syzbot

 sign-in | mailing list | source | docs
🐞 Open [712] 🐞 Fixed [297] 🐞 Invalid [838] 📈 Kernel Health 📈 Bugs/Month 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in btrfs_rmap_block

Status: upstream: reported C repro on 2023/02/16 19:35
Reported-by: syzbot+170548e19f8d29ea1deb@syzkaller.appspotmail.com
First crash: 472d, last: 472d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 kernel BUG in btrfs_rmap_block C 2 472d 472d 0/1 upstream: reported C repro on 2023/02/16 18:55

Sample crash report:
RDX: 0000000000000880 RSI: 0000000002007ffb RDI: 0000000000000004
RBP: 00007ffd8d118880 R08: 0000000000000002 R09: 00007ffd8d118890
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
R13: 00007ffd8d1188c0 R14: 00007ffd8d1188a0 R15: 0000000000000000
------------[ cut here ]------------
kernel BUG at fs/btrfs/volumes.c:5983!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 8124 Comm: syz-executor382 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
RIP: 0010:btrfs_rmap_block+0x1cc/0x8c0 fs/btrfs/volumes.c:5983
Code: db 48 8d 2c dd 00 00 00 00 48 c1 eb 3d 48 85 db 0f 95 c3 31 ff 0f b6 db 48 89 de e8 be e1 71 fe 48 85 db 74 5b e8 24 e0 71 fe <0f> 0b e8 1d e0 71 fe 49 8d 7f 1c 48 b8 00 00 00 00 00 fc ff df 48
RSP: 0018:ffff888094d07580 EFLAGS: 00010293
RAX: ffff8880afc14300 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff82f0a54c RDI: 0000000000000286
RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000
R13: ffff8880b00002c0 R14: 0000000000820000 R15: ffff8880abd9bf00
FS:  000055555699c300(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f629a787138 CR3: 0000000099dce000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 exclude_super_stripes+0x141/0x550 fs/btrfs/extent-tree.c:253
 btrfs_make_block_group+0x2a7/0x940 fs/btrfs/extent-tree.c:10167
 __btrfs_alloc_chunk+0xf77/0x1c20 fs/btrfs/volumes.c:4865
 do_chunk_alloc+0x4e8/0xb70 fs/btrfs/extent-tree.c:4527
 btrfs_alloc_data_chunk_ondemand+0x32b/0xce0 fs/btrfs/extent-tree.c:4161
 btrfs_check_data_free_space+0xc8/0x150 fs/btrfs/extent-tree.c:4245
 btrfs_delalloc_reserve_space+0x2a/0xb0 fs/btrfs/extent-tree.c:6033
 btrfs_truncate_block+0x213/0x1150 fs/btrfs/inode.c:4977
 btrfs_cont_expand+0x171/0xd80 fs/btrfs/inode.c:5133
 btrfs_setsize fs/btrfs/inode.c:5250 [inline]
 btrfs_setattr+0x8cf/0xff0 fs/btrfs/inode.c:5320
 notify_change+0x70b/0xfc0 fs/attr.c:334
 do_truncate+0x134/0x1f0 fs/open.c:63
 do_sys_ftruncate+0x492/0x560 fs/open.c:194
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f629a70fac9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd8d118858 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f629a70fac9
RDX: 0000000000000880 RSI: 0000000002007ffb RDI: 0000000000000004
RBP: 00007ffd8d118880 R08: 0000000000000002 R09: 00007ffd8d118890
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
R13: 00007ffd8d1188c0 R14: 00007ffd8d1188a0 R15: 0000000000000000
Modules linked in:
---[ end trace ddcbd20012b6779c ]---
RIP: 0010:btrfs_rmap_block+0x1cc/0x8c0 fs/btrfs/volumes.c:5983
Code: db 48 8d 2c dd 00 00 00 00 48 c1 eb 3d 48 85 db 0f 95 c3 31 ff 0f b6 db 48 89 de e8 be e1 71 fe 48 85 db 74 5b e8 24 e0 71 fe <0f> 0b e8 1d e0 71 fe 49 8d 7f 1c 48 b8 00 00 00 00 00 fc ff df 48
RSP: 0018:ffff888094d07580 EFLAGS: 00010293
RAX: ffff8880afc14300 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff82f0a54c RDI: 0000000000000286
RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000
R13: ffff8880b00002c0 R14: 0000000000820000 R15: ffff8880abd9bf00
FS:  000055555699c300(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f629a787138 CR3: 0000000099dce000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/02/16 19:35 linux-4.19.y 3f8a27f9e27b 38b317a7 .config console log report syz C [disk image] [vmlinux] [mounted in repro] ci2-linux-4-19 kernel BUG in btrfs_rmap_block
* Struck through repros no longer work on HEAD.