From mboxrd@z Thu Jan 1 00:00:00 1970 From: Vegard Nossum Subject: ext4 endless "orphan list check failed!" spew/lockup Date: Tue, 1 Dec 2015 17:42:36 +0100 Message-ID: <565DCDFC.3010300@oracle.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------070805090208030109000508" Cc: linux-ext4@vger.kernel.org To: "Theodore Ts'o" , Andreas Dilger Return-path: Received: from aserp1040.oracle.com ([141.146.126.69]:18449 "EHLO aserp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751442AbbLAQmq (ORCPT ); Tue, 1 Dec 2015 11:42:46 -0500 Sender: linux-ext4-owner@vger.kernel.org List-ID: This is a multi-part message in MIME format. --------------070805090208030109000508 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hi, Mounting the attached filesystem image (fuzzed) on latest linus/master causes an endless stream of the following output on the console: EXT4-fs (loop0): Inode 5 (ffff8800153ed720): orphan list check failed! ffff8800153ed720: 00000000 00000000 00000000 00000000 ................ ffff8800153ed730: 00000000 00000000 00000000 00000000 ................ ffff8800153ed740: 00000000 00000000 00000000 00000000 ................ ffff8800153ed750: 00000000 00000000 00000000 00000000 ................ ffff8800153ed760: 00000000 00000000 00000000 00000000 ................ ffff8800153ed770: 00000000 00000000 00000000 00000000 ................ ffff8800153ed780: 153ed780 ffff8800 153ed780 ffff8800 ..>.......>..... ffff8800153ed790: 00000000 00000000 00000000 00000000 ................ ffff8800153ed7a0: 153edcc0 ffff8800 15a0b920 ffff8800 ..>..... ....... ffff8800153ed7b0: 00000000 00000000 00000000 00000000 ................ ffff8800153ed7c0: 153ed7c0 ffff8800 153ed7c0 ffff8800 ..>.......>..... ffff8800153ed7d0: 00000000 00000000 00000000 00000000 ................ ffff8800153ed7e0: 00008000 00000000 00000000 00000000 ................ ffff8800153ed7f0: ffffffff ffffffff ffffffff ffffffff ................ ffff8800153ed800: 82080e80 ffffffff 15a0c050 ffff8800 ........P....... ffff8800153ed810: 153ed938 ffff8800 0007dc80 ffff8800 8.>............. ffff8800153ed820: 00000005 00000000 00000000 00000000 ................ ffff8800153ed830: 00000000 00000000 565dc7b8 00000000 ..........]V.... ffff8800153ed840: 00000000 00000000 565dc7b8 00000000 ..........]V.... ffff8800153ed850: 00000000 00000000 565dc7b8 00000000 ..........]V.... ffff8800153ed860: 00000000 00000000 00000000 00000000 ................ ffff8800153ed870: 0000000a 00000000 00000000 00000000 ................ ffff8800153ed880: 00000060 00000000 00000001 00000000 `............... ffff8800153ed890: 153ed890 ffff8800 153ed890 ffff8800 ..>.......>..... ffff8800153ed8a0: 00000000 00000000 00000000 00000000 ................ ffff8800153ed8b0: 00000000 00000000 00000000 00000000 ................ ffff8800153ed8c0: 00000000 00000000 00000000 00000000 ................ ffff8800153ed8d0: 153ed8d0 ffff8800 153ed8d0 ffff8800 ..>.......>..... ffff8800153ed8e0: 153ed8e0 ffff8800 153ed8e0 ffff8800 ..>.......>..... ffff8800153ed8f0: 153ed8f0 ffff8800 153ed8f0 ffff8800 ..>.......>..... ffff8800153ed900: 00000000 00000000 81317bc0 ffffffff .........{1..... ffff8800153ed910: 00000000 00000000 00000000 00000000 ................ ffff8800153ed920: 00000000 00000000 82080fa0 ffffffff ................ ffff8800153ed930: 00000000 00000000 153ed7e0 ffff8800 ..........>..... ffff8800153ed940: 00000000 02080020 00000000 00000000 .... ........... ffff8800153ed950: 00000000 00000000 00000000 00000000 ................ ffff8800153ed960: 00000000 00000000 153ed968 ffff8800 ........h.>..... ffff8800153ed970: 153ed968 ffff8800 00000000 00000000 h.>............. ffff8800153ed980: 00000000 00000000 00000000 00000000 ................ ffff8800153ed990: 00000000 00000000 00000000 00000000 ................ ffff8800153ed9a0: 82080d80 ffffffff 024200ca 00000000 ..........B..... ffff8800153ed9b0: 00000000 00000000 153ed9b8 ffff8800 ..........>..... ffff8800153ed9c0: 153ed9b8 ffff8800 00000000 00000000 ..>............. ffff8800153ed9d0: 153ed9d0 ffff8800 153ed9d0 ffff8800 ..>.......>..... ffff8800153ed9e0: 00000000 00000000 00000000 00000000 ................ ffff8800153ed9f0: 00000000 00000000 00000000 00000000 ................ ffff8800153eda00: 00000000 00000000 00000000 00000000 ................ ffff8800153eda10: 00000000 00000000 00000000 00000000 ................ ffff8800153eda20: 153eda20 ffff8800 153eda20 ffff8800 .>..... .>..... ffff8800153eda30: 00000000 00000000 00000000 00000000 ................ ffff8800153eda40: 00000000 00000000 00000000 00000000 ................ ffff8800153eda50: 153eda50 ffff8800 153eda50 ffff8800 P.>.....P.>..... ffff8800153eda60: 00000000 00000000 00000000 ffffffff ................ ffff8800153eda70: 00000000 00000000 00000000 00000000 ................ ffff8800153eda80: 00000000 00000000 00000000 00000000 ................ ffff8800153eda90: 00000000 00000000 00000000 00000000 ................ ffff8800153edaa0: 153edaa0 ffff8800 153edaa0 ffff8800 ..>.......>..... ffff8800153edab0: 00000000 00000000 ffffffe0 0000000f ................ ffff8800153edac0: 153edac0 ffff8800 153edac0 ffff8800 ..>.......>..... ffff8800153edad0: 81302e40 ffffffff 00000000 00000003 @.0............. ffff8800153edae0: 00000003 00000000 00000000 00000000 ................ ffff8800153edaf0: 00000000 00000000 00000000 00000000 ................ ffff8800153edb00: 00000000 00000000 ........ CPU: 1 PID: 957 Comm: mount Not tainted 4.4.0-rc3+ #244 ffffffff820ac0c0 ffff88001562f868 ffffffff81610cc9 ffff8800153ed7e0 ffff88001562f8a0 ffffffff8133097a 00000000000003e8 ffffffff00000001 ffff8800153ed7e0 ffffffff820ac0c0 ffff8800153ed880 ffff88001562f8c0 Call Trace: [] dump_stack+0x44/0x5b [] ext4_destroy_inode+0xba/0xc0 [] destroy_inode+0x5f/0x80 [] evict+0x1e5/0x270 [] iput+0x297/0x350 [] ext4_fill_super+0x4fa5/0x53b0 [] ? deactivate_slab+0x32a/0x3e0 [] ? strnlen+0x31/0x60 [] ? ext4_calculate_overhead+0x530/0x530 [] ? snprintf+0x88/0xa0 [] ? up_write+0x11/0x30 [] ? register_shrinker+0xca/0x110 [] ? set_blocksize+0x8e/0x140 [] mount_bdev+0x284/0x2e0 [] ? ext4_calculate_overhead+0x530/0x530 [] ? mount_ns+0xc0/0xc0 [] ? __kmalloc_track_caller+0xbe/0x190 [] ? kstrdup_const+0x1e/0x20 [] ? memcpy+0x36/0x40 [] ext4_mount+0x10/0x20 [] mount_fs+0x56/0x1b0 [] ? alloc_vfsmnt+0x2f2/0x350 [] vfs_kern_mount+0x66/0x190 [] do_mount+0x362/0x16b0 [] ? ___slab_alloc+0x152/0x470 [] ? copy_mount_string+0x20/0x20 [] ? kasan_unpoison_shadow+0x36/0x50 [] ? kasan_kmalloc+0x5e/0x70 [] ? kasan_slab_alloc+0xd/0x10 [] ? __kmalloc_track_caller+0xbe/0x190 [] ? strndup_user+0x41/0x70 [] ? copy_mount_options+0x23/0x1d0 [] ? memdup_user+0x3d/0x70 [] SyS_mount+0xf6/0x160 [] ? copy_mnt_ns+0x440/0x440 [] entry_SYSCALL_64_fastpath+0x12/0x71 This seems to lock up the VM as well. A quick look/guess suggests maybe a cycle in the orphan list, maybe something in ext4_orphan_del() could cause an infinite loop in the cleanup? I can test patches. Thanks, Vegard --------------070805090208030109000508 Content-Type: application/x-bzip; name="ext4.1.bz2" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="ext4.1.bz2" QlpoOTFBWSZTWTZfgysAAHT//////////////wE9Ez/Pn7D8ACL5xOsxr8hABAbk86590AS+ AxOIAdAAg0xA0aAGjBABo0YTCZDENANGTTI0yDTT96pExDQyNGgADQAADQGkmijQAAAAANBp iDGo0NGTT1AAyAAAAADQAAAAAAQ9VSmJgRgAAAAAAAAAAAAAAAAAAAAAAABBgTRpoaaaYmJo aaaGAjAIwgMmAmmjAQBgATIwCaZAMgBiGmQFSSIJhJk0Tap+mimj1P0MqaaA00aNqepkNNqb IT1PUeiNDZT0hoB6QMg8p6mjRtTyT1DMo/Uep6UvxvvrveMIvNzmExUuY5pS6Xxky2RhZFox Tft/PEl0wMfkdln0XfOW8ldszoMrdY19cxTSrfKkjvlGChnqI5im+lEZFcKsFN6vt1q6Do/h rkX5N9ZMVJCRhoiRDq0kiSJMtQlUQIJPSqQgkEZ6iQRJ9XQRpSSS6RImi1OBj4IXrtG/eHnY PO51u8u19DF5mUMVSbzLoo1dNMEwVHEpxqSanHpYbH2NrOaRq6b4OyvWos0AYwJXNoFOGJXG zp8klj0DifWrl65KgoaKjYJBjGEtMyRCZgKQ1KzTpkSp6hpU1SQayrZYGwq29YqClbXV9hY2 VmqFpli2OLczgxOF5OThi7mTBmQODg4UJJBmSIOdoZyTckEQkTwGBHImoMFCpakvVPFUxVBE gB4ijuU2FSS+gPqfTtahVSKpmVItRVKqGBa6XTYeesqMiCKxisiCKwARARAAEBFBQAABAAAB QRAAFBUBAAEQAAABQBUAAVwVgwAAAAAFQARABVAozxUg8hklpipe4yi0F1RllSLKnvVQRIAc /Qsl5gW4e9ksRcxsrKvmIqEwpQXr8MF0RPDqSfQVIRepIS+pEOEqSAgCzfLX3WySnL7yfobS /u9jyl0lJUyMk15rrmBtyTDc4HSl0P2ZbIb9QyKnLo2da0k6Dj5mjTPgRkqRpSXyXHNX6lfC epcwtBie3R2ztNA9jrloTr8BZG3lt76cWLJcqbKuIpnqGurrSoWe53q6Lll1zVVPgSllKRUN ip39HzaF7hSluLTNKPd7NprqBvFZ2ZY8eVk3O3cf9KR39JHs17KjtP9WNVTajU1uRpanDKsr hWhKq6EopQsAAAYAAAAAAJAAA3DAhGRLshCOic7o9Lzel5/ocmeFKdOoOUo+ZUfPKT9Sk1vr SWslWkpzXIaz1F6eLM9jqKh4xX9aHVVqypyle1KScX8dWkbiXrHo4asncK8d6Vp++n5inVlE xyjy1dWE8KkHUnrxHZohX3vAnTmSeC6b1VM2zSazYXLvWd71nrPXf20Wg5LjvY0mY/uy4M2N 8Ziddou1L2HRZHYuWbwwcNTeuwszPK05icLXSXSmnXyZQXR6Cht+ZafO5zw1uof7co8GEm1j 4yh5fjTtrndnBcGdqdFz3ppTzWOatfFqbTpFk3T/3A2+T5OHdKTdntp6pd2yjbm6dE4e3leA xf5lc+Sei9N7jc0qrDgwWaZUkhIAZiU7kpxKXH52F7u5em7KSMMqSe0oqlUTdu5rr8/CO7VV /8XckU4UJA2X4MrA --------------070805090208030109000508--