syzbot

 sign-in | mailing list | source | docs
🐞 Open [717]
🐞 Fixed [181]
🐞 Invalid [640]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in find_free_extent

Status: upstream: reported C repro on 2022/12/05 04:16
Reported-by: syzbot+055c405faefc5aa04346@syzkaller.appspotmail.com
First crash: 747d, last: 660d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 kernel BUG in find_free_extent C error 3 741d 754d 0/1 upstream: reported C repro on 2022/11/28 06:01
Fix bisection attempts (2)
Created Duration User Patch Repo Result
2023/03/02 03:20 36m bisect fix linux-4.14.y OK (0) job log log
2023/01/29 23:13 25m bisect fix linux-4.14.y OK (0) job log log

Sample crash report:
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
------------[ cut here ]------------
kernel BUG at fs/btrfs/extent-tree.c:7723!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 8004 Comm: syz-executor109 Not tainted 4.14.300-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
task: ffff888096bf20c0 task.stack: ffff888096730000
RIP: 0010:find_free_extent+0x203b/0x3320 fs/btrfs/extent-tree.c:7723
RSP: 0018:ffff888096737148 EFLAGS: 00010297
RAX: ffff888096bf20c0 RBX: ffff88809629afb0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000286
RBP: ffff888096dd6ac0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000005
R13: 0000000000000000 R14: ffff888096891cc0 R15: ffff888096dd6940
FS:  0000555556de5300(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f42ccc65740 CR3: 00000000a17dc000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 btrfs_reserve_extent+0x14b/0x3b0 fs/btrfs/extent-tree.c:8109
 btrfs_alloc_tree_block+0x371/0x1410 fs/btrfs/extent-tree.c:8551
 __btrfs_cow_block+0x367/0xfd0 fs/btrfs/ctree.c:1113
 btrfs_cow_block+0x207/0x6d0 fs/btrfs/ctree.c:1574
 btrfs_search_slot+0x546/0x1c20 fs/btrfs/ctree.c:2818
 btrfs_insert_empty_items+0xaf/0x160 fs/btrfs/ctree.c:4866
 btrfs_insert_empty_item fs/btrfs/ctree.h:2879 [inline]
 insert_balance_item.isra.0+0xef/0x13f0 fs/btrfs/volumes.c:3071
 btrfs_balance+0xa50/0x39b0 fs/btrfs/volumes.c:3889
 btrfs_ioctl_balance+0x5e6/0x730 fs/btrfs/ioctl.c:4846
 btrfs_ioctl+0xddf/0x5b20 fs/btrfs/ioctl.c:5687
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
Code: 02 00 0f 85 ed 0f 00 00 49 8b 7f 30 4c 89 ca 4c 89 e1 4c 89 4c 24 20 e8 74 57 11 00 4c 8b 4c 24 20 e9 e9 ea ff ff e8 35 27 ba fe <0f> 0b e8 2e 27 ba fe 49 8d bf b0 00 00 00 e8 b2 bd a5 fe e9 b3 
RIP: find_free_extent+0x203b/0x3320 fs/btrfs/extent-tree.c:7723 RSP: ffff888096737148
---[ end trace 567c9a84a22d39e0 ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/12/05 04:15 linux-4.14.y 179ef7fe8677 e080de16 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-4-14 kernel BUG in find_free_extent
* Struck through repros no longer work on HEAD.