Hello, syzbot found the following issue on:
HEAD commit: 5f5673607153 Merge branch 'for-next/core' into for-kernelci git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci console output: https://syzkaller.appspot.com/x/log.txt?x=11ef8507980000 kernel config: https://syzkaller.appspot.com/x/.config?x=dedbcb1ff4387972 dashboard link: https://syzkaller.appspot.com/bug?extid=e4b5080f1e963225063e compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 userspace arch: arm64 Unfortunately, I don't have any reproducer for this issue yet. Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/40172aed5414/disk-5f567360.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/58372f305e9d/vmlinux-5f567360.xz kernel image: https://storage.googleapis.com/syzbot-assets/d2aae6fa798f/Image-5f567360.gz.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: [email protected] ------------[ cut here ]------------ kernel BUG at fs/bcachefs/btree_write_buffer.c:801! Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP Modules linked in: CPU: 1 UID: 0 PID: 6419 Comm: syz-executor Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : bch2_fs_btree_write_buffer_exit+0x1dc/0x1e0 fs/bcachefs/btree_write_buffer.c:800 lr : bch2_fs_btree_write_buffer_exit+0x1dc/0x1e0 fs/bcachefs/btree_write_buffer.c:800 sp : ffff8000a3217a80 x29: ffff8000a3217a80 x28: 1fffe0001e5b0010 x27: 1fffe0001e5b000d x26: dfff800000000000 x25: ffff0000f2d80000 x24: dfff800000000000 x23: ffff0000f2dcb174 x22: 00000000000fffff x21: 00000000000ffffe x20: ffff0000f2d80000 x19: ffff0000f2d845a0 x18: 1fffe000366d79ee x17: ffff80008f56d000 x16: ffff80008b274880 x15: 0000000000000001 x14: 1fffe0001e5b962e x13: 0000000000000000 x12: 0000000000000000 x11: ffff60001e5b962f x10: 0000000000ff0100 x9 : 0000000000000000 x8 : ffff0000ea698000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : 0000000000000000 x3 : ffff800082a3a0cc x2 : 0000000000000000 x1 : 00000000000ffffe x0 : 00000000000fffff Call trace: bch2_fs_btree_write_buffer_exit+0x1dc/0x1e0 fs/bcachefs/btree_write_buffer.c:800 __bch2_fs_free fs/bcachefs/super.c:564 [inline] bch2_fs_release+0x2d4/0x720 fs/bcachefs/super.c:608 kobject_cleanup lib/kobject.c:689 [inline] kobject_release lib/kobject.c:720 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0x2a8/0x41c lib/kobject.c:737 bch2_fs_free+0x2c4/0x334 fs/bcachefs/super.c:672 bch2_kill_sb+0x48/0x58 fs/bcachefs/fs.c:2055 deactivate_locked_super+0xc4/0x12c fs/super.c:473 deactivate_super+0xe0/0x100 fs/super.c:506 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1373 __cleanup_mnt+0x20/0x30 fs/namespace.c:1380 task_work_run+0x230/0x2e0 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x178/0x1f4 arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0xac/0x168 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Code: d65f03c0 9774c432 17ffffc0 9774c430 (d4210000) ---[ end trace 0000000000000000 ]--- --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at [email protected]. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup
