ci2 starts bisection 2023-06-06 03:57:49.533362219 +0000 UTC m=+371293.180269883 bisecting fixing commit since 04a357b1f6f0b6f7c8689361fa8802e8e35d02ad building syzkaller on f8902b5747fbe3d5b860bd782eec63fc9c7da6e7 ensuring issue is reproducible on original commit 04a357b1f6f0b6f7c8689361fa8802e8e35d02ad testing commit 04a357b1f6f0b6f7c8689361fa8802e8e35d02ad gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4ec2262223794af850dc0472a4a7e4a3099856dec1640f4812b5d233a799394b all runs: crashed: kernel BUG in btrfs_ioctl_add_dev testing current HEAD f8dba31b0a826e691949cd4fdfa5c30defaac8c5 testing commit f8dba31b0a826e691949cd4fdfa5c30defaac8c5 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ebd5c7482889143bd89ca410b401b68c9dc1735580828afb09a5f7261bfeab01 all runs: OK # git bisect start f8dba31b0a826e691949cd4fdfa5c30defaac8c5 04a357b1f6f0b6f7c8689361fa8802e8e35d02ad Bisecting: 9539 revisions left to test after this (roughly 13 steps) [b68ee1c6131c540a62ecd443be89c406401df091] Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi testing commit b68ee1c6131c540a62ecd443be89c406401df091 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 371fb3993057f1f36cc34bbf6fb31ad98fc094056ef97bc81efa35ab4cc53910 all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good b68ee1c6131c540a62ecd443be89c406401df091 Bisecting: 4610 revisions left to test after this (roughly 12 steps) [7fa8a8ee9400fe8ec188426e40e481717bc5e924] Merge tag 'mm-stable-2023-04-27-15-30' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm testing commit 7fa8a8ee9400fe8ec188426e40e481717bc5e924 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 677c5851121ec05c77d0424c2fafa8bcba9d91e4284b6d5e562cfbee1b8dd4e6 all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good 7fa8a8ee9400fe8ec188426e40e481717bc5e924 Bisecting: 2302 revisions left to test after this (roughly 11 steps) [54bdf8a39931cf8fe2c74432e715353d9a1c1107] Merge tag 'phy-for-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy testing commit 54bdf8a39931cf8fe2c74432e715353d9a1c1107 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 081dfd1a8797133e8d09d583d8d24a814ac5e1e533bc6a299044eca8259bce8e all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good 54bdf8a39931cf8fe2c74432e715353d9a1c1107 Bisecting: 1148 revisions left to test after this (roughly 10 steps) [adfbf653a3ba6bb8bbb84ed90bf4f1533db545d3] Merge tag 'fbdev-for-6.4-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev testing commit adfbf653a3ba6bb8bbb84ed90bf4f1533db545d3 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 96f726701db3d1d2908a04afc348cb3f4a90e2b129d8d1c43fbd06ba83cbb353 all runs: OK # git bisect bad adfbf653a3ba6bb8bbb84ed90bf4f1533db545d3 Bisecting: 577 revisions left to test after this (roughly 9 steps) [706ce3caea1cc1dab8c7fd6e7d1389b46ad1570e] Merge tag 'mm-hotfixes-stable-2023-05-06-10-45' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm testing commit 706ce3caea1cc1dab8c7fd6e7d1389b46ad1570e gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d129f7b7c0216fc570bec7eb4f06f235891aa2c85ce1bdaf5cdc87f59401f718 all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good 706ce3caea1cc1dab8c7fd6e7d1389b46ad1570e Bisecting: 288 revisions left to test after this (roughly 8 steps) [1f94479edb4decdcec3e902528abb47f0ccd5d16] libperf: Make perf_cpu_map__alloc() available as an internal function for tools/perf to use testing commit 1f94479edb4decdcec3e902528abb47f0ccd5d16 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3e532680d4879dc8552783b8f0ebfeb667fa8bf476de0ab6885037a490adccc2 all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good 1f94479edb4decdcec3e902528abb47f0ccd5d16 Bisecting: 144 revisions left to test after this (roughly 7 steps) [2fce6899b110f117edb6c27c7ad18a29e7c622db] fbdev: valkyriefb: Remove trailing whitespaces testing commit 2fce6899b110f117edb6c27c7ad18a29e7c622db gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7805d35ed4c77aa9e0dc56428f64929a3bf25fc6922f2f62cc18dcc732739fa6 all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good 2fce6899b110f117edb6c27c7ad18a29e7c622db Bisecting: 73 revisions left to test after this (roughly 6 steps) [105131df9c3b27673392a6b7ff356360188dc869] Merge tag 'dt-fixes-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-dt testing commit 105131df9c3b27673392a6b7ff356360188dc869 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 58c09dc58562a08c0a15fc9fb04097bd7cd1a6466c2dd055642a11c876a321c9 all runs: OK # git bisect bad 105131df9c3b27673392a6b7ff356360188dc869 Bisecting: 36 revisions left to test after this (roughly 5 steps) [cceac9267887753f3c9594f1f7b92237cb0f64fb] Merge tag 'nf-23-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf testing commit cceac9267887753f3c9594f1f7b92237cb0f64fb gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a3deef0c1c56f91929799a311a08354549b61558f68704ca2b31cdb686e89bfb all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good cceac9267887753f3c9594f1f7b92237cb0f64fb Bisecting: 15 revisions left to test after this (roughly 4 steps) [ad2fd53a7870a395b8564697bef6c329d017c6c9] Merge tag 'platform-drivers-x86-v6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 testing commit ad2fd53a7870a395b8564697bef6c329d017c6c9 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c95ea2d170af740717373dcfc6d4df5c384097e6f1ee54b63fad1d094dcab7a8 all runs: OK # git bisect bad ad2fd53a7870a395b8564697bef6c329d017c6c9 Bisecting: 9 revisions left to test after this (roughly 3 steps) [1dc3731daf1f350cfd631b5559aac865ab2fbb4c] Merge tag 'for-6.4-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux testing commit 1dc3731daf1f350cfd631b5559aac865ab2fbb4c gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a0e36a98bcd3a0e4fe01254d097672a410004c1172bc9cddbf7a64beae851152 all runs: OK # git bisect bad 1dc3731daf1f350cfd631b5559aac865ab2fbb4c Bisecting: 5 revisions left to test after this (roughly 3 steps) [a2cea677db6099d71c9f70de7f907d3d7e6bec3b] btrfs: print extent buffers when sibling keys check fails testing commit a2cea677db6099d71c9f70de7f907d3d7e6bec3b gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8e9794eb598cf090c8782345bd35af317e750a59a3bd030fac8352e2a1652e84 all runs: OK # git bisect bad a2cea677db6099d71c9f70de7f907d3d7e6bec3b Bisecting: 2 revisions left to test after this (roughly 1 step) [ac868bc9d136cde6e3eb5de77019a63d57a540ff] btrfs: fix assertion of exclop condition when starting balance testing commit ac868bc9d136cde6e3eb5de77019a63d57a540ff gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 371be6f3c33f6e3ae9fb5d7e9b0e4ae5236eac3a8839a93473df6872a9155d44 all runs: OK # git bisect bad ac868bc9d136cde6e3eb5de77019a63d57a540ff Bisecting: 0 revisions left to test after this (roughly 0 steps) [6f932d4ef007d6a4ae03badcb749fbb8f49196f6] btrfs: fix btrfs_prev_leaf() to not return the same key twice testing commit 6f932d4ef007d6a4ae03badcb749fbb8f49196f6 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0f1a2e2ae877257e1d4ced92d85c85538980803db2654b443f3ce60816ca4c91 all runs: crashed: kernel BUG in btrfs_ioctl_add_dev # git bisect good 6f932d4ef007d6a4ae03badcb749fbb8f49196f6 ac868bc9d136cde6e3eb5de77019a63d57a540ff is the first bad commit commit ac868bc9d136cde6e3eb5de77019a63d57a540ff Author: xiaoshoukui Date: Thu Apr 13 05:55:07 2023 -0400 btrfs: fix assertion of exclop condition when starting balance Balance as exclusive state is compatible with paused balance and device add, which makes some things more complicated. The assertion of valid states when starting from paused balance needs to take into account two more states, the combinations can be hit when there are several threads racing to start balance and device add. This won't typically happen when the commands are started from command line. Scenario 1: With exclusive_operation state == BTRFS_EXCLOP_NONE. Concurrently adding multiple devices to the same mount point and btrfs_exclop_finish executed finishes before assertion in btrfs_exclop_balance, exclusive_operation will changed to BTRFS_EXCLOP_NONE state which lead to assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE || fs_info->exclusive_operation == BTRFS_EXCLOP_DEV_ADD, in fs/btrfs/ioctl.c:456 Call Trace: btrfs_exclop_balance+0x13c/0x310 ? memdup_user+0xab/0xc0 ? PTR_ERR+0x17/0x20 btrfs_ioctl_add_dev+0x2ee/0x320 btrfs_ioctl+0x9d5/0x10d0 ? btrfs_ioctl_encoded_write+0xb80/0xb80 __x64_sys_ioctl+0x197/0x210 do_syscall_64+0x3c/0xb0 entry_SYSCALL_64_after_hwframe+0x63/0xcd Scenario 2: With exclusive_operation state == BTRFS_EXCLOP_BALANCE_PAUSED. Concurrently adding multiple devices to the same mount point and btrfs_exclop_balance executed finish before the latter thread execute assertion in btrfs_exclop_balance, exclusive_operation will changed to BTRFS_EXCLOP_BALANCE_PAUSED state which lead to assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE || fs_info->exclusive_operation == BTRFS_EXCLOP_DEV_ADD || fs_info->exclusive_operation == BTRFS_EXCLOP_NONE, fs/btrfs/ioctl.c:458 Call Trace: btrfs_exclop_balance+0x240/0x410 ? memdup_user+0xab/0xc0 ? PTR_ERR+0x17/0x20 btrfs_ioctl_add_dev+0x2ee/0x320 btrfs_ioctl+0x9d5/0x10d0 ? btrfs_ioctl_encoded_write+0xb80/0xb80 __x64_sys_ioctl+0x197/0x210 do_syscall_64+0x3c/0xb0 entry_SYSCALL_64_after_hwframe+0x63/0xcd An example of the failed assertion is below, which shows that the paused balance is also needed to be checked. root@syzkaller:/home/xsk# ./repro Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 [ 416.611428][ T7970] BTRFS info (device loop0): fs_info exclusive_operation: 0 Failed to add device /dev/vda, errno 14 [ 416.613973][ T7971] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.615456][ T7972] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.617528][ T7973] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.618359][ T7974] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.622589][ T7975] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.624034][ T7976] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.626420][ T7977] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.627643][ T7978] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.629006][ T7979] BTRFS info (device loop0): fs_info exclusive_operation: 3 [ 416.630298][ T7980] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 Failed to add device /dev/vda, errno 14 [ 416.632787][ T7981] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.634282][ T7982] BTRFS info (device loop0): fs_info exclusive_operation: 3 Failed to add device /dev/vda, errno 14 [ 416.636202][ T7983] BTRFS info (device loop0): fs_info exclusive_operation: 3 [ 416.637012][ T7984] BTRFS info (device loop0): fs_info exclusive_operation: 1 Failed to add device /dev/vda, errno 14 [ 416.637759][ T7984] assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE || fs_info->exclusive_operation == BTRFS_EXCLOP_DEV_ADD || fs_info->exclusive_operation == BTRFS_EXCLOP_NONE, in fs/btrfs/ioctl.c:458 [ 416.639845][ T7984] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 416.640485][ T7984] CPU: 0 PID: 7984 Comm: repro Not tainted 6.2.0 #7 [ 416.641172][ T7984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 [ 416.642090][ T7984] RIP: 0010:btrfs_assertfail+0x2c/0x2e [ 416.644423][ T7984] RSP: 0018:ffffc90003ea7e28 EFLAGS: 00010282 [ 416.645018][ T7984] RAX: 00000000000000cc RBX: 0000000000000000 RCX: 0000000000000000 [ 416.645763][ T7984] RDX: ffff88801d030000 RSI: ffffffff81637e7c RDI: fffff520007d4fb7 [ 416.646554][ T7984] RBP: ffffffff8a533de0 R08: 00000000000000cc R09: 0000000000000000 [ 416.647299][ T7984] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8a533da0 [ 416.648041][ T7984] R13: 00000000000001ca R14: 000000005000940a R15: 0000000000000000 [ 416.648785][ T7984] FS: 00007fa2985d4640(0000) GS:ffff88802cc00000(0000) knlGS:0000000000000000 [ 416.649616][ T7984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 416.650238][ T7984] CR2: 0000000000000000 CR3: 0000000018e5e000 CR4: 0000000000750ef0 [ 416.650980][ T7984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 416.651725][ T7984] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 416.652502][ T7984] PKRU: 55555554 [ 416.652888][ T7984] Call Trace: [ 416.653241][ T7984] [ 416.653527][ T7984] btrfs_exclop_balance+0x240/0x410 [ 416.654036][ T7984] ? memdup_user+0xab/0xc0 [ 416.654465][ T7984] ? PTR_ERR+0x17/0x20 [ 416.654874][ T7984] btrfs_ioctl_add_dev+0x2ee/0x320 [ 416.655380][ T7984] btrfs_ioctl+0x9d5/0x10d0 [ 416.655822][ T7984] ? btrfs_ioctl_encoded_write+0xb80/0xb80 [ 416.656400][ T7984] __x64_sys_ioctl+0x197/0x210 [ 416.656874][ T7984] do_syscall_64+0x3c/0xb0 [ 416.657346][ T7984] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 416.657922][ T7984] RIP: 0033:0x4546af [ 416.660170][ T7984] RSP: 002b:00007fa2985d4150 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 416.660972][ T7984] RAX: ffffffffffffffda RBX: 00007fa2985d4640 RCX: 00000000004546af [ 416.661714][ T7984] RDX: 0000000000000000 RSI: 000000005000940a RDI: 0000000000000003 [ 416.662449][ T7984] RBP: 00007fa2985d41d0 R08: 0000000000000000 R09: 00007ffee37a4c4f [ 416.663195][ T7984] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa2985d4640 [ 416.663951][ T7984] R13: 0000000000000009 R14: 000000000041b320 R15: 00007fa297dd4000 [ 416.664703][ T7984] [ 416.665040][ T7984] Modules linked in: [ 416.665590][ T7984] ---[ end trace 0000000000000000 ]--- [ 416.666176][ T7984] RIP: 0010:btrfs_assertfail+0x2c/0x2e [ 416.668775][ T7984] RSP: 0018:ffffc90003ea7e28 EFLAGS: 00010282 [ 416.669425][ T7984] RAX: 00000000000000cc RBX: 0000000000000000 RCX: 0000000000000000 [ 416.670235][ T7984] RDX: ffff88801d030000 RSI: ffffffff81637e7c RDI: fffff520007d4fb7 [ 416.671050][ T7984] RBP: ffffffff8a533de0 R08: 00000000000000cc R09: 0000000000000000 [ 416.671867][ T7984] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8a533da0 [ 416.672685][ T7984] R13: 00000000000001ca R14: 000000005000940a R15: 0000000000000000 [ 416.673501][ T7984] FS: 00007fa2985d4640(0000) GS:ffff88802cc00000(0000) knlGS:0000000000000000 [ 416.674425][ T7984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 416.675114][ T7984] CR2: 0000000000000000 CR3: 0000000018e5e000 CR4: 0000000000750ef0 [ 416.675933][ T7984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 416.676760][ T7984] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Link: https://lore.kernel.org/linux-btrfs/20230324031611.98986-1-xiaoshoukui@gmail.com/ CC: stable@vger.kernel.org # 6.1+ Signed-off-by: xiaoshoukui Reviewed-by: David Sterba Signed-off-by: David Sterba fs/btrfs/ioctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) culprit signature: 371be6f3c33f6e3ae9fb5d7e9b0e4ae5236eac3a8839a93473df6872a9155d44 parent signature: 0f1a2e2ae877257e1d4ced92d85c85538980803db2654b443f3ce60816ca4c91 revisions tested: 16, total time: 5h56m34.627983886s (build: 4h5m31.363331443s, test: 1h48m52.464201719s) first good commit: ac868bc9d136cde6e3eb5de77019a63d57a540ff btrfs: fix assertion of exclop condition when starting balance recipients (to): ["dsterba@suse.com" "xiaoshoukui@gmail.com" "xiaoshoukui@ruijie.com.cn"] recipients (cc): []