Re: [REGRESSION] xfs kernel panic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Mo., 17. Feb. 2025 um 16:00 Uhr schrieb Lorenz Brun <lorenz@xxxxxxxxxxxx>:
>
> Hi everyone,
>
> Linux 6.12.14 (released today) contains a regression for XFS, causing
> a kernel panic after just a few seconds of working with a
> freshly-created (xfsprogs 6.9) XFS filesystem. I have not yet bisected
> this because I wanted to get this report out ASAP but I'm going to do
> that now. There are multiple associated stack traces, but all of them
> have xfs_buf_offset as the faulting function.
>
> Example backtrace:
> [   31.745932] BUG: kernel NULL pointer dereference, address: 0000000000000098
> [   31.746590] #PF: supervisor read access in kernel mode
> [   31.747072] #PF: error_code(0x0000) - not-present page
> [   31.747537] PGD 5bee067 P4D 5bee067 PUD 5bef067 PMD 0
> [   31.748016] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
> [   31.748459] CPU: 0 UID: 0 PID: 116 Comm: xfsaild/vda4 Not tainted
> 6.12.14-metropolis #1 9b2470be3d7713b818a3236e4a2804dd9cbef735
> [   31.749490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),
> BIOS 0.0.0 02/06/2015
> [   31.750340] RIP: 0010:xfs_buf_offset+0x9/0x50
> [   31.750823] Code: 08 5b e9 8a 2c c4 00 66 2e 0f 1f 84 00 00 00 00
> 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f
> 44 00 00 <48> 8b 87 98 00 00 00 48 85 c0 75 2e 48 8b 87 00 01 00 00 48
> 89 f2
> [   31.752775] RSP: 0018:ffffbf50c07abdb8 EFLAGS: 00010246
> [   31.753343] RAX: 0000000000000002 RBX: ffff9c0985817d58 RCX: 0000000000000016
> [   31.754103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
> [   31.754734] RBP: 0000000000000000 R08: ffff9c09fb704000 R09: 00000000e0be9fc4
> [   31.755396] R10: 0000000000000000 R11: ffff9c0985827df8 R12: ffff9c09fb57ff58
> [   31.756078] R13: ffff9c0985817eb0 R14: ffff9c09fb704000 R15: ffff9c0985817f00
> [   31.756764] FS:  0000000000000000(0000) GS:ffff9c09fc000000(0000)
> knlGS:0000000000000000
> [   31.757529] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [   31.758041] CR2: 0000000000000098 CR3: 0000000005b70000 CR4: 0000000000350ef0
> [   31.758696] Call Trace:
> [   31.758940]  <TASK>
> [   31.759172]  ? __die+0x56/0x97
> [   31.759473]  ? page_fault_oops+0x15c/0x2d0
> [   31.759853]  ? exc_page_fault+0x4c5/0x790
> [   31.760237]  ? asm_exc_page_fault+0x26/0x30
> [   31.760637]  ? xfs_buf_offset+0x9/0x50
> [   31.761002]  ? srso_return_thunk+0x5/0x5f
> [   31.761409]  xfs_qm_dqflush+0xd0/0x350
> [   31.761799]  xfs_qm_dquot_logitem_push+0xe9/0x140
> [   31.762253]  xfsaild+0x347/0xa10
> [   31.762567]  ? srso_return_thunk+0x5/0x5f
> [   31.762952]  ? srso_return_thunk+0x5/0x5f
> [   31.763325]  ? __pfx_xfsaild+0x10/0x10
> [   31.763665]  kthread+0xd2/0x100
> [   31.763985]  ? __pfx_kthread+0x10/0x10
> [   31.764342]  ret_from_fork+0x34/0x50
> [   31.764675]  ? __pfx_kthread+0x10/0x10
> [   31.765029]  ret_from_fork_asm+0x1a/0x30
> [   31.765408]  </TASK>
> [   31.765618] Modules linked in: kvm_amd
> [   31.765978] CR2: 0000000000000098
> [   31.766297] ---[ end trace 0000000000000000 ]---
> [   32.371004] RIP: 0010:xfs_buf_offset+0x9/0x50
> [   32.371453] Code: 08 5b e9 8a 2c c4 00 66 2e 0f 1f 84 00 00 00 00
> 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f
> 44 00 00 <48> 8b 87 98 00 00 00 48 85 c0 75 2e 48 8b 87 00 01 00 00 48
> 89 f2
> [   32.373133] RSP: 0018:ffffbf50c07abdb8 EFLAGS: 00010246
> [   32.373611] RAX: 0000000000000002 RBX: ffff9c0985817d58 RCX: 0000000000000016
> [   32.374275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
> [   32.374921] RBP: 0000000000000000 R08: ffff9c09fb704000 R09: 00000000e0be9fc4
> [   32.375720] R10: 0000000000000000 R11: ffff9c0985827df8 R12: ffff9c09fb57ff58
> [   32.376376] R13: ffff9c0985817eb0 R14: ffff9c09fb704000 R15: ffff9c0985817f00
> [   32.377027] FS:  0000000000000000(0000) GS:ffff9c09fc000000(0000)
> knlGS:0000000000000000
> [   32.377761] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [   32.378292] CR2: 0000000000000098 CR3: 0000000005b70000 CR4: 0000000000350ef0
> [   32.378940] Kernel panic - not syncing: Fatal exception
> [   32.379492] Kernel Offset: 0x2a600000 from 0xffffffff81000000
> (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
>
> #regzbot introduced: v6.12.13..v6.12.14
>
> Regards,
> Lorenz

Hi everyone,

I root-caused this to 5808d420 ("xfs: attach dquot buffer to dquot log
item buffer"), but needs reverting of the 3 follow-up commits
(d331fc15, ee6984a2 and 84307caf) as well as they depend on the broken
one. With that 6.12.14 passes our test suite again. Reproduction
should be rather easy by just creating a fresh filesystem, mounting
with "prjquota" and performing I/O.

Regards,
Lorenz
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux