syzbot

 sign-in | mailing list | source | docs
🐞 Open [561] 🐞 Fixed [64] 🐞 Invalid [207] Missing Backports [38] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in btrfs_global_root_delete

Status: fixed on 2023/08/01 16:10
Reported-by: syzbot+b8008f15c77c682b012f@syzkaller.appspotmail.com
Fix commit: 4389fb6b6a9d btrfs: do not ASSERT() on duplicated global roots
First crash: 381d, last: 314d
Fix bisection: fixed by (bisect log) :
commit 4389fb6b6a9d31704cc576b7671b6dfe9ac9f966
Author: Qu Wenruo <wqu@suse.com>
Date: Sun Jun 11 00:09:13 2023 +0000

  btrfs: do not ASSERT() on duplicated global roots

  
Bug presence (1)
Date Name Commit Repro Result
2023/07/08 upstream (ToT) 7fcd473a6455 C Didn't crash
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG in btrfs_global_root_delete btrfs C 33 310d 516d 0/26 auto-obsoleted due to no activity on 2023/09/29 06:24

Sample crash report:
BTRFS error (device loop0): failed to load root free space
assertion failed: !tmp, in fs/btrfs/disk-io.c:1105
------------[ cut here ]------------
kernel BUG at fs/btrfs/ctree.h:3716!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 4216 Comm: syz-executor119 Not tainted 6.1.31-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : assertfail+0x28/0x2c fs/btrfs/ctree.h:3715
lr : assertfail+0x28/0x2c fs/btrfs/ctree.h:3715
sp : ffff80001da37120
x29: ffff80001da37120 x28: ffff0000d611a000 x27: dfff800000000000
x26: ffff0000ddf5b300 x25: ffff0000d4dfa000 x24: dfff800000000000
x23: 0000000000000000 x22: ffff0000d611a1f7 x21: ffff0000dd4d80a0
x20: ffff0000dd4d8060 x19: ffff0000d611a000 x18: 1fffe000368b5f76
x17: 0000000000000000 x16: ffff80001204b280 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001
x11: ff80800008345658 x10: 0000000000000000 x9 : c64fb1dbe2a77200
x8 : c64fb1dbe2a77200 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff80001da36a38 x4 : ffff8000156a2ac0 x3 : ffff80000834e4d4
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000032
Call trace:
 assertfail+0x28/0x2c fs/btrfs/ctree.h:3715
 btrfs_global_root_delete+0x0/0x70 fs/btrfs/disk-io.c:1105
 load_global_roots_objectid+0x3e0/0x808 fs/btrfs/disk-io.c:2481
 load_global_roots fs/btrfs/disk-io.c:2515 [inline]
 btrfs_read_roots fs/btrfs/disk-io.c:2542 [inline]
 init_tree_roots+0x7d4/0x1774 fs/btrfs/disk-io.c:2961
 open_ctree+0x14d4/0x246c fs/btrfs/disk-io.c:3668
 btrfs_fill_super+0x1b4/0x2c8 fs/btrfs/super.c:1465
 btrfs_mount_root+0x6f8/0x7f8 fs/btrfs/super.c:1831
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:610
 vfs_get_tree+0x90/0x274 fs/super.c:1553
 fc_mount fs/namespace.c:1043 [inline]
 vfs_kern_mount+0xdc/0x178 fs/namespace.c:1073
 btrfs_mount+0x328/0x9b8 fs/btrfs/super.c:1891
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:610
 vfs_get_tree+0x90/0x274 fs/super.c:1553
 do_new_mount+0x25c/0x8c4 fs/namespace.c:3040
 path_mount+0x590/0xe58 fs/namespace.c:3370
 do_mount fs/namespace.c:3383 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount fs/namespace.c:3568 [inline]
 __arm64_sys_mount+0x45c/0x594 fs/namespace.c:3568
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
Code: 911d8000 90002b22 912b8042 97fff921 (d4210000) 
---[ end trace 0000000000000000 ]---

Crashes (6):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/03 17:26 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 kernel BUG in btrfs_global_root_delete
2023/05/18 12:46 linux-6.1.y fa74641fb6b9 3bb7af1d .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 kernel BUG in btrfs_global_root_delete
2023/06/18 02:03 linux-6.1.y ca87e77a2ef8 f3921d4d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in btrfs_global_root_delete
2023/04/24 00:37 linux-6.1.y f17b0ab65d17 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in btrfs_global_root_delete
2023/04/23 13:35 linux-6.1.y f17b0ab65d17 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in btrfs_global_root_delete
2023/04/12 03:09 linux-6.1.y 543aff194ab6 49faf98d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 kernel BUG in btrfs_global_root_delete
* Struck through repros no longer work on HEAD.