[syzbot] [bcachefs?] WARNING in bch2_recovery_pass_want_ratelimit
12 views
Skip to first unread message
syzbot
Sep 4, 2025, 7:24:26 AMSep 4
to kent.ov...@linux.dev, linux-b...@vger.kernel.org, linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: c8bc81a52d5a Merge tag 'arm64-fixes' of git://git.kernel.o..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16a9ce34580000
kernel config: https://syzkaller.appspot.com/x/.config?x=385d836f07b5a70d
dashboard link: https://syzkaller.appspot.com/bug?extid=3bf8b0169d7fcc0ebcd5
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/d900f083ada3/non_bootable_disk-c8bc81a5.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9c0190a39aee/vmlinux-c8bc81a5.xz
kernel image: https://storage.googleapis.com/syzbot-assets/fc2b728f9900/bzImage-c8bc81a5.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3bf8b0...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5373 at fs/bcachefs/recovery_passes.c:174 bch2_recovery_pass_want_ratelimit+0x1d8/0x290 fs/bcachefs/recovery_passes.c:174
Modules linked in:
CPU: 0 UID: 0 PID: 5373 Comm: bch-copygc/loop Not tainted syzkaller #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:bch2_recovery_pass_want_ratelimit+0x1d8/0x290 fs/bcachefs/recovery_passes.c:174
Code: fd 40 20 eb eb 0e e8 17 04 6b fd eb 05 e8 10 04 6b fd 31 db 89 d8 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f9 03 6b fd 90 <0f> 0b 90 e9 d1 fe ff ff e8 eb 03 6b fd 48 c7 c7 80 c1 79 8e 48 89
RSP: 0018:ffffc9000d326cb0 EFLAGS: 00010293
RAX: ffffffff8454b747 RBX: 000000000000000e RCX: ffff888033b9a440
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffff888055f8eb5c R09: 0000000000000003
R10: ffff888055f8eb5b R11: ffffed100abf1d6c R12: dffffc0000000000
R13: dffffc0000000000 R14: ffff888052e00000 R15: 1ffff92001a64da5
FS: 0000000000000000(0000) GS:ffff88808d20d000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000002140 CR3: 00000000334f3000 CR4: 0000000000352ef0
Call Trace:
<TASK>
recovery_pass_needs_set+0x9a/0x510 fs/bcachefs/recovery_passes.c:302
bch2_run_explicit_recovery_pass+0x3f/0xd0 fs/bcachefs/recovery_passes.c:416
bch2_check_bucket_backpointer_mismatch+0x634/0x690 fs/bcachefs/backpointers.c:1220
__bch2_move_data_phys+0x17a7/0x1c50 fs/bcachefs/move.c:922
bch2_evacuate_bucket+0x228/0x3a0 fs/bcachefs/move.c:1082
bch2_copygc+0x3be3/0x4510 fs/bcachefs/movinggc.c:234
bch2_copygc_thread+0x97a/0xe00 fs/bcachefs/movinggc.c:409
kthread+0x70e/0x8a0 kernel/kthread.c:463
ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: c8bc81a52d5a Merge tag 'arm64-fixes' of git://git.kernel.o..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16a9ce34580000
kernel config: https://syzkaller.appspot.com/x/.config?x=385d836f07b5a70d
dashboard link: https://syzkaller.appspot.com/bug?extid=3bf8b0169d7fcc0ebcd5
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/d900f083ada3/non_bootable_disk-c8bc81a5.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9c0190a39aee/vmlinux-c8bc81a5.xz
kernel image: https://storage.googleapis.com/syzbot-assets/fc2b728f9900/bzImage-c8bc81a5.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3bf8b0...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5373 at fs/bcachefs/recovery_passes.c:174 bch2_recovery_pass_want_ratelimit+0x1d8/0x290 fs/bcachefs/recovery_passes.c:174
Modules linked in:
CPU: 0 UID: 0 PID: 5373 Comm: bch-copygc/loop Not tainted syzkaller #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:bch2_recovery_pass_want_ratelimit+0x1d8/0x290 fs/bcachefs/recovery_passes.c:174
Code: fd 40 20 eb eb 0e e8 17 04 6b fd eb 05 e8 10 04 6b fd 31 db 89 d8 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f9 03 6b fd 90 <0f> 0b 90 e9 d1 fe ff ff e8 eb 03 6b fd 48 c7 c7 80 c1 79 8e 48 89
RSP: 0018:ffffc9000d326cb0 EFLAGS: 00010293
RAX: ffffffff8454b747 RBX: 000000000000000e RCX: ffff888033b9a440
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffff888055f8eb5c R09: 0000000000000003
R10: ffff888055f8eb5b R11: ffffed100abf1d6c R12: dffffc0000000000
R13: dffffc0000000000 R14: ffff888052e00000 R15: 1ffff92001a64da5
FS: 0000000000000000(0000) GS:ffff88808d20d000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000002140 CR3: 00000000334f3000 CR4: 0000000000352ef0
Call Trace:
<TASK>
recovery_pass_needs_set+0x9a/0x510 fs/bcachefs/recovery_passes.c:302
bch2_run_explicit_recovery_pass+0x3f/0xd0 fs/bcachefs/recovery_passes.c:416
bch2_check_bucket_backpointer_mismatch+0x634/0x690 fs/bcachefs/backpointers.c:1220
__bch2_move_data_phys+0x17a7/0x1c50 fs/bcachefs/move.c:922
bch2_evacuate_bucket+0x228/0x3a0 fs/bcachefs/move.c:1082
bch2_copygc+0x3be3/0x4510 fs/bcachefs/movinggc.c:234
bch2_copygc_thread+0x97a/0xe00 fs/bcachefs/movinggc.c:409
kthread+0x70e/0x8a0 kernel/kthread.c:463
ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Oct 18, 2025, 8:33:42 PM (2 days ago) Oct 18
to kent.ov...@linux.dev, linux-b...@vger.kernel.org, linux-...@vger.kernel.org, syzkall...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: bf45a62baffc Merge branch 'for-next/core' into for-kernelci
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=172ae492580000
kernel config: https://syzkaller.appspot.com/x/.config?x=bd2356106f507975
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=124fda14580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14fb3de2580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/f0d4874557e9/disk-bf45a62b.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0bf44a13b5b2/vmlinux-bf45a62b.xz
kernel image: https://storage.googleapis.com/syzbot-assets/18db8bc9907c/Image-bf45a62b.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/0638961e34c6/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3bf8b0...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6755 at fs/bcachefs/recovery_passes.c:174 bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174
Modules linked in:
CPU: 1 UID: 0 PID: 6755 Comm: bch-copygc/loop Not tainted syzkaller #0 PREEMPT
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174
lr : bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174
sp : ffff8000a1a76af0
x29: ffff8000a1a76af0 x28: ffff0000f69b8028 x27: ffff0000d4bfe198
x26: 1ffff0001434ed70 x25: dfff800000000000 x24: 0000000000000001
x23: ffff8000a1a76c00 x22: dfff800000000000 x21: 0000000000000000
x20: ffff0000ecf80000 x19: 000000000000000e x18: 00000000ffffffff
x17: ffff80008280dad8 x16: ffff80008052b264 x15: 0000000000000001
x14: 1fffe00018c07b0b x13: 0000000000000000 x12: 0000000000000000
x11: 1ffff0001434ed95 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c8658000 x7 : 2020202020202020 x6 : 696d206874697720
x5 : ffff0000c603d85d x4 : ffff0000c603d85b x3 : 0000000000000002
x2 : ffff8000a1a76b84 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174 (P)
recovery_pass_needs_set+0xa0/0x468 fs/bcachefs/recovery_passes.c:302
bch2_run_explicit_recovery_pass+0x4c/0xec fs/bcachefs/recovery_passes.c:416
bch2_check_bucket_backpointer_mismatch+0x34c/0x3a0 fs/bcachefs/backpointers.c:1220
__bch2_move_data_phys+0x684/0x144c fs/bcachefs/move.c:1011
bch2_evacuate_bucket+0x220/0x34c fs/bcachefs/move.c:1082
bch2_copygc+0x2d80/0x3570 fs/bcachefs/movinggc.c:234
bch2_copygc_thread+0x898/0xd8c fs/bcachefs/movinggc.c:409
kthread+0x5fc/0x75c kernel/kthread.c:463
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844
irq event stamp: 236
hardirqs last enabled at (235): [<ffff800080c664d0>] kasan_quarantine_put+0x1a0/0x1c8 mm/kasan/quarantine.c:234
hardirqs last disabled at (236): [<ffff80008b05ee64>] el1_brk64+0x20/0x54 arch/arm64/kernel/entry-common.c:434
softirqs last enabled at (0): [<ffff8000803ba294>] copy_process+0x1134/0x31ec kernel/fork.c:2119
softirqs last disabled at (0): [<0000000000000000>] 0x0
---[ end trace 0000000000000000 ]---
bc
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: bf45a62baffc Merge branch 'for-next/core' into for-kernelci
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=172ae492580000
kernel config: https://syzkaller.appspot.com/x/.config?x=bd2356106f507975
dashboard link: https://syzkaller.appspot.com/bug?extid=3bf8b0169d7fcc0ebcd5
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
userspace arch: arm64
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=124fda14580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14fb3de2580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/f0d4874557e9/disk-bf45a62b.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0bf44a13b5b2/vmlinux-bf45a62b.xz
kernel image: https://storage.googleapis.com/syzbot-assets/18db8bc9907c/Image-bf45a62b.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/0638961e34c6/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3bf8b0...@syzkaller.appspotmail.com
------------[ cut here ]------------
Modules linked in:
CPU: 1 UID: 0 PID: 6755 Comm: bch-copygc/loop Not tainted syzkaller #0 PREEMPT
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174
lr : bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174
sp : ffff8000a1a76af0
x29: ffff8000a1a76af0 x28: ffff0000f69b8028 x27: ffff0000d4bfe198
x26: 1ffff0001434ed70 x25: dfff800000000000 x24: 0000000000000001
x23: ffff8000a1a76c00 x22: dfff800000000000 x21: 0000000000000000
x20: ffff0000ecf80000 x19: 000000000000000e x18: 00000000ffffffff
x17: ffff80008280dad8 x16: ffff80008052b264 x15: 0000000000000001
x14: 1fffe00018c07b0b x13: 0000000000000000 x12: 0000000000000000
x11: 1ffff0001434ed95 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c8658000 x7 : 2020202020202020 x6 : 696d206874697720
x5 : ffff0000c603d85d x4 : ffff0000c603d85b x3 : 0000000000000002
x2 : ffff8000a1a76b84 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
bch2_recovery_pass_want_ratelimit+0x1c0/0x270 fs/bcachefs/recovery_passes.c:174 (P)
recovery_pass_needs_set+0xa0/0x468 fs/bcachefs/recovery_passes.c:302
bch2_run_explicit_recovery_pass+0x4c/0xec fs/bcachefs/recovery_passes.c:416
bch2_check_bucket_backpointer_mismatch+0x34c/0x3a0 fs/bcachefs/backpointers.c:1220
__bch2_move_data_phys+0x684/0x144c fs/bcachefs/move.c:1011
bch2_evacuate_bucket+0x220/0x34c fs/bcachefs/move.c:1082
bch2_copygc+0x2d80/0x3570 fs/bcachefs/movinggc.c:234
bch2_copygc_thread+0x898/0xd8c fs/bcachefs/movinggc.c:409
kthread+0x5fc/0x75c kernel/kthread.c:463
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844
irq event stamp: 236
hardirqs last enabled at (235): [<ffff800080c664d0>] kasan_quarantine_put+0x1a0/0x1c8 mm/kasan/quarantine.c:234
hardirqs last disabled at (236): [<ffff80008b05ee64>] el1_brk64+0x20/0x54 arch/arm64/kernel/entry-common.c:434
softirqs last enabled at (0): [<ffff8000803ba294>] copy_process+0x1134/0x31ec kernel/fork.c:2119
softirqs last disabled at (0): [<0000000000000000>] 0x0
---[ end trace 0000000000000000 ]---
bc
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
Reply all
Reply to author
Forward
0 new messages