kernel BUG at lib/maple_tree.c:1237!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Liam,

I managed to trigger a bug in the maple-tree.  I don't know that it's
definitely your bug as I had a process stuck in the D state, but I don't
believe it was doing anything that modified maple trees at the time, just
waiting for PG_writeback on a folio.  Anyway, I was running the generic/130
xfstest and pressed ctrl-C and got a bunch of oopses (see attached).

Unfortunately, I can't do anything to try and get more information as anything
that tries to clone() gets another oops.

The RIP is mas_alloc_nodes+0x55/0x16e:

	mas_set_alloc_req(mas, 0);
	if (mas->mas_flags & MA_STATE_PREALLOC) {
		if (allocated)
			return;
		BUG_ON(!allocated);  <------- 1237
		WARN_ON(!allocated);
	}

The base kernel is at commit bf3a69c6861f plus some of my patches, none of
which alter the maple-tree code or MM code.

David
---
kernel BUG at lib/maple_tree.c:1237!
invalid opcode: 0000 [#1] SMP PTI
CPU: 3 PID: 6242 Comm: rm Not tainted 6.8.0-build3+ #1653
Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014
RIP: 0010:mas_alloc_nodes+0x55/0x16e
Code: ff 41 89 c5 45 85 ed 0f 84 23 01 00 00 31 f6 48 89 df e8 94 c5 ff ff 44 8a 63 3e 41 83 e4 04 74 0b 48 85 ed 0f 85 06 01 00 00 <0f> 0b 48 85 ed 74 0a 48 8b 43 30 80 78 08 1e 75 3a 8b 74 24 0c 48
RSP: 0018:ffff888141683978 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888141683be8 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888141683be8
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000071
R10: 0000000000000032 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055ae9ee6ace8 CR3: 000000011b0f2002 CR4: 00000000001706f0
Call Trace:
 <TASK>
 ? __die_body+0x1a/0x5b
 ? die+0x30/0x49
 ? do_trap+0x7a/0xfd
 ? mas_alloc_nodes+0x55/0x16e
 ? mas_alloc_nodes+0x55/0x16e
 ? do_error_trap+0x6e/0x98
 ? mas_alloc_nodes+0x55/0x16e
 ? exc_invalid_op+0x49/0x5d
 ? mas_alloc_nodes+0x55/0x16e
 ? asm_exc_invalid_op+0x16/0x20
 ? mas_alloc_nodes+0x55/0x16e
 ? mas_alloc_nodes+0x42/0x16e
 mas_wr_node_store+0xa1/0x27b
 ? folios_put_refs+0x158/0x180
 ? mas_wr_slot_store+0xf5/0x102
 ? mas_wr_modify+0xac/0xc3
 ? kmem_cache_debug_flags+0xc/0x1d
 ? kmem_cache_alloc+0x199/0x1c4
 ? mas_wr_node_walk+0xce/0xe5
 mas_wr_modify+0x9e/0xc3
 mas_store_prealloc+0x55/0x80
 mmap_region+0x46d/0x607
 do_mmap+0x3cf/0x432
 vm_mmap_pgoff+0xcd/0x11e
 elf_load+0x90/0x21e
 load_elf_binary+0x449/0x99d
 search_binary_handler+0xb3/0x204
 exec_binprm+0x4a/0x132
 bprm_execve.part.0+0xe4/0x16b
 do_execveat_common.isra.0+0x193/0x1bc
 do_execve+0x1f/0x25
 __x64_sys_execve+0x26/0x2f
 do_syscall_64+0x86/0xe5
 entry_SYSCALL_64_after_hwframe+0x6c/0x74
RIP: 0033:0x7efea097f52b
Code: Unable to access opcode bytes at 0x7efea097f501.
RSP: 002b:00007ffc44619958 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 000055ae9f1183a0 RCX: 00007efea097f52b
RDX: 000055ae9f111080 RSI: 000055ae9ee6ace0 RDI: 000055ae9f1183a0
RBP: 00007ffc44619a50 R08: 0000000000000001 R09: 0000000000000004
R10: 000055ae9f11a730 R11: 0000000000000246 R12: 00000000ffffffff
R13: 000055ae9f1183a0 R14: 000055ae9ee6ace0 R15: 000055ae9f111080
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:mas_alloc_nodes+0x55/0x16e
Code: ff 41 89 c5 45 85 ed 0f 84 23 01 00 00 31 f6 48 89 df e8 94 c5 ff ff 44 8a 63 3e 41 83 e4 04 74 0b 48 85 ed 0f 85 06 01 00 00 <0f> 0b 48 85 ed 74 0a 48 8b 43 30 80 78 08 1e 75 3a 8b 74 24 0c 48
RSP: 0018:ffff888141683978 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888141683be8 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888141683be8
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000071
R10: 0000000000000032 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007efea097f501 CR3: 000000011b0f2002 CR4: 00000000001706f0
stack segment: 0000 [#2] SMP PTI
CPU: 3 PID: 5912 Comm: (udev-worker) Tainted: G      D            6.8.0-build3+ #1653
Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014
RIP: 0010:kmem_cache_alloc+0xd7/0x1c4
Code: 28 74 05 48 85 ed 75 19 45 89 e9 4c 89 f1 83 ca ff 44 89 e6 48 89 df e8 04 ed ff ff 48 89 c5 eb 22 8b 43 28 48 89 ee 48 8b 3b <4c> 8b 7c 05 00 4c 89 fa e8 bf b9 ff ff 84 c0 74 af 8b 43 28 41 0f
RSP: 0018:ffff88810544bb60 EFLAGS: 00010286
RAX: 0000000000000080 RBX: ffff888100045b00 RCX: 00000000000091a7
RDX: 0000000000000001 RSI: ff88810ace190000 RDI: 0000000000032d90
RBP: ff88810ace190000 R08: ffff88840fbb2d90 R09: 0000000000000001
R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000002800
R13: 0000000000000100 R14: ffffffff81eaf5c3 R15: 0000000000000001
FS:  00007f993aecc980(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564286eb0320 CR3: 00000001416dc004 CR4: 00000000001706f0
Call Trace:
 <TASK>
 ? __die_body+0x1a/0x5b
 ? die+0x30/0x49
 ? do_trap+0x7a/0xfd
 ? do_error_trap+0x6e/0x98
 ? exc_stack_segment+0x35/0x45
 ? asm_exc_stack_segment+0x22/0x30
 ? mas_alloc_nodes+0x76/0x16e
 ? kmem_cache_alloc+0xd7/0x1c4
 mas_alloc_nodes+0x76/0x16e
 ? cgroup_rstat_updated+0x49/0xa5
 mas_wr_node_store+0xa1/0x27b
 ? __slab_free+0x8c/0x233
 ? drain_obj_stock+0xa8/0xc9
 ? calculate_sigpending+0x2e/0x34
 ? __memcg_slab_free_hook+0x9b/0xb3
 ? __dequeue_signal+0xac/0xbc
 ? kmem_cache_free+0x114/0x154
 ? mas_wr_node_walk+0xce/0xe5
 mas_wr_modify+0x9e/0xc3
 mas_store_gfp+0x5a/0xb4
 do_vmi_align_munmap.isra.0+0x1c8/0x354
 __vm_munmap+0x92/0xcf
 __x64_sys_munmap+0x17/0x1e
 do_syscall_64+0x86/0xe5
 entry_SYSCALL_64_after_hwframe+0x6c/0x74
RIP: 0033:0x7f993b8b40fb
Code: 73 01 c3 48 8b 0d 35 5d 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 05 5d 0c 00 f7 d8 64 89 01 48
RSP: 002b:00007ffec5ec8648 EFLAGS: 00000206 ORIG_RAX: 000000000000000b
RAX: ffffffffffffffda RBX: 0000564286e9d840 RCX: 00007f993b8b40fb
RDX: 00000000ffffffff RSI: 0000000000c2dbec RDI: 00007f9939e00000
RBP: 00007ffec5ec8660 R08: 0000000000000010 R09: 0000000000000000
R10: 00007ffec5ec85d0 R11: 0000000000000206 R12: 0000564286e230d8
R13: 00007ffec5ec8710 R14: 0000564286e43a90 R15: 0000000000000000
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:mas_alloc_nodes+0x55/0x16e
Code: ff 41 89 c5 45 85 ed 0f 84 23 01 00 00 31 f6 48 89 df e8 94 c5 ff ff 44 8a
 63 3e 41 83 e4 04 74 0b 48 85 ed 0f 85 06 01 00 00 <0f> 0b 48 85 ed 74 0a 48 8b 43 30 80 78 08 1e 75 3a 8b 74 24 0c 48
RSP: 0018:ffff888141683978 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888141683be8 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888141683be8
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000071
R10: 0000000000000032 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
FS:  00007f993aecc980(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564286eb0320 CR3: 00000001416dc004 CR4: 00000000001706f0
stack segment: 0000 [#3] SMP PTI
CPU: 3 PID: 6246 Comm: (sd-rmrf) Tainted: G      D            6.8.0-build3+ #1653
Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014
RIP: 0010:kmem_cache_alloc+0xd7/0x1c4
Code: 28 74 05 48 85 ed 75 19 45 89 e9 4c 89 f1 83 ca ff 44 89 e6 48 89 df e8 04 ed ff ff 48 89 c5 eb 22 8b 43 28 48 89 ee 48 8b 3b <4c> 8b 7c 05 00 4c 89 fa e8 bf b9 ff ff 84 c0 74 af 8b 43 28 41 0f
RSP: 0018:ffff8881048dfc60 EFLAGS: 00010286
RAX: 0000000000000080 RBX: ffff888100045b00 RCX: 00000000000091a7
RDX: 0000000000000001 RSI: ff88810ace190000 RDI: 0000000000032d90
RBP: ff88810ace190000 R08: ffff88840fbb2d90 R09: 0000000000000040
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000cc0
R13: 0000000000000100 R14: ffffffff81eaf5c3 R15: 0000000000000000
FS:  00007fd912b3f980(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd912f2f6a0 CR3: 0000000141694003 CR4: 00000000001706f0
Call Trace:
 <TASK>
 ? __die_body+0x1a/0x5b
 ? die+0x30/0x49
 ? do_trap+0x7a/0xfd
 ? do_error_trap+0x6e/0x98
 ? exc_stack_segment+0x35/0x45
 ? asm_exc_stack_segment+0x22/0x30
 ? mas_alloc_nodes+0x76/0x16e
 ? kmem_cache_alloc+0xd7/0x1c4
 mas_alloc_nodes+0x76/0x16e
 mas_preallocate+0x123/0x18a
 mmap_region+0x44d/0x607
 do_mmap+0x3cf/0x432
 vm_mmap_pgoff+0xcd/0x11e
 ksys_mmap_pgoff+0x15b/0x189
 do_syscall_64+0x86/0xe5
 entry_SYSCALL_64_after_hwframe+0x6c/0x74
RIP: 0033:0x7fd912f2f6cc
Code: 1e fa 41 f7 c1 ff 0f 00 00 75 33 55 48 89 e5 41 54 41 89 cc 53 48 89 fb 48 85 ff 74 41 45 89 e2 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7c 5b 41 5c 5d c3 0f 1f 80 00 00 00 00 48 8b
RSP: 002b:00007ffc88b77340 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd912f2f6cc
RDX: 0000000000000003 RSI: 0000000000001000 RDI: 0000000000000000
RBP: 00007ffc88b77350 R08: 00000000ffffffff R09: 0000000000000000
R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000022
R13: 0000000000000009 R14: 000000000000000a R15: 0000000000000018
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:mas_alloc_nodes+0x55/0x16e
Code: ff 41 89 c5 45 85 ed 0f 84 23 01 00 00 31 f6 48 89 df e8 94 c5 ff ff 44 8a 63 3e 41 83 e4 04 74 0b 48 85 ed 0f 85 06 01 00 00 <0f> 0b 48 85 ed 74 0a 48 8b 43 30 80 78 08 1e 75 3a 8b 74 24 0c 48
RSP: 0018:ffff888141683978 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888141683be8 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888141683be8
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000071
R10: 0000000000000032 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
FS:  00007fd912b3f980(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd912f2f6a0 CR3: 0000000141694003 CR4: 00000000001706f0
Call Trace:
 <TASK>
 ? __die_body+0x1a/0x5b
 ? die+0x30/0x49
 ? do_trap+0x7a/0xfd
 ? do_error_trap+0x6e/0x98
 ? exc_stack_segment+0x35/0x45
 ? asm_exc_stack_segment+0x22/0x30
 ? mas_dup_build.constprop.0+0x64/0x210
 ? kmem_cache_alloc+0xd7/0x1c4
 ? kmem_cache_alloc+0x5d/0x1c4
 mas_dup_build.constprop.0+0x64/0x210
 ? pcpu_chunk_relocate+0x13/0x37
 __mt_dup+0x70/0xb9
 dup_mmap+0x164/0x4f7
 copy_process+0x7e1/0x1261
 kernel_clone+0xa1/0x204
 ? vfs_read+0x133/0x190
 __do_sys_clone+0x65/0x8b
 do_syscall_64+0x86/0xe5
 entry_SYSCALL_64_after_hwframe+0x6c/0x74
RIP: 0033:0x7f4924f108e7
Code: c3 66 90 f3 0f 1e fa 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11
 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 39 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
RSP: 002b:00007ffe84193978 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f4924f108e7
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 00007ffe84193a80 R08: 0000000000000000 R09: 0000000000000000
R10: 00007f4924c9df50 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:mas_alloc_nodes+0x55/0x16e
Code: ff 41 89 c5 45 85 ed 0f 84 23 01 00 00 31 f6 48 89 df e8 94 c5 ff ff 44 8a 63 3e 41 83 e4 04 74 0b 48 85 ed 0f 85 06 01 00 00 <0f> 0b 48 85 ed 74 0a 48 8b 43 30 80 78 08 1e 75 3a 8b 74 24 0c 48
RSP: 0018:ffff888141683978 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888141683be8 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888141683be8
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000071
R10: 0000000000000032 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
FS:  00007f4924c9dc80(0000) GS:ffff88840fb80000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa08addde1c CR3: 000000011d5ae002 CR4: 00000000001706f0
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux