336449] kernel BUG at fs/btrfs/extent_io.c:2776!
> [ 24.336786] Oops: invalid opcode: 0000 [#1] SMP NOPTI
> [ 24.337064] CPU: 7 UID: 0 PID: 119 Comm: kworker/u64:2 Not tainted
> 6.15.0+ #279 PREEMPT(full)
> [ 24.337530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),
> BIOS 1.16.3-1.fc39 04/01/2014
> [ 24.337985] Workqueue: writeback wb_workfn (flush-btrfs-2)
> [ 24.338293] RIP: 0010:detach_extent_buffer_folio+0xca/0xd0
> [ 24.338595] Code: 4d 34 74 18 84 db 74 96 4d 8d 75 7c 5b 4c 89 f7
> 5d 41 5c 41 5d 41 5e e9 54 f7 aa 00 48 89 ef e8 8c 48 d0 ff eb de 0f
> 0b0
> [ 24.339599] RSP: 0018:ffffd34500477880 EFLAGS: 00010202
> [ 24.339887] RAX: 0017ffffc000400a RBX: 0000000000000001 RCX: ffffd34500477838
> [ 24.340280] RDX: 0000000000000001 RSI: fffff5a2442fb280 RDI: ffff8bf88590ef74
> [ 24.340697] RBP: fffff5a2442fb280 R08: 0000000000000024 R09: 0000000000000000
> [ 24.341143] R10: 0000000000000001 R11: ffff8bf896b39500 R12: ffff8bf88de8cd20
> [ 24.341597] R13: ffff8bf88590eef8 R14: ffff8bf88590ef74 R15: ffffd34500477970
> [ 24.342106] FS: 0000000000000000(0000) GS:ffff8bfd3ffb6000(0000)
> knlGS:0000000000000000
> [ 24.342739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 24.343087] CR2: 00007f55e0cdff10 CR3: 00000002af824002 CR4: 0000000000772ef0
> [ 24.343504] PKRU: 55555554
> [ 24.343667] Call Trace:
> [ 24.343823] <TASK>
> [ 24.343956] release_extent_buffer+0x9b/0xd0
> [ 24.344209] btree_write_cache_pages+0x1de/0x590
> [ 24.344486] do_writepages+0xc8/0x170
> [ 24.344707] __writeback_single_inode+0x41/0x340
> [ 24.344979] writeback_sb_inodes+0x21b/0x4e0
> [ 24.345234] wb_writeback+0x98/0x330
> [ 24.345449] wb_workfn+0xc2/0x450
> [ 24.345648] ? try_to_wake_up+0x308/0x740
> [ 24.346052] process_one_work+0x188/0x340
> [ 24.346445] worker_thread+0x257/0x3a0
> [ 24.346811] ? __pfx_worker_thread+0x10/0x10
> [ 24.347206] kthread+0xfc/0x240
> [ 24.347560] ? __pfx_kthread+0x10/0x10
> [ 24.347924] ret_from_fork+0x34/0x50
> [ 24.348284] ? __pfx_kthread+0x10/0x10
> [ 24.348672] ret_from_fork_asm+0x1a/0x30
> [ 24.349046] </TASK>
> [ 24.349344] Modules linked in: iscsi_tcp libiscsi_tcp libiscsi
> scsi_transport_iscsi target_core_pscsi target_core_file
> target_core_iblockg
> [ 24.353785] Dumping ftrace buffer:
> [ 24.354170] (ftrace buffer empty)
> [ 24.354584] ---[ end trace 0000000000000000 ]---
> [ 24.355021] RIP: 0010:detach_extent_buffer_folio+0xca/0xd0
> [ 24.355525] Code: 4d 34 74 18 84 db 74 96 4d 8d 75 7c 5b 4c 89 f7
> 5d 41 5c 41 5d 41 5e e9 54 f7 aa 00 48 89 ef e8 8c 48 d0 ff eb de 0f
> 0b0
> [ 24.357039] RSP: 0018:ffffd34500477880 EFLAGS: 00010202
> [ 24.357571] RAX: 0017ffffc000400a RBX: 0000000000000001 RCX: ffffd34500477838
> [ 24.358183] RDX: 0000000000000001 RSI: fffff5a2442fb280 RDI: ffff8bf88590ef74
> [ 24.358807] RBP: fffff5a2442fb280 R08: 0000000000000024 R09: 0000000000000000
> [ 24.359443] R10: 0000000000000001 R11: ffff8bf896b39500 R12: ffff8bf88de8cd20
> [ 24.360070] R13: ffff8bf88590eef8 R14: ffff8bf88590ef74 R15: ffffd34500477970
> [ 24.360746] FS: 0000000000000000(0000) GS:ffff8bfd3ffb6000(0000)
> knlGS:0000000000000000
> [ 24.361451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 24.362055] CR2: 00007f55e0cdff10 CR3: 00000002af824002 CR4: 0000000000772ef0
> [ 24.362812] PKRU: 55555554
> [ 24.363145] Kernel panic - not syncing: Fatal exception
> [ 24.363845] Dumping ftrace buffer:
> [ 24.364213] (ftrace buffer empty)
> [ 24.364602] Kernel Offset: 0x27000000 from 0xffffffff81000000
> (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
> [ 24.365385] ---[ end Kernel panic - not syncing: Fatal exception ]---
>
> Thanks,
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Bug] v6.15+: kernel panic when mount & umount btrfs
2025-05-27 5:21 ` Qu Wenruo
@ 2025-05-28 22:21 ` David Sterba
0 siblings, 0 replies; 3+ messages in thread
From: David Sterba @ 2025-05-28 22:21 UTC (permalink / raw)
To: Qu Wenruo; +Cc: Ming Lei, Btrfs BTRFS, linux-fsdevel, David Sterba
On Tue, May 27, 2025 at 02:51:33PM +0930, Qu Wenruo wrote:
>
>
> 在 2025/5/27 13:36, Ming Lei 写道:
> > Hello,
> >
> > Just try the latest linus tree by running `rublk` builtin test on
> > Fedora, and found
> > the following panic:
> >
> > git clone https://github.com/ublk-org/rublk
> > cd rublk
> > cargo test
>
> There is a bug in commit 5e121ae687b8 ("btrfs: use buffer xarray for
> extent buffer writeback operations"), and there is already a fix queued
> for the next pull request:
>
> https://lore.kernel.org/linux-btrfs/b964b92f482453cbd122743995ff23aa7158b2cb.1747677774.git.josef@toxicpanda.com/
Now merged to master.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-05-28 22:21 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-27 4:06 [Bug] v6.15+: kernel panic when mount & umount btrfs Ming Lei
2025-05-27 5:21 ` Qu Wenruo
2025-05-28 22:21 ` David Sterba
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).