[Bug 1902525] Re: btrfs subvolume list segmentation fault
David A. Sjøen
1902525 at bugs.launchpad.net
Tue Nov 10 17:48:52 UTC 2020
We are randomly getting the same segfault on two different servers, one
with 18.04 and one with 20.04. Here is the strace output, if it helps:
xxx at yyy:~$ sudo strace btrfs subvolume list /mnt/btrfs
execve("/bin/btrfs", ["btrfs", "subvolume", "list", "/mnt/btrfs"], 0x7ffcd5a42ff8 /* 23 vars */) = 0
brk(NULL) = 0x5576268f3000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=26618, ...}) = 0
mmap(NULL, 26618, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1d50e75000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libuuid.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\26\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=27112, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1d50e73000
mmap(NULL, 2122112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d50a4e000
mprotect(0x7f1d50a54000, 2093056, PROT_NONE) = 0
mmap(0x7f1d50c53000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f1d50c53000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libblkid.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\230\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=311720, ...}) = 0
mmap(NULL, 2411776, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d50801000
mprotect(0x7f1d50848000, 2097152, PROT_NONE) = 0
mmap(0x7f1d50a48000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x47000) = 0x7f1d50a48000
mmap(0x7f1d50a4d000, 3328, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1d50a4d000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\37\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=116960, ...}) = 0
mmap(NULL, 2212016, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d505e4000
mprotect(0x7f1d50600000, 2093056, PROT_NONE) = 0
mmap(0x7f1d507ff000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7f1d507ff000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/liblzo2.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000#\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=137256, ...}) = 0
mmap(NULL, 2232416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d503c2000
mprotect(0x7f1d503e3000, 2093056, PROT_NONE) = 0
mmap(0x7f1d505e2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x20000) = 0x7f1d505e2000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libzstd.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\3604\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=501680, ...}) = 0
mmap(NULL, 2596912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d50147000
mprotect(0x7f1d501c1000, 2093056, PROT_NONE) = 0
mmap(0x7f1d503c0000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x79000) = 0x7f1d503c0000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000b\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=144976, ...}) = 0
mmap(NULL, 2221184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d4ff28000
mprotect(0x7f1d4ff42000, 2093056, PROT_NONE) = 0
mmap(0x7f1d50141000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7f1d50141000
mmap(0x7f1d50143000, 13440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1d50143000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2030544, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1d50e71000
mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1d4fb37000
mprotect(0x7f1d4fd1e000, 2097152, PROT_NONE) = 0
mmap(0x7f1d4ff1e000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7f1d4ff1e000
mmap(0x7f1d4ff24000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1d4ff24000
close(3) = 0
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1d50e6e000
arch_prctl(ARCH_SET_FS, 0x7f1d50e6e8c0) = 0
mprotect(0x7f1d4ff1e000, 16384, PROT_READ) = 0
mprotect(0x7f1d50141000, 4096, PROT_READ) = 0
mprotect(0x7f1d503c0000, 4096, PROT_READ) = 0
mprotect(0x7f1d505e2000, 4096, PROT_READ) = 0
mprotect(0x7f1d507ff000, 4096, PROT_READ) = 0
mprotect(0x7f1d50c53000, 4096, PROT_READ) = 0
mprotect(0x7f1d50a48000, 16384, PROT_READ) = 0
mprotect(0x557625ce2000, 20480, PROT_READ) = 0
mprotect(0x7f1d50e7c000, 4096, PROT_READ) = 0
munmap(0x7f1d50e75000, 26618) = 0
set_tid_address(0x7f1d50e6eb90) = 6908
set_robust_list(0x7f1d50e6eba0, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f1d4ff2dcb0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f1d4ff3a8a0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f1d4ff2dd50, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1d4ff3a8a0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL) = 0x5576268f3000
brk(0x557626914000) = 0x557626914000
statfs("/mnt/btrfs", {f_type=BTRFS_SUPER_MAGIC, f_bsize=4096, f_blocks=1048576000, f_bfree=813464493, f_bavail=813322881, f_files=0, f_ffree=0, f_fsid={val=[2961959219, 47240398]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOATIME}) = 0
stat("/mnt/btrfs", {st_mode=S_IFDIR|0755, st_size=52, ...}) = 0
stat("/mnt/btrfs", {st_mode=S_IFDIR|0755, st_size=52, ...}) = 0
openat(AT_FDCWD, "/mnt/btrfs", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0755, st_size=52, ...}) = 0
ioctl(3, BTRFS_IOC_INO_LOOKUP, {treeid=0, objectid=256 /* BTRFS_FIRST_FREE_OBJECTID */} => {treeid=5 /* BTRFS_FS_TREE_OBJECTID */, name=""}) = 0
ioctl(3, BTRFS_IOC_INO_LOOKUP, {treeid=0, objectid=256 /* BTRFS_FIRST_FREE_OBJECTID */} => {treeid=5 /* BTRFS_FS_TREE_OBJECTID */, name=""}) = 0
ioctl(3, BTRFS_IOC_TREE_SEARCH, {key={tree_id=1 /* BTRFS_ROOT_TREE_OBJECTID */, min_objectid=5 /* BTRFS_FS_TREE_OBJECTID */, max_offset=18446744073709551615 /* UINT64_MAX */, max_transid=18446744073709551615 /* UINT64_MAX */, min_type=132 /* BTRFS_ROOT_ITEM_KEY */, max_type=144 /* BTRFS_ROOT_BACKREF_KEY */, nr_items=4096}} => {key={nr_items=28}, buf=...}) = 0
ioctl(3, BTRFS_IOC_TREE_SEARCH, {key={tree_id=1 /* BTRFS_ROOT_TREE_OBJECTID */, min_objectid=257, min_offset=1364, max_offset=18446744073709551615 /* UINT64_MAX */, max_transid=18446744073709551615 /* UINT64_MAX */, min_type=156 /* BTRFS_ROOT_REF_KEY */, max_type=144 /* BTRFS_ROOT_BACKREF_KEY */, nr_items=4096}} => {key={nr_items=42}, buf=...}) = 0
ioctl(3, BTRFS_IOC_TREE_SEARCH, {key={tree_id=1 /* BTRFS_ROOT_TREE_OBJECTID */, min_objectid=257, min_offset=12704, max_offset=18446744073709551615 /* UINT64_MAX */, max_transid=18446744073709551615 /* UINT64_MAX */, min_type=156 /* BTRFS_ROOT_REF_KEY */, max_type=144 /* BTRFS_ROOT_BACKREF_KEY */, nr_items=4096}} => {key={nr_items=40}, buf=...}) = 0
ioctl(3, BTRFS_IOC_TREE_SEARCH, {key={tree_id=1 /* BTRFS_ROOT_TREE_OBJECTID */, min_objectid=257, min_offset=13004, max_offset=18446744073709551615 /* UINT64_MAX */, max_transid=18446744073709551615 /* UINT64_MAX */, min_type=156 /* BTRFS_ROOT_REF_KEY */, max_type=144 /* BTRFS_ROOT_BACKREF_KEY */, nr_items=4096}} => {key={nr_items=30}, buf=...}) = 0
ioctl(3, BTRFS_IOC_TREE_SEARCH, {key={tree_id=1 /* BTRFS_ROOT_TREE_OBJECTID */, min_objectid=353, min_offset=1, max_offset=18446744073709551615 /* UINT64_MAX */, max_transid=18446744073709551615 /* UINT64_MAX */, min_type=1 /* BTRFS_INODE_ITEM_KEY */, max_type=144 /* BTRFS_ROOT_BACKREF_KEY */, nr_items=4096}} => {key={nr_items=29}, buf=...}) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x7ffcc950b22b} ---
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to btrfs-progs in Ubuntu.
https://bugs.launchpad.net/bugs/1902525
Title:
btrfs subvolume list segmentation fault
Status in btrfs-progs package in Ubuntu:
Confirmed
Bug description:
Under Ubuntu 18.04 LTS with HWE-Kernel 5.4.0-52-generic the command
btrfs subvolume list /
sometimes leads to a segmentation fault. Unfortunately I cannot figure
out why some calls of this command work as expected while others (of
exactly the same command) lead to the segmentation fault. On my
machine about every third call leads to the segfault.
In case of the segmentation fault, my syslog contains the following entries:
Nov 2 13:56:11 Sputnik kernel: [153948.460139] btrfs[19583]: segfault at 7ffcd9d8c391 ip 000055d8e5201117 sp 00007ffcd5d8bd20 error 4 in btrfs[55d8e5195000+a9000]
Nov 2 13:56:11 Sputnik kernel: [153948.460153] Code: 00 00 31 c0 8b 5c 24 14 39 9c 24 88 00 00 00 0f 86 f2 01 00 00 48 8b 7c 24 08 48 8d 57 68 48 8d 0c 02 48 83 c0 20 48 89 04 24 <8b> 71 18 8b 79 1c 48 8b 59 08 48 8b 69 10 81 fe 90 00 00 00 89 74
According to
https://forums.linuxmint.com/viewtopic.php?t=333594
I do not seem to be the only one experiencing this problem.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/btrfs-progs/+bug/1902525/+subscriptions
More information about the foundations-bugs
mailing list