94 lines
5.1 KiB
Plaintext
94 lines
5.1 KiB
Plaintext
|
URL: https://bugzilla.kernel.org/show_bug.cgi?id=166361
|
||
|
|
Lukas Lueg 2016-09-17 16:45:53 UTC
|
||
|
|
|
||
|
|
More news from the fuzzer. The attached image causes a segmentation fault when
|
||
|
|
running btrfsck over it; using btrfs-progs v4.7.1-17-g2076992
|
||
|
|
|
||
|
|
The juicy parts:
|
||
|
|
|
||
|
|
==30530==ERROR: AddressSanitizer: SEGV on unknown address 0x62103031ae21 (pc 0x0000005f19b9 bp 0x7ffd4aa30a90 sp 0x7ffd4aa30a90 T0)
|
||
|
|
#0 0x5f19b8 in btrfs_qgroup_status_flags /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:2136:1
|
||
|
|
#1 0x5f16f5 in read_qgroup_status /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:885:10
|
||
|
|
#2 0x5ef38a in load_quota_info /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:949:5
|
||
|
|
#3 0x5eeefc in qgroup_verify_all /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:1351:8
|
||
|
|
#4 0x51f08f in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11637:9
|
||
|
|
#5 0x4f0f81 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
|
||
|
|
#6 0x7f7eb11aa730 in __libc_start_main (/lib64/libc.so.6+0x20730)
|
||
|
|
#7 0x4213f8 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4213f8)
|
||
|
|
|
||
|
|
parent transid verify failed on 4198400 wanted 4 found 5
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 4198400 wanted 26388280060160 found 5
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
checking extents
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
Chunk[256, 228, 0]: length(4194304), offset(0), type(2) is not found in block group
|
||
|
|
Chunk[256, 228, 0] stripe[1, 0] is not found in dev extent
|
||
|
|
Chunk[256, 228, 4194304]: length(1638400), offset(4194304), type(5) is not found in block group
|
||
|
|
Chunk[256, 228, 4194304] stripe[1, 4194304] is not found in dev extent
|
||
|
|
Chunk[256, 228, 5832704]: length(1638400), offset(5832704), type(5) is not found in block group
|
||
|
|
Chunk[256, 228, 5832704] stripe[1, 5832704] is not found in dev extent
|
||
|
|
ref mismatch on [0 4096] extent item 0, found 1
|
||
|
|
Backref 0 parent 0 root 0 not found in extent tree
|
||
|
|
backpointer mismatch on [0 4096]
|
||
|
|
ref mismatch on [131072 4096] extent item 0, found 1
|
||
|
|
Backref 131072 parent 3 root 3 not found in extent tree
|
||
|
|
backpointer mismatch on [131072 4096]
|
||
|
|
ref mismatch on [4198400 4096] extent item 0, found 1
|
||
|
|
Backref 4198400 parent 1 root 1 not found in extent tree
|
||
|
|
backpointer mismatch on [4198400 4096]
|
||
|
|
ref mismatch on [4231168 4096] extent item 0, found 1
|
||
|
|
Backref 4231168 parent 7 root 7 not found in extent tree
|
||
|
|
backpointer mismatch on [4231168 4096]
|
||
|
|
ref mismatch on [3472328296227680304 3472328296227680304] extent item 0, found 1
|
||
|
|
Backref 3472328296227680304 root 1 owner 2 offset 0 num_refs 0 not found in extent tree
|
||
|
|
Incorrect local backref count on 3472328296227680304 root 1 owner 2 offset 0 found 1 wanted 0 back 0x60800000bda0
|
||
|
|
backpointer mismatch on [3472328296227680304 3472328296227680304]
|
||
|
|
Dev extent's total-byte(0) is not equal to byte-used(7471104) in dev[1, 216, 1]
|
||
|
|
Errors found in extent allocation tree or chunk allocation
|
||
|
|
parent transid verify failed on 0 wanted 3472328296227680304 found 0
|
||
|
|
Ignoring transid failure
|
||
|
|
parent transid verify failed on 4198400 wanted 26388280060160 found 5
|
||
|
|
Ignoring transid failure
|
||
|
|
checking free space cache
|
||
|
|
checking fs roots
|
||
|
|
root 5 root dir 3472328296227680304 not found
|
||
|
|
checking csums
|
||
|
|
checking root refs
|
||
|
|
checking quota groups
|
||
|
|
ASAN:DEADLYSIGNAL
|
||
|
|
=================================================================
|
||
|
|
==30530==ERROR: AddressSanitizer: SEGV on unknown address 0x62103031ae21 (pc 0x0000005f19b9 bp 0x7ffd4aa30a90 sp 0x7ffd4aa30a90 T0)
|
||
|
|
#0 0x5f19b8 in btrfs_qgroup_status_flags /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:2136:1
|
||
|
|
#1 0x5f16f5 in read_qgroup_status /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:885:10
|
||
|
|
#2 0x5ef38a in load_quota_info /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:949:5
|
||
|
|
#3 0x5eeefc in qgroup_verify_all /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:1351:8
|
||
|
|
#4 0x51f08f in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11637:9
|
||
|
|
#5 0x4f0f81 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
|
||
|
|
#6 0x7f7eb11aa730 in __libc_start_main (/lib64/libc.so.6+0x20730)
|
||
|
|
#7 0x4213f8 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4213f8)
|
||
|
|
|
||
|
|
AddressSanitizer can not provide additional info.
|
||
|
|
SUMMARY: AddressSanitizer: SEGV /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:2136:1 in btrfs_qgroup_status_flags
|
||
|
|
==30530==ABORTING
|