Created attachment 690662 [details] dmesg Description of problem: Running kernel-3.8.0-0.rc5.git1.2.fc19.x86_64 with encfs in a btrfs filesystem, receive: [ 3605.890250] ------------[ cut here ]------------ [ 3605.890283] WARNING: at fs/btrfs/extent_io.c:4718 map_private_extent_buffer+0xd4/0xe0 [btrfs]() [ 3605.890285] Hardware name: C2SEA [ 3605.890288] btrfs bad mapping eb start 510210048 len 4096, wanted 4096 8 [ 3605.890290] Modules linked in: fuse rfcomm bnep ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack ip6table_filter nf_conntrack ip6_tables w83627ehf hwmon_vid snd_hda_codec_realtek snd_hda_intel snd_hda_codec uvcvideo snd_hwdep snd_seq snd_seq_device videobuf2_vmalloc btusb videobuf2_memops videobuf2_core videodev snd_pcm bluetooth media snd_page_alloc snd_timer snd coretemp iTCO_wdt iTCO_vendor_support i2c_i801 soundcore lpc_ich rfkill r8169 microcode mii mfd_core vhost_net tun macvtap macvlan kvm_intel kvm binfmt_misc uinput i2c_dev ata_generic pata_acpi btrfs zlib_deflate libcrc32c i915 firewire_ohci firewire_core video i2c_algo_bit drm_kms_helper crc_itu_t drm pata_it8213 i2c_core [ 3605.890335] Pid: 1962, comm: encfs Not tainted 3.8.0-0.rc5.git1.2.fc19.x86_64 #1 [ 3605.890337] Call Trace: [ 3605.890355] [<ffffffffa01a1b00>] ? map_private_extent_buffer+0x30/0xe0 [btrfs] [ 3605.890362] [<ffffffff8105c1f0>] warn_slowpath_common+0x70/0xa0 [ 3605.890365] [<ffffffff8105c26c>] warn_slowpath_fmt+0x4c/0x50 [ 3605.890382] [<ffffffffa01a1ba4>] map_private_extent_buffer+0xd4/0xe0 [btrfs] [ 3605.890399] [<ffffffffa0197970>] btrfs_set_token_64+0x60/0xf0 [btrfs] [ 3605.890416] [<ffffffffa01b9944>] btrfs_log_changed_extents+0x384/0x600 [btrfs] [ 3605.890433] [<ffffffffa01ba4f8>] btrfs_log_inode+0x3b8/0x660 [btrfs] [ 3605.890450] [<ffffffffa01bb459>] btrfs_log_inode_parent+0x169/0x450 [btrfs] [ 3605.890466] [<ffffffffa01bb77a>] btrfs_log_dentry_safe+0x3a/0x60 [btrfs] [ 3605.890482] [<ffffffffa01923c0>] btrfs_sync_file+0x150/0x1f0 [btrfs] [ 3605.890487] [<ffffffff811c44b6>] do_fsync+0x56/0x80 [ 3605.890490] [<ffffffff811c4740>] sys_fsync+0x10/0x20 [ 3605.890494] [<ffffffff8163ce59>] system_call_fastpath+0x16/0x1b [ 3605.890496] ---[ end trace 7e5e84fc43a629f8 ]--- [ 3605.890504] BUG: unable to handle kernel NULL pointer dereference at (null) [ 3605.890552] IP: [<ffffffffa01a1da3>] write_extent_buffer+0xd3/0x150 [btrfs] [ 3605.890604] PGD 1f2796067 PUD 1f2797067 PMD 0 [ 3605.890638] Oops: 0000 [#1] SMP [ 3605.890662] Modules linked in: fuse rfcomm bnep ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack ip6table_filter nf_conntrack ip6_tables w83627ehf hwmon_vid snd_hda_codec_realtek snd_hda_intel snd_hda_codec uvcvideo snd_hwdep snd_seq snd_seq_device videobuf2_vmalloc btusb videobuf2_memops videobuf2_core videodev snd_pcm bluetooth media snd_page_alloc snd_timer snd coretemp iTCO_wdt iTCO_vendor_support i2c_i801 soundcore lpc_ich rfkill r8169 microcode mii mfd_core vhost_net tun macvtap macvlan kvm_intel kvm binfmt_misc uinput i2c_dev ata_generic pata_acpi btrfs zlib_deflate libcrc32c i915 firewire_ohci firewire_core video i2c_algo_bit drm_kms_helper crc_itu_t drm pata_it8213 i2c_core [ 3605.891143] CPU 1 [ 3605.891157] Pid: 1962, comm: encfs Tainted: G W 3.8.0-0.rc5.git1.2.fc19.x86_64 #1 Supermicro C2SEA/C2SEA [ 3605.891197] RIP: 0010:[<ffffffffa01a1da3>] [<ffffffffa01a1da3>] write_extent_buffer+0xd3/0x150 [btrfs] [ 3605.891197] RSP: 0018:ffff8801f27abc20 EFLAGS: 00010202 [ 3605.891197] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008 [ 3605.891197] RDX: 0000000000001008 RSI: 000000001e694000 RDI: ffff880107078810 [ 3605.891197] RBP: ffff8801f27abc50 R08: 000000000000000a R09: 0000000000000399 [ 3605.891197] R10: 0000000000000000 R11: ffff8801f27ab8d6 R12: ffff8801f27abc80 [ 3605.891197] R13: ffff880107078810 R14: 0000000000000000 R15: 0000000000000008 [ 3605.891197] FS: 00007f441fb63800(0000) GS:ffff880237c80000(0000) knlGS:0000000000000000 [ 3605.891197] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b [ 3605.891197] CR2: 0000000000000000 CR3: 000000020265c000 CR4: 00000000000007e0 [ 3605.891197] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3605.891197] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 3605.891197] Process encfs (pid: 1962, threadinfo ffff8801f27aa000, task ffff8801f260dd80) [ 3605.891197] Stack: [ 3605.891197] 0000000000001000 ffff8801f27abd70 ffff880107078810 0000000000001000 [ 3605.891197] 0000000000000025 0000000000000fdb ffff8801f27abcb0 ffffffffa01979f0 [ 3605.891197] 0000000000000000 ffff8801e0166000 0000000000001000 0000000000001000 [ 3605.891197] Call Trace: [ 3605.891197] [<ffffffffa01979f0>] btrfs_set_token_64+0xe0/0xf0 [btrfs] [ 3605.891197] [<ffffffffa01b9944>] btrfs_log_changed_extents+0x384/0x600 [btrfs] [ 3605.891197] [<ffffffffa01ba4f8>] btrfs_log_inode+0x3b8/0x660 [btrfs] [ 3605.891197] [<ffffffffa01bb459>] btrfs_log_inode_parent+0x169/0x450 [btrfs] [ 3605.891197] [<ffffffffa01bb77a>] btrfs_log_dentry_safe+0x3a/0x60 [btrfs] [ 3605.891197] [<ffffffffa01923c0>] btrfs_sync_file+0x150/0x1f0 [btrfs] [ 3605.891197] [<ffffffff811c44b6>] do_fsync+0x56/0x80 [ 3605.891197] [<ffffffff811c4740>] sys_fsync+0x10/0x20 [ 3605.891197] [<ffffffff8163ce59>] system_call_fastpath+0x16/0x1b [ 3605.891197] Code: e0 0c 48 01 d0 4c 89 c2 4a 8d 3c 30 e8 37 2d 15 e1 4c 8b 45 d0 4d 01 c4 4d 29 c7 74 3b 45 31 f6 49 8b 85 50 01 00 00 48 8b 04 18 <48> 8b 30 83 e6 08 75 95 be af 12 00 00 48 c7 c7 a4 cb 1e a0 48 [ 3605.891197] RIP [<ffffffffa01a1da3>] write_extent_buffer+0xd3/0x150 [btrfs] [ 3605.891197] RSP <ffff8801f27abc20> [ 3605.891197] CR2: 0000000000000000 [ 3605.905108] ---[ end trace 7e5e84fc43a629f9 ]--- Version-Release number of selected component (if applicable): kernel-3.8.0-0.rc5.git1.2.fc19.x86_64 How reproducible: Always Steps to Reproduce: 1.Boot kernel-3.8.0-0.rc5.git1.2.fc19.x86_64 2.Mount and use encfs files 3.Wait Actual results: Bug occurs within a few minutes. Expected results: No bug Additional info: The btrfs filesystem has to be mounted '-o recovery' after rebooting.
*** Bug 906139 has been marked as a duplicate of this bug. ***
Created attachment 695338 [details] dmesg Just noting the same problem with kernel-3.8.0-0.rc7.git0.1.fc19.x86_64. It took four hours before I got a reoccurrence, and I needed to btrfsck, btrfs-zero-log, and mount with '-o recovery' to get the filesystem back. Dmesg attached.
Collected information from the btrfs mailing list, thread start at: http://www.mail-archive.com/linux-btrfs@vger.kernel.org/msg22408.html > Could you do > > gdb btrfs.ko > list *(btrfs_log_inode+0x3b8) > > and tell me what it says? Thanks, > Josef # uname -r 3.8.0-0.rc7.git0.1.fc19.x86_64 # gdb /usr/lib/modules/3.8.0-0.rc7.git0.1.fc19.x86_64/kernel/fs/btrfs/btrfs.ko (gdb) list *(btrfs_log_inode+0x3b8) 0x675b8 is in btrfs_log_inode (fs/btrfs/tree-log.c:3633). 3628 3629 log_extents: 3630 if (fast_search) { 3631 btrfs_release_path(dst_path); 3632 ret = btrfs_log_changed_extents(trans, root, inode, dst_path); 3633 if (ret) { 3634 err = ret; 3635 goto out_unlock; 3636 } 3637 } else { (gdb) > Sigh sorry, I miseed the other line because of line wrapping, can you do > > list *(btrfs_log_changed_extents+0x384) > > Thanks, > Josef (gdb) list *(btrfs_log_changed_extents+0x384) 0x65264 is in btrfs_log_changed_extents (fs/btrfs/ctree.h:2731). 2726 generation, 64); 2727 BTRFS_SETGET_FUNCS(file_extent_disk_num_bytes, struct btrfs_file_extent_item, 2728 disk_num_bytes, 64); 2729 BTRFS_SETGET_FUNCS(file_extent_offset, struct btrfs_file_extent_item, 2730 offset, 64); 2731 BTRFS_SETGET_FUNCS(file_extent_num_bytes, struct btrfs_file_extent_item, 2732 num_bytes, 64); 2733 BTRFS_SETGET_FUNCS(file_extent_ram_bytes, struct btrfs_file_extent_item, 2734 ram_bytes, 64); 2735 BTRFS_SETGET_FUNCS(file_extent_compression, struct btrfs_file_extent_item, (gdb) > Ok nothing obvious is jumping out at me, anything specifc to your btrfs setup? > Mount options, raid etc. I'm going to setup encfs up here and hammer it with > fsstress and see if I can reproduce. Thanks, > > Josef The btrfs mount options I'm using are: subvol=home,noatime,autodefrag The encfs is mounted with default options. Oh, and there's no raid data, just a single drive. I don't do heavy I/O to the encfs, which may explain why it takes minutes to hours to recreate. I have my google-chrome config directory (cache, profile, passwords, etc.) in the encfs, so it's getting read/written as I browse. > So incase I can't reproduce can you build btrfs-next and see if it reproduces on > there? And if it does perfect I can send you debug patches to apply and such. > Thanks, > > Josef Using btrfs-next, current as of commit bf3ec18ebec80b2251df8cab062fce5f2bc33a45 (Btrfs: update inode flags when renaming), I got a re-occurrence: [ 8791.731844] ------------[ cut here ]------------ [ 8791.731877] WARNING: at fs/btrfs/extent_io.c:4720 map_private_extent_buffer+0xd4/0xe0 [btrfs]() [ 8791.731879] Hardware name: C2SEA [ 8791.731881] btrfs bad mapping eb start 536137728 len 4096, wanted 4096 8 [ 8791.731884] Modules linked in: vfat fat usb_storage fuse rfcomm bnep nf_conntrack_ipv4 nf_defrag_ipv4 ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_conntrack nf_conntrack ip6table_filter ip6_tables w83627ehf hwmon_vid snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep btusb coretemp uvcvideo bluetooth snd_seq videobuf2_vmalloc videobuf2_memops rfkill snd_seq_device videobuf2_core videodev iTCO_wdt snd_pcm media i2c_i801 snd_page_alloc iTCO_vendor_support lpc_ich microcode snd_timer snd r8169 mfd_core mii soundcore vhost_net tun macvtap macvlan kvm_intel kvm i2c_dev binfmt_misc uinput btrfs zlib_deflate raid6_pq libcrc32c xor ata_generic pata_acpi i915 video i2c_algo_bit firewire_ohci drm_kms_helper firewire_core pata_it8213 crc_itu_t drm i2c_core [ 8791.731931] Pid: 1984, comm: encfs Not tainted 3.8.0-1.BtrfsNext.fc18.x86_64 #1 [ 8791.731933] Call Trace: [ 8791.731940] [<ffffffff8105e61f>] warn_slowpath_common+0x7f/0xc0 [ 8791.731943] [<ffffffff8105e716>] warn_slowpath_fmt+0x46/0x50 [ 8791.731962] [<ffffffffa01b7144>] map_private_extent_buffer+0xd4/0xe0 [btrfs] [ 8791.731980] [<ffffffffa01ad2eb>] btrfs_set_token_64+0x6b/0x100 [btrfs] [ 8791.732052] [<ffffffffa01d0601>] log_one_extent.isra.26+0x241/0x730 [btrfs] [ 8791.732080] [<ffffffffa01d138a>] btrfs_log_inode+0x89a/0x990 [btrfs] [ 8791.732085] [<ffffffff81185700>] ? kmem_cache_alloc+0x10/0x200 [ 8791.732103] [<ffffffffa01d21ac>] btrfs_log_inode_parent+0x17c/0x430 [btrfs] [ 8791.732122] [<ffffffffa01d24a7>] btrfs_log_dentry_safe+0x47/0x70 [btrfs] [ 8791.732141] [<ffffffffa01a7bc5>] btrfs_sync_file+0x175/0x290 [btrfs] [ 8791.732147] [<ffffffff811cc4ed>] do_fsync+0x5d/0x90 [ 8791.732150] [<ffffffff811cc760>] sys_fsync+0x10/0x20 [ 8791.732154] [<ffffffff81658d19>] system_call_fastpath+0x16/0x1b [ 8791.732157] ---[ end trace 941faf2a391e738a ]--- [ 8791.732174] BUG: unable to handle kernel NULL pointer dereference at (null) [ 8791.732239] IP: [<ffffffffa01b7353>] write_extent_buffer+0xd3/0x150 [btrfs] [ 8791.732296] PGD 1ec354067 PUD 1f3d5a067 PMD 0 [ 8791.732334] Oops: 0000 [#1] SMP [ 8791.732361] Modules linked in: vfat fat usb_storage fuse rfcomm bnep nf_conntrack_ipv4 nf_defrag_ipv4 ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_conntrack nf_conntrack ip6table_filter ip6_tables w83627ehf hwmon_vid snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep btusb coretemp uvcvideo bluetooth snd_seq videobuf2_vmalloc videobuf2_memops rfkill snd_seq_device videobuf2_core videodev iTCO_wdt snd_pcm media i2c_i801 snd_page_alloc iTCO_vendor_support lpc_ich microcode snd_timer snd r8169 mfd_core mii soundcore vhost_net tun macvtap macvlan kvm_intel kvm i2c_dev binfmt_misc uinput btrfs zlib_deflate raid6_pq libcrc32c xor ata_generic pata_acpi i915 video i2c_algo_bit firewire_ohci drm_kms_helper firewire_core pata_it8213 crc_itu_t drm i2c_core [ 8791.732913] CPU 1 [ 8791.732929] Pid: 1984, comm: encfs Tainted: G W 3.8.0-1.BtrfsNext.fc18.x86_64 #1 Supermicro C2SEA/C2SEA [ 8791.732983] RIP: 0010:[<ffffffffa01b7353>] [<ffffffffa01b7353>] write_extent_buffer+0xd3/0x150 [btrfs] [ 8791.733011] RSP: 0018:ffff8801ec389b48 EFLAGS: 00010202 [ 8791.733011] RAX: 0000000000000000 RBX: ffff8801ec389bc0 RCX: 0000000000000008 [ 8791.733011] RDX: 0000000000001008 RSI: ffff8801ec389bc0 RDI: 0000000000001000 [ 8791.733011] RBP: ffff8801ec389b88 R08: 000000000000000a R09: 00000000000003c9 [ 8791.733011] R10: 0000000000000000 R11: 00000000000003c8 R12: 0000000000000008 [ 8791.733011] R13: ffff8800403cac18 R14: 0000000000000000 R15: 0000000000000008 [ 8791.733011] FS: 00007ff4e8a77800(0000) GS:ffff880237c80000(0000) knlGS:0000000000000000 [ 8791.733011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 8791.733011] CR2: 0000000000000000 CR3: 00000001ec1cb000 CR4: 00000000000007e0 [ 8791.733011] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 8791.733011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 8791.733011] Process encfs (pid: 1984, threadinfo ffff8801ec388000, task ffff8801fcaa9760) [ 8791.733011] Stack: [ 8791.733011] 0000000000001000 0000000000001000 ffff8801ec389b88 ffff8801ec389c98 [ 8791.733011] ffff8800403cac18 0000000000001000 0000000000000025 0000000000000fdb [ 8791.733011] ffff8801ec389bf8 ffffffffa01ad370 ffff8801ec389bf8 0000000000000000 [ 8791.733011] Call Trace: [ 8791.733011] [<ffffffffa01ad370>] btrfs_set_token_64+0xf0/0x100 [btrfs] [ 8791.733011] [<ffffffffa01d0601>] log_one_extent.isra.26+0x241/0x730 [btrfs] [ 8791.733011] [<ffffffffa01d138a>] btrfs_log_inode+0x89a/0x990 [btrfs] [ 8791.733011] [<ffffffff81185700>] ? kmem_cache_alloc+0x10/0x200 [ 8791.733011] [<ffffffffa01d21ac>] btrfs_log_inode_parent+0x17c/0x430 [btrfs] [ 8791.733011] [<ffffffffa01d24a7>] btrfs_log_dentry_safe+0x47/0x70 [btrfs] [ 8791.733011] [<ffffffffa01a7bc5>] btrfs_sync_file+0x175/0x290 [btrfs] [ 8791.733011] [<ffffffff811cc4ed>] do_fsync+0x5d/0x90 [ 8791.733011] [<ffffffff811cc760>] sys_fsync+0x10/0x20 [ 8791.733011] [<ffffffff81658d19>] system_call_fastpath+0x16/0x1b [ 8791.733011] Code: e0 0c 48 01 d0 4c 89 c2 4a 8d 3c 30 45 31 f6 e8 54 cd 14 e1 4c 8b 45 c8 4c 01 c3 4d 29 c7 74 38 49 8b 85 50 01 00 00 4a 8b 04 20 <48> 8b 30 83 e6 08 75 95 be b1 12 00 00 48 c7 c7 45 7c 20 a0 48 [ 8791.733011] RIP [<ffffffffa01b7353>] write_extent_buffer+0xd3/0x150 [btrfs] [ 8791.733011] RSP <ffff8801ec389b48> [ 8791.733011] CR2: 0000000000000000 [ 8791.755502] ---[ end trace 941faf2a391e738b ]---
Created attachment 704257 [details] Problem continues with kernel-3.8.1-201.fc18.x86_64 I've stopped using encfs for now, since that appears to be the only thing that triggers this for me.
Fixed with Btrfs: delete inline extents when we find them during logging I've Cc:'d stable.org, hopefully it will show up in a normal distro kernel soon.
Confirming that the patch corrects the issue, closing.