bcachefs (loop0): Detected missing backpointers in bucket 34, now have 1/128 with missing
BUG: unable to handle page fault for address: ffffed120618f45c
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 23ffee067 P4D 23ffee067 PUD 0
Oops: Oops: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 6224 Comm: bch-copygc/loop Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:87 [inline]
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:104 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x9b/0x2c0 mm/kasan/generic.c:189
Code: 01 00 00 00 00 fc ff df 4d 8d 34 19 4d 89 f4 4d 29 dc 49 83 fc 10 7f 29 4d 85 e4 0f 84 41 01 00 00 4c 89 cb 48 f7 d3 4c 01 fb <41> 80 3b 00 0f 85 de 01 00 00 49 ff c3 48 ff c3 75 ee e9 21 01 00
RSP: 0018:ffffc90002f17528 EFLAGS: 00010286
RAX: 0000000200000001 RBX: ffffffffffffffff RCX: ffffffff844716b1
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff889030c7a2e0
RBP: ffffc90002f17930 R08: ffff889030c7a2e7 R09: 1ffff1120618f45c
R10: dffffc0000000000 R11: ffffed120618f45c R12: 0000000000000001
R13: dffffc0000000000 R14: ffffed120618f45d R15: 1ffff1120618f45c
FS: 0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffed120618f45c CR3: 0000000022bdc000 CR4: 00000000003526f0
Call Trace:
<TASK>
instrument_atomic_read include/linux/instrumented.h:68 [inline]
_test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
bch2_bucket_bitmap_test fs/bcachefs/backpointers.h:194 [inline]
bch2_bucket_is_movable fs/bcachefs/movinggc.c:78 [inline]
bch2_copygc_get_buckets fs/bcachefs/movinggc.c:157 [inline]
bch2_copygc+0xfb1/0x4380 fs/bcachefs/movinggc.c:221
bch2_copygc_thread+0x97a/0xe00 fs/bcachefs/movinggc.c:409
kthread+0x711/0x8a0 kernel/kthread.c:464
ret_from_fork+0x3f9/0x770 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
</TASK>
Modules linked in:
CR2: ffffed120618f45c
---[ end trace 0000000000000000 ]---
RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:87 [inline]
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:104 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x9b/0x2c0 mm/kasan/generic.c:189
Code: 01 00 00 00 00 fc ff df 4d 8d 34 19 4d 89 f4 4d 29 dc 49 83 fc 10 7f 29 4d 85 e4 0f 84 41 01 00 00 4c 89 cb 48 f7 d3 4c 01 fb <41> 80 3b 00 0f 85 de 01 00 00 49 ff c3 48 ff c3 75 ee e9 21 01 00
RSP: 0018:ffffc90002f17528 EFLAGS: 00010286
RAX: 0000000200000001 RBX: ffffffffffffffff RCX: ffffffff844716b1
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff889030c7a2e0
RBP: ffffc90002f17930 R08: ffff889030c7a2e7 R09: 1ffff1120618f45c
R10: dffffc0000000000 R11: ffffed120618f45c R12: 0000000000000001
R13: dffffc0000000000 R14: ffffed120618f45d R15: 1ffff1120618f45c
FS: 0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffed120618f45c CR3: 0000000022bdc000 CR4: 00000000003526f0
----------------
Code disassembly (best guess), 7 bytes skipped:
0: df 4d 8d fisttps -0x73(%rbp)
3: 34 19 xor $0x19,%al
5: 4d 89 f4 mov %r14,%r12
8: 4d 29 dc sub %r11,%r12
b: 49 83 fc 10 cmp $0x10,%r12
f: 7f 29 jg 0x3a
11: 4d 85 e4 test %r12,%r12
14: 0f 84 41 01 00 00 je 0x15b
1a: 4c 89 cb mov %r9,%rbx
1d: 48 f7 d3 not %rbx
20: 4c 01 fb add %r15,%rbx
* 23: 41 80 3b 00 cmpb $0x0,(%r11) <-- trapping instruction
27: 0f 85 de 01 00 00 jne 0x20b
2d: 49 ff c3 inc %r11
30: 48 ff c3 inc %rbx
33: 75 ee jne 0x23
35: e9 .byte 0xe9
36: 21 01 and %eax,(%rcx)