[syzbot] [bcachefs?] WARNING in __bch2_fsck_err (2)

From: syzbot
Date: Mon Oct 07 2024 - 23:06:06 EST


Hello,

syzbot found the following issue on:

HEAD commit: 5f5673607153 Merge branch 'for-next/core' into for-kernelci
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=10cff580580000
kernel config: https://syzkaller.appspot.com/x/.config?x=dedbcb1ff4387972
dashboard link: https://syzkaller.appspot.com/bug?extid=a3df02951b3139aec8eb
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12d5e307980000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=164433d0580000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/40172aed5414/disk-5f567360.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/58372f305e9d/vmlinux-5f567360.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d2aae6fa798f/Image-5f567360.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/1341ae90d594/mount_0.gz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a3df02951b3139aec8eb@xxxxxxxxxxxxxxxxxxxxxxxxx

------------[ cut here ]------------
WARNING: CPU: 1 PID: 6422 at fs/bcachefs/error.c:242 __bch2_fsck_err+0x1bc8/0x278c fs/bcachefs/error.c:242
Modules linked in:
CPU: 1 UID: 0 PID: 6422 Comm: read_btree_node Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __bch2_fsck_err+0x1bc8/0x278c fs/bcachefs/error.c:242
lr : __bch2_fsck_err+0x1bc8/0x278c fs/bcachefs/error.c:242
sp : ffff8000a4326740
x29: ffff8000a4326900 x28: ffff80008b92e200 x27: dfff800000000000
x26: 0000000000000001 x25: 0000000000000055 x24: ffff8000a43267e0
x23: 0000000000000000 x22: ffff8000a4326800 x21: 0000000000000055
x20: ffff0000dcb80000 x19: 0000000000000000 x18: ffff8000a4326200
x17: 000000000000cd00 x16: ffff800080569b84 x15: 0000000000000001
x14: 1ffff00014864cc8 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700014864cc9 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000e3798000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : ffff8000930c3640 x4 : 0000000000000008 x3 : ffff80008b41d320
x2 : 0000000000000001 x1 : 0000000000000008 x0 : 0000000000000001
Call trace:
__bch2_fsck_err+0x1bc8/0x278c fs/bcachefs/error.c:242
__bch2_bkey_fsck_err+0x7b0/0xea8 fs/bcachefs/error.c:436
__bch2_bkey_validate+0x554/0x768
bset_key_validate fs/bcachefs/btree_io.c:843 [inline]
validate_bset_keys+0x724/0x1204 fs/bcachefs/btree_io.c:914
bch2_btree_node_read_done+0x1a64/0x4ab4 fs/bcachefs/btree_io.c:1134
btree_node_read_work+0x50c/0xe04 fs/bcachefs/btree_io.c:1323
bch2_btree_node_read+0x1f50/0x280c fs/bcachefs/btree_io.c:1708
bch2_btree_node_fill+0x8cc/0xfbc fs/bcachefs/btree_cache.c:886
bch2_btree_node_get_noiter+0x7fc/0xbec fs/bcachefs/btree_cache.c:1155
found_btree_node_is_readable fs/bcachefs/btree_node_scan.c:85 [inline]
try_read_btree_node fs/bcachefs/btree_node_scan.c:190 [inline]
read_btree_nodes_worker+0xdcc/0x1980 fs/bcachefs/btree_node_scan.c:239
kthread+0x288/0x310 kernel/kthread.c:389
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
irq event stamp: 310
hardirqs last enabled at (309): [<ffff800080a88010>] kasan_quarantine_put+0x1a0/0x1c8 mm/kasan/quarantine.c:234
hardirqs last disabled at (310): [<ffff80008b3363f4>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:470
softirqs last enabled at (0): [<ffff8000801d498c>] copy_process+0x11f8/0x3264 kernel/fork.c:2319
softirqs last disabled at (0): [<0000000000000000>] 0x0
---[ end trace 0000000000000000 ]---
invalid bkey u64s 7 type xattr 1073741824:2097412339779176161:U32_MAX len 9568256 ver 0: user.xattr2:xattr2
size != 0: delete?, fixing


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@xxxxxxxxxxxxxxxx.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup