* [linux-next:master] [loop] 0ba93a906d: kernel_BUG_at_fs/jbd2/transaction.c
@ 2025-11-26 13:25 kernel test robot
0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2025-11-26 13:25 UTC (permalink / raw)
To: Ming Lei; +Cc: oe-lkp, lkp, Jens Axboe, linux-block, oliver.sang
Hello,
kernel test robot noticed "kernel_BUG_at_fs/jbd2/transaction.c" on:
commit: 0ba93a906dda7ede9e7669adefe005ee18f3ff42 ("loop: try to handle loop aio command via NOWAIT IO first")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master
[test failed on linux-next/master 422f3140bbcb657e1b86c484296972ab76f6d1ff]
in testcase: xfstests
version: xfstests-x86_64-5b75444b-1_20251117
with following parameters:
disk: 4HDD
fs: ext4
test: ext4-group-01
config: x86_64-rhel-9.4-func
compiler: gcc-14
test machine: 4 threads Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (Skylake) with 32G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202511262144.9c2a4258-lkp@intel.com
[ 939.823614][T22441] ------------[ cut here ]------------
[ 939.828895][T22441] kernel BUG at fs/jbd2/transaction.c:477!
[ 939.834554][T22441] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 939.840607][T22441] CPU: 2 UID: 0 PID: 22441 Comm: resize2fs Tainted: G S 6.18.0-rc2-00132-g0ba93a906dda #1 PREEMPT(voluntary)
[ 939.853453][T22441] Tainted: [S]=CPU_OUT_OF_SPEC
[ 939.858033][T22441] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.8.1 12/05/2017
[ 939.866057][T22441] RIP: 0010:jbd2__journal_start (fs/jbd2/transaction.c:477 (discriminator 1))
[ 939.871760][T22441] Code: 00 fc ff df 49 c1 ee 03 41 80 3c 06 00 0f 85 e1 02 00 00 48 8b 3d c6 1f 36 05 48 89 de 49 63 dc e8 8b c7 a3 ff e9 cd fc ff ff <0f> 0b 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 24 48 89 fa 48 c1 ea
All code
========
0: 00 fc add %bh,%ah
2: ff lcall (bad)
3: df 49 c1 fisttps -0x3f(%rcx)
6: ee out %al,(%dx)
7: 03 41 80 add -0x80(%rcx),%eax
a: 3c 06 cmp $0x6,%al
c: 00 0f add %cl,(%rdi)
e: 85 e1 test %esp,%ecx
10: 02 00 add (%rax),%al
12: 00 48 8b add %cl,-0x75(%rax)
15: 3d c6 1f 36 05 cmp $0x5361fc6,%eax
1a: 48 89 de mov %rbx,%rsi
1d: 49 63 dc movslq %r12d,%rbx
20: e8 8b c7 a3 ff call 0xffffffffffa3c7b0
25: e9 cd fc ff ff jmp 0xfffffffffffffcf7
2a:* 0f 0b ud2 <-- trapping instruction
2c: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
33: fc ff df
36: 48 8d 7b 24 lea 0x24(%rbx),%rdi
3a: 48 89 fa mov %rdi,%rdx
3d: 48 rex.W
3e: c1 .byte 0xc1
3f: ea (bad)
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
9: fc ff df
c: 48 8d 7b 24 lea 0x24(%rbx),%rdi
10: 48 89 fa mov %rdi,%rdx
13: 48 rex.W
14: c1 .byte 0xc1
15: ea (bad)
[ 939.891057][T22441] RSP: 0018:ffffc900011ff0b0 EFLAGS: 00010206
[ 939.896939][T22441] RAX: dffffc0000000000 RBX: ffff8881c2580c60 RCX: 0000000000000008
[ 939.904715][T22441] RDX: 1ffff110219c19e0 RSI: 0000000000000002 RDI: ffff888289698d88
[ 939.912494][T22441] RBP: ffff8881107ca000 R08: 0000000000000c40 R09: 0000000000000001
[ 939.920294][T22441] R10: ffff8881104c4237 R11: ffffffff81e75650 R12: ffff88810ce0cf00
[ 939.928061][T22441] R13: 0000000000000000 R14: ffff8887fb9126b8 R15: 0000000000000001
[ 939.935827][T22441] FS: 00007efec8397100(0000) GS:ffff888803fbd000(0000) knlGS:0000000000000000
[ 939.944540][T22441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 939.950938][T22441] CR2: 000055903d381a28 CR3: 00000001aa534004 CR4: 00000000003726f0
[ 939.958704][T22441] Call Trace:
[ 939.961819][T22441] <TASK>
[ 939.964591][T22441] ? __pfx_current_time (fs/inode.c:2289)
[ 939.969431][T22441] ext4_dirty_inode (fs/ext4/ext4_jbd2.h:242 fs/ext4/inode.c:6514)
[ 939.974014][T22441] __mark_inode_dirty (arch/x86/include/asm/jump_label.h:36 include/trace/events/writeback.h:149 fs/fs-writeback.c:2568)
[ 939.978766][T22441] generic_update_time (fs/inode.c:2107)
[ 939.983532][T22441] touch_atime (fs/inode.c:2119 fs/inode.c:2190)
[ 939.987781][T22441] ext4_file_read_iter (include/linux/fs.h:2673 fs/ext4/file.c:97 fs/ext4/file.c:145)
[ 939.992708][T22441] lo_submit_rw_aio+0x194/0x530 loop
[ 939.998581][T22441] ? arch_stack_walk (arch/x86/kernel/stacktrace.c:26)
[ 940.003166][T22441] ? __pfx_lo_submit_rw_aio+0x10/0x10 loop
[ 940.009558][T22441] ? __rq_qos_issue (block/blk-rq-qos.c:49)
[ 940.014054][T22441] ? blk_mq_start_request (block/blk-mq.c:1370 (discriminator 2))
[ 940.019151][T22441] loop_queue_rq (drivers/block/loop.c:484 drivers/block/loop.c:1977) loop
[ 940.024165][T22441] __blk_mq_issue_directly (block/blk-mq.c:2001 block/blk-mq.c:2712)
[ 940.029347][T22441] ? __pfx___blk_mq_issue_directly (block/blk-mq.c:2696)
[ 940.035133][T22441] ? bdev_count_inflight (block/genhd.c:169)
[ 940.040058][T22441] ? blk_mq_request_issue_directly (block/blk-mq.c:2794 (discriminator 1))
[ 940.045930][T22441] blk_mq_issue_direct (block/blk-mq.c:2818)
[ 940.050854][T22441] blk_mq_dispatch_queue_requests (block/blk-mq.c:2892 (discriminator 2))
[ 940.056726][T22441] blk_mq_flush_plug_list (include/linux/blk-mq.h:251 block/blk-mq.c:2976)
[ 940.061909][T22441] ? blk_account_io_start (block/blk-mq.c:1131 block/blk-mq.c:1106)
[ 940.067093][T22441] ? __pfx_blk_mq_flush_plug_list (block/blk-mq.c:2954)
[ 940.072791][T22441] ? blk_mq_submit_bio (block/blk-mq.c:3228)
[ 940.077888][T22441] __blk_flush_plug (include/linux/blk-mq.h:251 block/blk-core.c:1232)
[ 940.082576][T22441] ? kasan_save_track (mm/kasan/common.c:69 (discriminator 1) mm/kasan/common.c:78 (discriminator 1))
[ 940.087255][T22441] ? __kasan_slab_alloc (mm/kasan/common.c:342 mm/kasan/common.c:368)
[ 940.092093][T22441] ? __pfx___blk_flush_plug (block/blk-core.c:1222)
[ 940.097277][T22441] __submit_bio (block/blk-core.c:1253 (discriminator 1) block/blk-core.c:651 (discriminator 1))
[ 940.101600][T22441] ? __pfx_mempool_alloc_noprof (mm/mempool.c:389)
[ 940.107128][T22441] ? __pfx___submit_bio (block/blk-core.c:627)
[ 940.111967][T22441] ? bio_init (arch/x86/include/asm/atomic.h:28 include/linux/atomic/atomic-arch-fallback.h:503 include/linux/atomic/atomic-instrumented.h:68 block/bio.c:281)
[ 940.116117][T22441] submit_bio_noacct_nocheck (include/linux/bio.h:609 block/blk-core.c:725 block/blk-core.c:755)
[ 940.121578][T22441] ? __pfx_bio_alloc_bioset (block/bio.c:511)
[ 940.126762][T22441] ? __pfx_submit_bio_noacct_nocheck (block/blk-core.c:731)
[ 940.132720][T22441] ? submit_bio_noacct (block/blk-core.c:877 (discriminator 1))
[ 940.137741][T22441] ? __pfx_end_buffer_read_sync (fs/buffer.c:159)
[ 940.143276][T22441] ext4_read_bh (include/linux/buffer_head.h:418 fs/ext4/super.c:207)
[ 940.147605][T22441] ext4_get_bitmap+0x9b/0xf0
[ 940.152624][T22441] ? __asan_memset (mm/kasan/shadow.c:84 (discriminator 2))
[ 940.157043][T22441] ext4_setup_new_descs (fs/ext4/resize.c:1322 fs/ext4/resize.c:1368)
[ 940.162064][T22441] ext4_flex_group_add (fs/ext4/resize.c:1590)
[ 940.166990][T22441] ? __pfx_ext4_flex_group_add (fs/ext4/resize.c:1539)
[ 940.172433][T22441] ? alloc_flex_gd (fs/ext4/resize.c:269 (discriminator 4))
[ 940.177014][T22441] ext4_resize_fs (fs/ext4/resize.c:2166 (discriminator 1))
[ 940.181596][T22441] ? __pfx_ext4_resize_fs (fs/ext4/resize.c:1998)
[ 940.186607][T22441] ? security_capable (security/security.c:1181 (discriminator 1))
[ 940.191287][T22441] __ext4_ioctl (fs/ext4/ext4.h:1787 fs/ext4/ioctl.c:1746)
[ 940.195780][T22441] ? __pfx___ext4_ioctl (fs/ext4/ioctl.c:1526)
[ 940.200618][T22441] ? do_faccessat (fs/open.c:533)
[ 940.205114][T22441] ? __pfx_do_vfs_ioctl (fs/ioctl.c:494)
[ 940.209951][T22441] ? __pfx_do_faccessat (fs/open.c:468)
[ 940.214792][T22441] ? __x64_sys_access (fs/open.c:550)
[ 940.219460][T22441] ? do_syscall_64 (arch/x86/include/asm/jump_label.h:36 include/linux/context_tracking_state.h:108 include/linux/context_tracking.h:41 include/linux/irq-entry-common.h:261 include/linux/entry-common.h:212 arch/x86/entry/syscall_64.c:100)
[ 940.224042][T22441] ? __handle_mm_fault (mm/memory.c:6318)
[ 940.229054][T22441] ? fdget (include/linux/atomic/atomic-arch-fallback.h:479 (discriminator 2) include/linux/atomic/atomic-instrumented.h:50 (discriminator 2) fs/file.c:1167 (discriminator 2) fs/file.c:1181 (discriminator 2))
[ 940.232863][T22441] ? __pfx___handle_mm_fault (mm/memory.c:6229)
[ 940.238132][T22441] __x64_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:597 fs/ioctl.c:583 fs/ioctl.c:583)
[ 940.242715][T22441] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))
[ 940.247123][T22441] ? count_memcg_events (arch/x86/include/asm/atomic.h:23 include/linux/atomic/atomic-arch-fallback.h:457 include/linux/atomic/atomic-instrumented.h:33 mm/memcontrol.c:560 mm/memcontrol.c:583 mm/memcontrol.c:564 mm/memcontrol.c:846)
[ 940.252136][T22441] ? handle_mm_fault (mm/memory.c:6360 mm/memory.c:6513)
[ 940.256889][T22441] ? do_user_addr_fault (arch/x86/include/asm/atomic.h:93 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:949 (discriminator 4) include/linux/atomic/atomic-instrumented.h:401 (discriminator 4) include/linux/refcount.h:389 (discriminator 4) include/linux/refcount.h:432 (discriminator 4) include/linux/mmap_lock.h:143 (discriminator 4) include/linux/mmap_lock.h:182 (discriminator 4) arch/x86/mm/fault.c:1338 (discriminator 4))
[ 940.261904][T22441] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 940.267602][T22441] RIP: 0033:0x7efec84a48db
[ 940.271839][T22441] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
All code
========
0: 00 48 89 add %cl,-0x77(%rax)
3: 44 24 18 rex.R and $0x18,%al
6: 31 c0 xor %eax,%eax
8: 48 8d 44 24 60 lea 0x60(%rsp),%rax
d: c7 04 24 10 00 00 00 movl $0x10,(%rsp)
14: 48 89 44 24 08 mov %rax,0x8(%rsp)
19: 48 8d 44 24 20 lea 0x20(%rsp),%rax
1e: 48 89 44 24 10 mov %rax,0x10(%rsp)
23: b8 10 00 00 00 mov $0x10,%eax
28: 0f 05 syscall
2a:* 89 c2 mov %eax,%edx <-- trapping instruction
2c: 3d 00 f0 ff ff cmp $0xfffff000,%eax
31: 77 1c ja 0x4f
33: 48 8b 44 24 18 mov 0x18(%rsp),%rax
38: 64 fs
39: 48 rex.W
3a: 2b .byte 0x2b
3b: 04 25 add $0x25,%al
3d: 28 00 sub %al,(%rax)
...
Code starting with the faulting instruction
===========================================
0: 89 c2 mov %eax,%edx
2: 3d 00 f0 ff ff cmp $0xfffff000,%eax
7: 77 1c ja 0x25
9: 48 8b 44 24 18 mov 0x18(%rsp),%rax
e: 64 fs
f: 48 rex.W
10: 2b .byte 0x2b
11: 04 25 add $0x25,%al
13: 28 00 sub %al,(%rax)
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20251126/202511262144.9c2a4258-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-11-26 13:25 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-26 13:25 [linux-next:master] [loop] 0ba93a906d: kernel_BUG_at_fs/jbd2/transaction.c kernel test robot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).