Launchpad has imported 7 comments from the remote bug at

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at

On 2015-07-25T23:17:23+00:00 fraph24 wrote:

Created attachment 183641
kernel oops log

How to reproduce:
$ mkdir {lower,upper,work,overlay}
$ uname > lower/uname
# mount overlay -t overlay -o lowerdir=lower,upperdir=upper,workdir=work overlay
$ # edit overlay/uname

Kernel oops, screen freezes.

Reply at:

On 2015-09-17T15:22:21+00:00 rauter.gabriel wrote:

I have the same problem although i am using overlay while being in a docker 
container. Host fs is btrfs on arch linux kernel 4.2.0, guest docker image 
kernel oops log can be found here

Reply at:

On 2016-02-10T16:51:25+00:00 colin.king wrote:

I've debugged this a bit, the failure occurs on an atomic_inc on root,
when root is NULL, cf:


Reply at:

On 2016-02-16T11:01:18+00:00 colin.king wrote:

bisected: 4bacc9c9234c7c8eec44f5ed4e960d9f96fa0f01 is the first bad

commit 4bacc9c9234c7c8eec44f5ed4e960d9f96fa0f01
Author: David Howells <>
Date: Thu Jun 18 14:32:31 2015 +0100

    overlayfs: Make f_path always point to the overlay and f_inode to
the underlay

Reply at:

On 2016-02-16T15:24:24+00:00 colin.king wrote:

The following stops the issue. I'm not sure if it is the correct fix

diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c
index 098bb8f..5e5df8b 100644
--- a/fs/btrfs/file.c
+++ b/fs/btrfs/file.c
@@ -1884,7 +1884,7 @@ static int start_ordered_ops(struct inode *inode, loff_t 
start, loff_t end)
 int btrfs_sync_file(struct file *file, loff_t start, loff_t end, int datasync)
        struct dentry *dentry = file->f_path.dentry;
-       struct inode *inode = d_inode(dentry);
+       struct inode *inode = file_inode(file);
        struct btrfs_root *root = BTRFS_I(inode)->root;
        struct btrfs_trans_handle *trans;
        struct btrfs_log_ctx ctx;

Reply at:

On 2016-02-16T15:41:10+00:00 colin.king wrote:

Commit 4bacc9c9234c7c8eec44f5ed4e960d9f96fa0f01 ("overlayfs: Make f_path
always point to the overlay and f_inode to the underlay") resulted in an
issue when using a combination of btrfs and overlayfs.  This is
noticeable when doing a fsync() on a file in a chroot with overlayfs on
top of btrfs; we hit a kernel oops in btrfs_sync_file() on
atomic_inc(&root->log_batch) because root is NULL.

I've debugged this further and found that in btrfs_sync_file():

        struct inode *inode = d_inode(dentry);

does not return the inode I expected when using the stacked overlay fs,
where as:

        struct inode *inode = file_inode(file);


However, I'm not well at all well versed in btrfs, so I am not confident
this is a actually correct.  Any comments?

Reply at:

On 2019-05-21T12:33:42+00:00 dsterba wrote:

Fixed by de17e793b104d690e1d "btrfs: fix crash/invalid memory access on
fsync when using overlayfs", in 4.6.

Reply at:

** Changed in: linux
       Status: Unknown => Fix Released

** Changed in: linux
   Importance: Unknown => Medium

You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.

  Kernel Panic wrt btrfs while sbuild/schroot

Status in Linux:
  Fix Released
Status in linux package in Ubuntu:
  Won't Fix

Bug description:
  I'm running ubuntu Wily amd64 on a MSI Ghost Pro laptop.

  I'm running btrfs on top of a bcached dmraid setup(intel software

  I can't use sbuild, cause it crashes.

  I tried to use  a schroot env, and when updating it I got it to crash

  All the keyboard/mouse/X11 are stalled, but I could ssh to it.
  Trying to restart lightdm service didn't help.

  I've got a kernel trace in the dmesg:

  [76610.550953] BUG: unable to handle kernel NULL pointer dereference at 
  [76610.550983] IP: [<ffffffffc032fe6c>] btrfs_sync_file+0xcc/0x360 [btrfs]
  [76610.551025] PGD 160aaf067 PUD 161531067 PMD 0 
  [76610.551039] Oops: 0002 [#1] SMP 
  [76610.551050] Modules linked in: dm_crypt algif_skcipher af_alg drbg 
ansi_cprng ctr ccm rfcomm ipt_REJECT nf_reject_ipv4 nvram msr xt_multiport 
ebtable_filter ebtables ip6table_filter ip6_tables overlay bnep uvcvideo btusb 
videobuf2_vmalloc videobuf2_memops btrtl btbcm videobuf2_core btintel 
v4l2_common bluetooth videodev media xt_addrtype xt_conntrack xt_CHECKSUM 
iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat 
nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp 
bridge aufs stp llc iptable_filter ip_tables x_tables binfmt_misc arc4 
nls_iso8859_1 msi_wmi sparse_keymap intel_rapl iosf_mbi x86_pkg_temp_thermal 
snd_hda_codec_hdmi intel_powerclamp coretemp crct10dif_pclmul 
snd_hda_codec_realtek snd_hda_codec_generic crc32_pclmul aesni_intel aes_x86_64 
lrw gf128mul
  [76610.551253]  snd_hda_intel iwlmvm glue_helper snd_hda_codec ablk_helper 
mac80211 cryptd snd_hda_core snd_hwdep snd_pcm snd_seq_midi joydev input_leds 
snd_seq_midi_event snd_rawmidi serio_raw iwlwifi lpc_ich mei_me snd_seq mei 
cfg80211 snd_seq_device snd_timer snd ie31200_edac edac_core soundcore shpchp 
mac_hid kvm_intel kvm parport_pc ppdev lp parport autofs4 btrfs xor raid6_pq 
dm_mirror dm_region_hash dm_log uas usb_storage bcache hid_generic usbhid hid 
i915 i2c_algo_bit drm_kms_helper psmouse ahci drm alx libahci mdio wmi video
  [76610.551395] CPU: 1 PID: 32090 Comm: dpkg Not tainted 4.2.0-23-generic 
  [76610.551414] Hardware name: Micro-Star International Co., Ltd. GS60 2PE 
Ghost Pro/MS-16H2, BIOS E16H2IMS.112 05/05/2015
  [76610.551438] task: ffff8803cf422940 ti: ffff8801a0be4000 task.ti: 
  [76610.551455] RIP: 0010:[<ffffffffc032fe6c>]  [<ffffffffc032fe6c>] 
btrfs_sync_file+0xcc/0x360 [btrfs]
  [76610.551485] RSP: 0018:ffff8801a0be7e28  EFLAGS: 00010292
  [76610.551497] RAX: ffff8803cf422940 RBX: ffff880273bff100 RCX: 
  [76610.551513] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 
  [76610.551530] RBP: ffff8801a0be7eb8 R08: 0000000000000001 R09: 
  [76610.551546] R10: 00000000000001f6 R11: 0000000000000246 R12: 
  [76610.551563] R13: ffff88040a2fb0d0 R14: 0000000000000000 R15: 
  [76610.551580] FS:  00007f3c27bca800(0000) GS:ffff88041fa40000(0000) 
  [76610.551598] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  [76610.551611] CR2: 0000000000000334 CR3: 000000016159a000 CR4: 
  [76610.551628] Stack:
  [76610.551633]  800000033fffa865 000000000000000b 8000000000000000 
  [76610.551652]  7fffffffffffffff 0000000000000000 ffff8801a0be7ea8 
  [76610.551671]  0000800173bff000 0000000010b6e564 0000000000000000 
  [76610.551691] Call Trace:
  [76610.551703]  [<ffffffff8122fe9b>] vfs_fsync_range+0x4b/0xb0
  [76610.551718]  [<ffffffff8122ff5d>] do_fsync+0x3d/0x70
  [76610.551732]  [<ffffffff81230200>] SyS_fsync+0x10/0x20
  [76610.551751]  [<ffffffff817f02b2>] entry_SYSCALL_64_fastpath+0x16/0x75
  [76610.551766] Code: 8b 0e 48 85 c9 75 e8 eb 9e 48 8b 45 90 4c 8b 75 98 4d 8d 
a5 a8 00 00 00 4c 89 e7 4c 29 f0 48 83 c0 01 48 89 45 80 e8 f4 e2 4b c1 <f0> 41 
ff 87 34 03 00 00 49 8b 85 70 ff ff ff 48 c1 e8 07 83 e0 
  [76610.551845] RIP  [<ffffffffc032fe6c>] btrfs_sync_file+0xcc/0x360 [btrfs]
  [76610.551871]  RSP <ffff8801a0be7e28>
  [76610.551881] CR2: 0000000000000334
  [76610.558028] ---[ end trace 33509d397c46cd18 ]---

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: linux-image-4.2.0-23-generic 4.2.0-23.28
  ProcVersionSignature: Ubuntu 4.2.0-23.28-generic 4.2.6
  Uname: Linux 4.2.0-23-generic x86_64
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  Date: Fri Jan  8 11:02:06 2016
  HibernationDevice: RESUME=UUID=1699e24b-be2c-494d-90ff-0f313a5eed84
  InstallationDate: Installed on 2015-11-24 (44 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20151016)
  MachineType: Micro-Star International Co., Ltd. GS60 2PE Ghost Pro
   PATH=(custom, no user)
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.2.0-23-generic.efi.signed 
root=UUID=e8f9dc8a-aa49-481d-8fcc-be8cff0f61b1 ro rootflags=subvol=@ 
blacklist=nouveau quiet splash vt.handoff=7
   linux-restricted-modules-4.2.0-23-generic N/A
   linux-backports-modules-4.2.0-23-generic  N/A
   linux-firmware                            1.149.3
  SourcePackage: linux
  UdevLog: Error: [Errno 2] Aucun fichier ou dossier de ce type: '/var/log/udev'
  UpgradeStatus: No upgrade log present (probably fresh install) 05/05/2015
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: E16H2IMS.112
  dmi.board.asset.tag: To be filled by O.E.M. MS-16H2
  dmi.board.vendor: Micro-Star International Co., Ltd.
  dmi.board.version: REV:0.B
  dmi.chassis.asset.tag: To Be Filled By O.E.M.
  dmi.chassis.type: 10
  dmi.chassis.vendor: To Be Filled By O.E.M.
  dmi.chassis.version: To Be Filled By O.E.M.
dmi:bvnAmericanMegatrendsInc.:bvrE16H2IMS.112:bd05/05/2015:svnMicro-StarInternationalCo.,Ltd.:pnGS602PEGhostPro:pvrREV1.0:rvnMicro-StarInternationalCo.,Ltd.:rnMS-16H2:rvrREV0.B:cvnToBeFilledByO.E.M.:ct10:cvrToBeFilledByO.E.M.: GS60 2PE Ghost Pro
  dmi.product.version: REV:1.0
  dmi.sys.vendor: Micro-Star International Co., Ltd.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to