Hi, > > On Jun 22, 2022, at 3:04 PM, Chuck Lever III <chuck.lever@xxxxxxxxxx> wrote: > >> On Jun 22, 2022, at 2:36 PM, Wang Yugui <wangyugui@xxxxxxxxxxxx> wrote: > >> > >> Hi, > >> > >> fstests generic/531 triggered a panic on kernel 5.19.0-rc3 with this > >> patchset. > > > > As I mention in the cover letter, I haven't tried running generic/531 > > yet -- no claim at all that this is finished work and that #386 has > > been fixed at this point. I'm merely interested in comments on the > > general approach. > > > > > >> [ 405.478056] BUG: kernel NULL pointer dereference, address: 0000000000000049 > > > > The "RIP: " tells the location of the crash. Notice that the call > > trace here does not include that information. From your attachment: > > > > [ 405.518022] RIP: 0010:nfsd_do_file_acquire+0x4e1/0xb80 [nfsd] > > > > To match that to a line of source code: > > > > [cel@manet ~]$ cd src/linux/linux/ > > [cel@manet linux]$ scripts/faddr2line ../obj/manet/fs/nfsd/filecache.o nfsd_do_file_acquire+0x4e1 > > nfsd_do_file_acquire+0x4e1/0xfc0: > > rht_bucket_insert at /home/cel/src/linux/linux/include/linux/rhashtable.h:303 > > (inlined by) __rhashtable_insert_fast at /home/cel/src/linux/linux/include/linux/rhashtable.h:718 > > (inlined by) rhashtable_lookup_get_insert_key at /home/cel/src/linux/linux/include/linux/rhashtable.h:982 > > (inlined by) nfsd_file_insert at /home/cel/src/linux/linux/fs/nfsd/filecache.c:1031 > > (inlined by) nfsd_do_file_acquire at /home/cel/src/linux/linux/fs/nfsd/filecache.c:1089 > > [cel@manet linux]$ > > > > This is an example, I'm sure my compiled objects don't match yours. > > > > And, now that I've added observability, you should be able to do: > > > > # watch cat /proc/fs/nfsd/filecache > > > > to see how many items are in the hash and LRU list while the test > > is running. > > > > > >> [ 405.608016] Call Trace: > >> [ 405.608016] <TASK> > >> [ 405.613020] nfs4_get_vfs_file+0x325/0x410 [nfsd] > >> [ 405.618018] nfsd4_process_open2+0x4ba/0x16d0 [nfsd] > >> [ 405.623016] ? inode_get_bytes+0x38/0x40 > >> [ 405.623016] ? nfsd_permission+0x97/0xf0 [nfsd] > >> [ 405.628022] ? fh_verify+0x1cc/0x6f0 [nfsd] > >> [ 405.633025] nfsd4_open+0x640/0xb30 [nfsd] > >> [ 405.638025] nfsd4_proc_compound+0x3bd/0x710 [nfsd] > >> [ 405.643017] nfsd_dispatch+0x143/0x270 [nfsd] > >> [ 405.648019] svc_process_common+0x3bf/0x5b0 [sunrpc] > > I was able to trigger something that looks very much like this crash. > If you remove this line from fs/nfsd/filecache.c: > > .max_size = 131072, /* buckets */ > > things get a lot more stable for generic/531. > > I'm looking into the issue now. Yes. When '.max_size = 131072' is removed, fstests generic/531 passed. Best Regards Wang Yugui (wangyugui@xxxxxxxxxxxx) 2022/06/23
