ctree.c:3233!

Mauricio Faria de Oliveira Fri, 30 Oct 2020 07:46:33 -0700

Public bug reported:

[Impact]


 * Users of btrfs started hitting a kernel BUG() (below)
   after upgrade from 4.15.0-99.100 to 4.15.0-109.110,
   which has 55 btrfs changes.

     kernel BUG at /build/linux-eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233!
     ...
     Krnl PSW : 00000000be9cb874 00000000ef3786e8 
(btrfs_set_item_key_safe+0x152/0x1c0 [btrfs])
     ...
     [...] Call Trace:
     [...] btrfs_set_item_key_safe+0x11c/0x1c0 [btrfs])
     [...] __btrfs_drop_extents+0xb5a/0xda8 [btrfs]
     [...] btrfs_log_changed_extents+0x35c/0xaf0 [btrfs]
     [...] btrfs_log_inode+0x9ee/0x1080 [btrfs]
     [...] btrfs_log_inode_parent+0x224/0xa10 [btrfs]
     [...] btrfs_log_dentry_safe+0x80/0xa8 [btrfs]
     [...] btrfs_sync_file+0x392/0x550 [btrfs]
     [...] do_fsync+0x5e/0x90
     [...] SyS_fdatasync+0x32/0x48
     [...] system_call+0xd8/0x2c8

     $ git log --oneline Ubuntu-4.15.0-99.100..Ubuntu-4.15.0-109.110 -- 
fs/btrfs/ | wc -l
     55

 * The error happens at random moments, regardless of a
   particular activity/load. Workaround is to downgrade.

[Fix]

 * This BUG()/function is addressed in patch 4/4 [1] of series
   'btrfs: Enhanced runtime defence against fuzzed images' [2],
   after issues in the real world, not just crafted fs images:
   'one internal report has hit one BUG_ON() with real world fs'
 
     kernel BUG at fs/btrfs/ctree.c:3188!
     ...
     RIP: 0010:btrfs_set_item_key_safe+0x16c/0x180
 
 * The patch/set [3] is applied in v5.10-rc1 and Ubuntu Unstable:
   - d16c702fe4f2 btrfs: ctree: check key order before merging tree blocks
   - 07cce5cf3b48 btrfs: extent-tree: kill the BUG_ON() in 
insert_inline_extent_backref()
   - 1c2a07f598d5 btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
   - f98b6215d7d1 btrfs: extent_io: do extra check for extent buffer read write 
functions
 
[Test Case]

 * There is working synthetic reproducer for this issue,
   which is hard to reproduce as reported in commit [4]
   that introduces debugging for the issue.
   
 * Regression tests with xfstests and stress-ng shows
   no regressions between un/patched kernels.

[Other Info]

 * Trivial backports (only refreshing a few context lines)
   with 3 more dependency patches on Bionic and 1 on Focal.
   And Bionic needed one extra hunk to '#include' a header.
   Groovy all apply cleanly.

[1] https://lore.kernel.org/linux-btrfs/20200819063550.62832-5-...@suse.com/
[2] https://lore.kernel.org/linux-btrfs/20200819063550.62832-1-...@suse.com/
[3] 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d16c702fe4f274bd77b47d3ab737eadcf24e0b93
[4] 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c15d41016dc886cc011e3854d855e219759ae68

** Affects: linux (Ubuntu)
     Importance: Medium
     Assignee: Mauricio Faria de Oliveira (mfo)
         Status: Fix Committed

** Affects: linux (Ubuntu Bionic)
     Importance: High
     Assignee: Mauricio Faria de Oliveira (mfo)
         Status: In Progress

** Affects: linux (Ubuntu Focal)
     Importance: Medium
     Assignee: Mauricio Faria de Oliveira (mfo)
         Status: In Progress

** Affects: linux (Ubuntu Groovy)
     Importance: Medium
     Assignee: Mauricio Faria de Oliveira (mfo)
         Status: In Progress


** Tags: sts

** Also affects: linux (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Groovy)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu)
       Status: New => Fix Committed

** Changed in: linux (Ubuntu)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu)
     Assignee: (unassigned) => Mauricio Faria de Oliveira (mfo)

** Changed in: linux (Ubuntu Bionic)
       Status: New => In Progress

** Changed in: linux (Ubuntu Bionic)
   Importance: Undecided => High

** Changed in: linux (Ubuntu Bionic)
     Assignee: (unassigned) => Mauricio Faria de Oliveira (mfo)

** Changed in: linux (Ubuntu Focal)
       Status: New => In Progress

** Changed in: linux (Ubuntu Focal)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Focal)
     Assignee: (unassigned) => Mauricio Faria de Oliveira (mfo)

** Changed in: linux (Ubuntu Groovy)
       Status: New => In Progress

** Changed in: linux (Ubuntu Groovy)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Groovy)
     Assignee: (unassigned) => Mauricio Faria de Oliveira (mfo)

** Tags added: sts

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1902254

Title:
  Bionic: btrfs: kernel BUG at /build/linux-
  eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1902254/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1902254] [NEW] Bionic: btrfs: kernel BUG at /build/linux-eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233!

Reply via email to