syzbot

 sign-in | mailing list | source | docs
🐞 Open [965] Subsystems 🐞 Fixed [4559] 🐞 Invalid [10499] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in btrfs_free_tree_block

Status: upstream: reported C repro on 2022/09/26 17:49
Labels: btrfs (incorrect?)
Reported-by: syzbot+a306f914b4d01b3958fe@syzkaller.appspotmail.com
First crash: 247d, last: 3d19h

Cause bisection: failed (error log, bisect log)
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] kernel BUG in btrfs_free_tree_block 0 (1) 2022/09/26 17:49
Fix bisection attempts (2)
Created Duration User Patch Repo Result
2023/03/25 15:38 44m bisect fix upstream job log (0) log
2022/11/21 20:00 39m bisect fix upstream job log (0) log

Sample crash report:
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc8ae88d969
RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
RBP: 0000000000000002 R08: 0000000000000002 R09: 00007fc8ae003731
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd121133f0
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
------------[ cut here ]------------
kernel BUG at fs/btrfs/extent-tree.c:3260!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 4992 Comm: syz-executor329 Not tainted 6.3.0-syzkaller-13027-g1a5304fecee5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
RIP: 0010:btrfs_free_tree_block+0xd1f/0xd30 fs/btrfs/extent-tree.c:3260
Code: 44 89 f1 80 e1 07 38 c1 0f 8c 90 f8 ff ff be 08 00 00 00 4c 89 f7 e8 50 b4 60 fe e9 7e f8 ff ff e8 46 37 2c 07 e8 41 e8 08 fe <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 41 57 41 56
RSP: 0018:ffffc90003c6e8e0 EFLAGS: 00010293
RAX: ffffffff8382a7df RBX: 00000000fffffff4 RCX: ffff888014bd9dc0
RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000
RBP: ffffc90003c6ea38 R08: ffffffff83829e39 R09: fffffbfff1a039b3
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802a93e500
R13: ffff000000000005 R14: 0000000000000005 R15: ffffc90003c6e960
FS:  0000555556aba3c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000080 CR3: 000000002b59e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 btrfs_del_leaf+0x24e/0x3d0 fs/btrfs/ctree.c:4338
 btrfs_del_items+0xae8/0xda0 fs/btrfs/ctree.c:4450
 btrfs_drop_extents+0x2514/0x3650 fs/btrfs/file.c:513
 cow_file_range_inline+0x437/0x970 fs/btrfs/inode.c:457
 cow_file_range+0x3ae/0xfe0 fs/btrfs/inode.c:1234
 btrfs_run_delalloc_range+0x312/0x1150 fs/btrfs/inode.c:2244
 writepage_delalloc+0x261/0x590 fs/btrfs/extent_io.c:1330
 __extent_writepage+0x899/0x1740 fs/btrfs/extent_io.c:1609
 extent_write_cache_pages fs/btrfs/extent_io.c:2477 [inline]
 extent_writepages+0xca7/0x1990 fs/btrfs/extent_io.c:2599
 do_writepages+0x3a6/0x670 mm/page-writeback.c:2551
 filemap_fdatawrite_wbc+0x125/0x180 mm/filemap.c:390
 __filemap_fdatawrite_range mm/filemap.c:423 [inline]
 filemap_fdatawrite_range+0x16e/0x1e0 mm/filemap.c:441
 btrfs_fdatawrite_range fs/btrfs/file.c:3862 [inline]
 btrfs_direct_write fs/btrfs/file.c:1603 [inline]
 btrfs_do_write_iter+0xefc/0x1270 fs/btrfs/file.c:1674
 call_write_iter include/linux/fs.h:1868 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x7ec/0xc10 fs/read_write.c:584
 ksys_write+0x1a0/0x2c0 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc8ae88d969
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd121133e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc8ae88d969
RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000004
RBP: 0000000000000002 R08: 0000000000000002 R09: 00007fc8ae003731
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd121133f0
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:btrfs_free_tree_block+0xd1f/0xd30 fs/btrfs/extent-tree.c:3260
Code: 44 89 f1 80 e1 07 38 c1 0f 8c 90 f8 ff ff be 08 00 00 00 4c 89 f7 e8 50 b4 60 fe e9 7e f8 ff ff e8 46 37 2c 07 e8 41 e8 08 fe <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 41 57 41 56
RSP: 0018:ffffc90003c6e8e0 EFLAGS: 00010293
RAX: ffffffff8382a7df RBX: 00000000fffffff4 RCX: ffff888014bd9dc0
RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000
RBP: ffffc90003c6ea38 R08: ffffffff83829e39 R09: fffffbfff1a039b3
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802a93e500
R13: ffff000000000005 R14: 0000000000000005 R15: ffffc90003c6e960
FS:  0000555556aba3c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000080 CR3: 000000002b59e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (27):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/05/05 00:02 upstream 1a5304fecee5 3a560463 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root kernel BUG in btrfs_free_tree_block
2022/12/27 05:54 upstream 1b929c02afd3 9da18ae8 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root kernel BUG in btrfs_free_tree_block
2022/12/09 06:47 upstream ce19275f0103 1034e5fa .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root kernel BUG in btrfs_free_tree_block
2022/12/02 21:45 upstream a4412fdd49dc e080de16 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2022/09/27 16:30 upstream 3800a713b607 10323ddf .config strace log report syz C ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2023/01/22 02:27 linux-next d514392f17fd 559a440a .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root kernel BUG in btrfs_free_tree_block
2023/01/06 17:24 linux-next cc3c08b41a9c 1dac8c7a .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root kernel BUG in btrfs_free_tree_block
2022/09/26 05:11 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci c194837ebb57 0042f2b4 .config console log report syz C [disk image] [vmlinux] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2023/05/28 06:05 upstream 4e893b5aa4ac cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root kernel BUG in btrfs_free_tree_block
2023/05/25 07:01 upstream 933174ae28ba 4bce1a3e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream kernel BUG in btrfs_free_tree_block
2023/05/11 10:24 upstream 80e62bc8487b 0fbd49f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in btrfs_free_tree_block
2023/04/01 14:55 upstream 7b50567bdcad f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2023/02/23 15:36 upstream d8ca6dbb8de7 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root kernel BUG in btrfs_free_tree_block
2023/02/15 17:41 upstream e1c04510f521 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2023/01/28 19:31 upstream 5af6ce704936 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2022/11/26 01:44 upstream 08ad43d554ba f4470a7b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2022/10/19 13:58 upstream 493ffd6605b2 b31320fc .config console log report info [disk image] [vmlinux] ci2-upstream-fs kernel BUG in btrfs_free_tree_block
2023/04/28 00:33 upstream 32f7ad0fbe75 cc2b6c8b .config console log report info ci-qemu-upstream-386 kernel BUG in btrfs_free_tree_block
2022/10/22 17:10 linux-next 4d48f589d294 c0b80a55 .config console log report info [disk image] [vmlinux] ci-upstream-linux-next-kasan-gce-root kernel BUG in btrfs_free_tree_block
2023/05/01 05:25 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 14f8db1c0f9a 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2023/02/13 15:16 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 4d66ad72 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2023/01/01 19:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a5541c0811a0 ab32d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2022/12/26 07:23 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a5541c0811a0 9da18ae8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2022/12/08 02:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a5541c0811a0 d88f3abb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2022/12/04 22:13 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci e3cb714fb489 e080de16 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2022/12/01 03:09 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci cdb931b58ff5 4c2a66e8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
2022/11/30 19:08 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci cdb931b58ff5 4c2a66e8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 kernel BUG in btrfs_free_tree_block
* Struck through repros no longer work on HEAD.