Re: [syzbot] [btrfs?] WARNING in btrfs_use_block_rsv

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Nov 28, 2023 at 5:47 PM David Sterba <dsterba@xxxxxxx> wrote:
>
> On Sun, Nov 26, 2023 at 06:59:41AM +0800, Anand Jain wrote:
> >
> >
> > On 25/11/2023 10:08, syzbot wrote:
> > > syzbot has bisected this issue to:
> > >
> > > commit a5b8a5f9f8355d27a4f8d0afa93427f16d2f3c1e
> > > Author: Anand Jain <anand.jain@xxxxxxxxxx>
> > > Date:   Thu Sep 28 01:09:47 2023 +0000
> > >
> > >      btrfs: support cloned-device mount capability
> > >
> > > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=1446d344e80000
> > > start commit:   d3fa86b1a7b4 Merge tag 'net-6.7-rc3' of git://git.kernel.o..
> > > git tree:       upstream
> > > final oops:     https://syzkaller.appspot.com/x/report.txt?x=1646d344e80000
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=1246d344e80000
> > > kernel config:  https://syzkaller.appspot.com/x/.config?x=6ae1a4ee971a7305
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=10d5b62a8d7046b86d22
> > > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1431040ce80000
> > >
> > > Reported-by: syzbot+10d5b62a8d7046b86d22@xxxxxxxxxxxxxxxxxxxxxxxxx
> > > Fixes: a5b8a5f9f835 ("btrfs: support cloned-device mount capability")
> > >
> > > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> >
> >
> > It is completely strange that this issue bisects to the commit
> > a5b8a5f9f835 ('btrfs: support cloned-device mount capability').
> > I am unable to reproduce this as well.
>
> I think it's because of changed timing or it can be an inconclusive
> bisect. Things around space handling depend on timing, the test would
> need to be run a few times to be sure.
>
> The report provides an image so it may be good to analyze if it's scaled
> properly or if the reproducer does something strange.

Bisection log itself looks reasonable.

One other case to consider is that "btrfs: support cloned-device mount
capability" just helped surface the problem. Syzbot can only bisect
for the revision at which the reproducer started/stopped working and,
even though we try to minimize the reproducer (*), it may still rely
on some functionality that's not related to the actual bug. One of the
possibilities here is that the slightly changed validation rules in
btrfs_validate_super() allowed syzkaller to trigger a problem
somewhere else.

(*) We don't do it for filesystem images themselves as it does not
make very much sense -- in almost all cases by zeroing/dropping bytes
syzkaller just breaks the image and the reproducer stops working.
Without knowing the underlying fs image structure in detail it just
doesn't work as intended.

-- 
Aleksandr
>
> > -------------------
> > WARNING: CPU: 1 PID: 58 at fs/btrfs/block-rsv.c:523
> > btrfs_use_block_rsv+0x60d/0x860 fs/btrfs/block-rsv.c:523
> > <snap>
> > Call Trace:
> >   <TASK>
> >   btrfs_alloc_tree_block+0x1e0/0x12c0 fs/btrfs/extent-tree.c:5114
> >   btrfs_force_cow_block+0x3e5/0x19e0 fs/btrfs/ctree.c:563
> >   btrfs_cow_block+0x2b6/0xb30 fs/btrfs/ctree.c:741
> >   push_leaf_left+0x315/0x4d0 fs/btrfs/ctree.c:3485
> >   split_leaf+0x9c3/0x13b0 fs/btrfs/ctree.c:3681
> >   search_leaf fs/btrfs/ctree.c:1944 [inline]
> >   btrfs_search_slot+0x24ba/0x2fd0 fs/btrfs/ctree.c:2131
> >   btrfs_insert_empty_items+0xb6/0x1b0 fs/btrfs/ctree.c:4285
> >   btrfs_insert_empty_item fs/btrfs/ctree.h:657 [inline]
> >   insert_reserved_file_extent+0x7aa/0x950 fs/btrfs/inode.c:2907
> >   insert_ordered_extent_file_extent fs/btrfs/inode.c:3005 [inline]
> >   btrfs_finish_one_ordered+0x12dc/0x20d0 fs/btrfs/inode.c:3113
> >   btrfs_work_helper+0x210/0xbf0 fs/btrfs/async-thread.c:315
> >   process_one_work+0x886/0x15d0 kernel/workqueue.c:2630
> >   process_scheduled_works kernel/workqueue.c:2703 [inline]
> >   worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784
> >   kthread+0x2c6/0x3a0 kernel/kthread.c:388
> >   ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
> >   ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
> > -----------------
> >
> > btrfs_use_block_rsv()
> > <snap>
> >          /*
> >           * The global reserve still exists to save us from ourselves,
> > so don't
> >           * warn_on if we are short on our delayed refs reserve.
> >           */
> >          if (block_rsv->type != BTRFS_BLOCK_RSV_DELREFS &&
> >              btrfs_test_opt(fs_info, ENOSPC_DEBUG)) {
> >                  static DEFINE_RATELIMIT_STATE(_rs,
> >                                  DEFAULT_RATELIMIT_INTERVAL * 10,
> >                                  /*DEFAULT_RATELIMIT_BURST*/ 1);
> >                  if (__ratelimit(&_rs))
> >                          WARN(1, KERN_DEBUG
> >                                  "BTRFS: block rsv %d returned %d\n",
> >                                  block_rsv->type, ret);
> >          }
> > ----------
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@xxxxxxxxxxxxxxxx.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/20231128164010.GM18929%40twin.jikos.cz.





[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux