syzbot


WARNING in __btrfs_free_extent (2)

Status: upstream: reported on 2024/10/26 04:57
Reported-by: syzbot+60c7d089ea2a4af33523@syzkaller.appspotmail.com
First crash: 42d, last: 42d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in __btrfs_free_extent (2) btrfs C done 118 116d 167d 27/28 fixed on 2024/08/16 16:03
upstream WARNING in __btrfs_free_extent btrfs C error 300 207d 765d 25/28 fixed on 2024/05/22 09:57
linux-4.19 WARNING in __btrfs_free_extent btrfs C error 4 706d 724d 0/1 upstream: reported C repro on 2022/12/14 03:41
linux-6.1 WARNING in __btrfs_free_extent 1 194d 194d 0/3 auto-obsoleted due to no activity on 2024/09/04 10:24
upstream WARNING in __btrfs_free_extent (3) btrfs 6 6d17h 98d 0/28 upstream: reported on 2024/08/31 17:59

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 89 at fs/btrfs/extent-tree.c:3077 __btrfs_free_extent+0x1c0c/0x28c8 fs/btrfs/extent-tree.c:3077
Modules linked in:
CPU: 1 PID: 89 Comm: kworker/u4:3 Not tainted 6.1.114-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: events_unbound btrfs_async_reclaim_metadata_space
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __btrfs_free_extent+0x1c0c/0x28c8 fs/btrfs/extent-tree.c:3077
lr : __btrfs_free_extent+0x1c0c/0x28c8 fs/btrfs/extent-tree.c:3077
sp : ffff80001efb73a0
x29: ffff80001efb7500 x28: 0000000000000000 x27: ffff80001efb7480
x26: ffff0000c66ce0a8 x25: fffffffffffffff7 x24: 0000000000000000
x23: ffff700003df6e8c x22: 00000000ffffffe4 x21: dfff800000000000
x20: 0000000000000000 x19: 0000000000000000 x18: ffff80001efb67a0
x17: 0000000000000000 x16: ffff800012290d3c x15: 0000000000000000
x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000000001
x11: 0000000000ff0100 x10: 0000000000000000 x9 : 0791f90ad3086100
x8 : 0791f90ad3086100 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff80001efb6c98 x4 : ffff800015ab3880 x3 : ffff80000858aa54
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
 __btrfs_free_extent+0x1c0c/0x28c8 fs/btrfs/extent-tree.c:3077
 run_delayed_tree_ref fs/btrfs/extent-tree.c:1681 [inline]
 run_one_delayed_ref fs/btrfs/extent-tree.c:1705 [inline]
 btrfs_run_delayed_refs_for_head fs/btrfs/extent-tree.c:1954 [inline]
 __btrfs_run_delayed_refs+0xe14/0x3a90 fs/btrfs/extent-tree.c:2017
 btrfs_run_delayed_refs+0x13c/0x4c0 fs/btrfs/extent-tree.c:2148
 flush_space+0x854/0xdb8 fs/btrfs/space-info.c:744
 btrfs_async_reclaim_metadata_space+0x260/0x30c fs/btrfs/space-info.c:1080
 process_one_work+0x7ac/0x1404 kernel/workqueue.c:2292
 process_scheduled_works kernel/workqueue.c:2355 [inline]
 worker_thread+0xb6c/0xfec kernel/workqueue.c:2441
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:864
irq event stamp: 1346136
hardirqs last  enabled at (1346135): [<ffff800008343af4>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:261
hardirqs last disabled at (1346136): [<ffff80001228c9f4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last  enabled at (1346058): [<ffff8000081c7c58>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last  enabled at (1346058): [<ffff8000081c7c58>] handle_softirqs+0xb84/0xd58 kernel/softirq.c:599
softirqs last disabled at (1345865): [<ffff800008020174>] __do_softirq+0x14/0x20 kernel/softirq.c:605
---[ end trace 0000000000000000 ]---
BTRFS info (device loop5: state A): dumping space info:
BTRFS info (device loop5: state A): space_info DATA+METADATA has 2166784 free, is full
BTRFS info (device loop5: state A): space_info total=3276800, used=53248, pinned=8192, reserved=0, may_use=1048576, readonly=0 zone_unusable=0
BTRFS info (device loop5: state A): space_info SYSTEM has 12447744 free, is not full
BTRFS info (device loop5: state A): space_info total=12451840, used=4096, pinned=0, reserved=0, may_use=0, readonly=0 zone_unusable=0
BTRFS info (device loop5: state A): global_block_rsv: size 983040 reserved 983040
BTRFS info (device loop5: state A): trans_block_rsv: size 0 reserved 0
BTRFS info (device loop5: state A): chunk_block_rsv: size 0 reserved 0
BTRFS info (device loop5: state A): delayed_block_rsv: size 0 reserved 0
BTRFS info (device loop5: state A): delayed_refs_rsv: size 65536 reserved 65536
BTRFS: error (device loop5: state A) in __btrfs_free_extent:3077: errno=-28 No space left
BTRFS info (device loop5: state EA): forced readonly
BTRFS error (device loop5: state EA): failed to run delayed ref for logical 5378048 num_bytes 4096 type 176 action 2 ref_mod 1: -28
BTRFS: error (device loop5: state EA) in btrfs_run_delayed_refs:2150: errno=-28 No space left

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/26 04:57 linux-6.1.y 7ec6f9fa3d97 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING in __btrfs_free_extent
2024/10/26 04:56 linux-6.1.y 7ec6f9fa3d97 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING in __btrfs_free_extent
* Struck through repros no longer work on HEAD.