* [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 @ 2024-07-14 3:46 ` Zorro Lang 2024-07-15 4:28 ` Theodore Ts'o 2024-07-15 8:05 ` Daniel Gomez 0 siblings, 2 replies; 8+ messages in thread From: Zorro Lang @ 2024-07-14 3:46 UTC (permalink / raw) To: linux-ext4; +Cc: fstests, Darrick J. Wong, Daniel Gomez Hi, A weird kernel panic on ext4 happened when I tried to test a fstests patchset: https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 its 4nd one: https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#m5627037d617e9bc41b12bb7cc3f54fe4fb238dc6 brings in lots of test failures, that might be a test bug. But besides that, an ext4 kernel panic was triggered with this patchset (I can't reproduce it without this patchset). Looks like an error was triggered by another error, so I decided to report out. With this patchset, the generic/388 rarely(~1%) hit below panic[1], the .full output as [0]. I'm not sure if it's a hidden ext4 bug, so send to ext4 list to get a review. Thanks, Zorro [0] Creating filesystem with 3932160 4k blocks and 983040 inodes Filesystem UUID: b9690547-c193-4a82-b0df-4682bd621d3f Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208 Allocating group tables: 0/120␈␈␈␈␈␈␈ ␈␈␈␈␈␈␈done Writing inode tables: 0/120␈␈␈␈␈␈␈ ␈␈␈␈␈␈␈done Creating journal (16384 blocks): done Writing superblocks and filesystem accounting information: 0/120␈␈␈␈␈␈␈ ␈␈␈␈␈␈␈done seed = 1721442161 seed = 1721536124 seed = 1721158986 seed = 1720946557 seed = 1721227174 seed = 1721752477 seed = 1721267087 seed = 1721329675 seed = 1721263635 seed = 1721309164 seed = 1721144436 seed = 1721492144 seed = 1721512519 seed = 1720725632 cycle mount failed [1] [35310.777927] run fstests generic/388 at 2024-07-13 21:12:06 [35312.098738] EXT4-fs (sda2): mounted filesystem 6fedaf97-5fe1-4d3d-868d-5ad4900db404 r/w with ordered data mode. Quota mode: none. [35312.124292] EXT4-fs (sda2): shut down requested (1) [35312.129211] Aborting journal on device sda2-8. [35312.147925] EXT4-fs (sda2): unmounting filesystem 6fedaf97-5fe1-4d3d-868d-5ad4900db404. [35312.486599] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35312.524885] EXT4-fs (sda2): shut down requested (2) [35312.529803] Aborting journal on device sda2-8. [35313.280289] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35313.353971] EXT4-fs (sda2): recovery complete [35313.359705] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35315.399337] EXT4-fs (sda2): shut down requested (2) [35315.404250] Aborting journal on device sda2-8. [35316.683330] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35316.764573] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35316.771480] EXT4-fs (sda2): write access will be enabled during recovery [35317.049655] EXT4-fs (sda2): recovery complete [35317.055129] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35317.080533] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35317.165130] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35319.203680] EXT4-fs (sda2): shut down requested (2) [35319.208606] Aborting journal on device sda2-8. [35320.521093] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35320.603849] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35320.611211] EXT4-fs (sda2): write access will be enabled during recovery [35320.993602] EXT4-fs (sda2): recovery complete [35320.999013] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35321.025053] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35321.119319] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35323.157897] EXT4-fs (sda2): shut down requested (2) [35323.162810] Aborting journal on device sda2-8. [35324.496257] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35324.575773] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35324.582695] EXT4-fs (sda2): write access will be enabled during recovery [35324.717245] EXT4-fs (sda2): recovery complete [35324.723102] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35324.748295] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35324.817159] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35324.855518] EXT4-fs (sda2): shut down requested (2) [35324.860423] Aborting journal on device sda2-8. [35324.867025] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=393645 [35324.867280] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786642 [35324.868330] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=131526 [35324.868593] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=131938 [35324.878133] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=394150 [35324.883455] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786642 [35324.916255] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786642 [35325.610405] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35325.662638] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35325.669550] EXT4-fs (sda2): write access will be enabled during recovery [35325.687756] EXT4-fs (sda2): recovery complete [35325.694064] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35325.719752] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35325.770603] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35326.809758] EXT4-fs (sda2): shut down requested (2) [35326.814670] Aborting journal on device sda2-8. [35327.823794] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35328.283170] EXT4-fs (sda2): 1 orphan inode deleted [35328.288002] EXT4-fs (sda2): recovery complete [35328.294197] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35329.333283] EXT4-fs (sda2): shut down requested (2) [35329.338200] Aborting journal on device sda2-8. [35330.341614] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35330.912577] EXT4-fs (sda2): 1 truncate cleaned up [35330.917347] EXT4-fs (sda2): recovery complete [35330.923052] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35331.962748] EXT4-fs (sda2): shut down requested (2) [35331.967667] Aborting journal on device sda2-8. [35333.031590] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35333.147943] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35333.154863] EXT4-fs (sda2): write access will be enabled during recovery [35333.577648] EXT4-fs (sda2): recovery complete [35333.583083] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35333.611173] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35333.706016] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35333.803908] EXT4-fs warning (device sda2): ext4_convert_unwritten_extents_endio:3720: Inode (132935) finished: extent logical block 733, len 66; IO logical block 758, len 26 [35335.746179] EXT4-fs (sda2): shut down requested (2) [35335.751095] Aborting journal on device sda2-8. [35337.014618] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35337.098961] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35337.106293] EXT4-fs (sda2): write access will be enabled during recovery [35337.361488] EXT4-fs (sda2): recovery complete [35337.366906] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35337.392378] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35337.472254] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35338.512258] EXT4-fs (sda2): shut down requested (2) [35338.517251] Aborting journal on device sda2-8. [35339.596659] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35339.660376] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35339.667282] EXT4-fs (sda2): write access will be enabled during recovery [35340.055893] EXT4-fs (sda2): recovery complete [35340.061309] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35340.086643] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35340.180932] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35341.220716] EXT4-fs (sda2): shut down requested (2) [35341.225633] Aborting journal on device sda2-8. [35342.243570] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35342.672960] EXT4-fs (sda2): recovery complete [35342.678447] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35343.300000] EXT4-fs warning (device sda2): ext4_convert_unwritten_extents_endio:3720: Inode (133749) finished: extent logical block 144, len 101; IO logical block 175, len 31 [35343.717912] EXT4-fs (sda2): shut down requested (2) [35343.722824] Aborting journal on device sda2-8. [35344.767987] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35344.876771] EXT4-fs (sda2): INFO: recovery required on readonly filesystem [35344.883673] EXT4-fs (sda2): write access will be enabled during recovery [35345.260916] EXT4-fs (sda2): recovery complete [35345.266320] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. [35345.291510] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35345.383234] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. [35345.422241] EXT4-fs (sda2): shut down requested (2) [35345.427163] Aborting journal on device sda2-8. [35345.431675] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=394420 [35345.431678] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264308 [35345.433372] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=789092 [35345.434998] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263942 [35345.435030] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263942 [35345.435048] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263942 [35345.436064] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133331 [35345.436251] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264675 [35345.437159] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264710 [35345.437251] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133579 [35345.437281] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133579 [35345.437301] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133579 [35345.438368] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263983 [35345.439129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263949 [35345.439894] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=131950 [35345.441211] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264682 [35345.442818] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132288 [35345.443412] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132494 [35345.443556] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132490 [35345.444855] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=395376 [35345.446132] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132705 [35345.446580] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=395370 [35345.449679] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=394044 [35345.450739] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=788856 [35345.450766] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=788856 [35345.452532] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786827 [35345.454651] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=788873 [35345.655294] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=395839 [35346.176336] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. [35346.243173] BUG: kernel NULL pointer dereference, address: 0000000000000000 [35346.250140] #PF: supervisor instruction fetch in kernel mode [35346.255799] #PF: error_code(0x0010) - not-present page [35346.260938] PGD 1140f35067 P4D 0 [35346.264267] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN NOPTI [35346.269665] CPU: 11 PID: 379238 Comm: mount Kdump: loaded Not tainted 6.10.0-rc7+ #1 [35346.277405] Hardware name: Dell Inc. PowerEdge R750/0PJ80M, BIOS 1.5.4 12/17/2021 [35346.284883] RIP: 0010:0x0 [35346.287512] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [35346.294035] RSP: 0018:ffa000002e0ef6c8 EFLAGS: 00010246 [35346.299260] RAX: 0000000000000000 RBX: ff110015601db830 RCX: ffffffff81fa6fea [35346.306393] RDX: 1ffffffff0888c6f RSI: ffd400004f2556c0 RDI: ff110015601dba70 [35346.313527] RBP: ffd400004f2556c0 R08: 0000000000000000 R09: fffa7c0009e4aad8 [35346.320661] R10: ffd400004f2556c7 R11: 0000000000000000 R12: 0000000000000060 [35346.327792] R13: ff11001323c64a50 R14: 0000000000000000 R15: 0000000000000000 [35346.334925] FS: 00007fd5de6e6800(0000) GS:ff11002032400000(0000) knlGS:0000000000000000 [35346.343011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [35346.348758] CR2: ffffffffffffffd6 CR3: 0000001320da6001 CR4: 0000000000771ef0 [35346.355890] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [35346.363023] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [35346.370156] PKRU: 55555554 [35346.372867] Call Trace: [35346.375319] <TASK> [35346.377426] ? __die+0x20/0x70 [35346.380493] ? page_fault_oops+0x116/0x230 [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 [35346.389048] ? _raw_spin_unlock+0x29/0x50 [35346.393072] ? rcu_is_watching+0x11/0xb0 [35346.397006] ? exc_page_fault+0x59/0xe0 [35346.400854] ? asm_exc_page_fault+0x22/0x30 [35346.405049] ? folio_mark_dirty+0x2a/0xf0 [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] [35346.419312] ? ext4_process_orphan+0xe3/0x3a0 [ext4] [35346.424349] ? __pfx_ext4_truncate+0x10/0x10 [ext4] [35346.429288] ? __pfx_down_write+0x10/0x10 [35346.433301] ? ext4_inode_is_fast_symlink+0x125/0x2f0 [ext4] [35346.439021] ext4_process_orphan+0x132/0x3a0 [ext4] [35346.443961] ext4_orphan_cleanup+0x611/0xeb0 [ext4] [35346.448904] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ext4] [35346.454359] ? is_module_address+0x34/0x70 [35346.458464] __ext4_fill_super+0x2824/0x46e0 [ext4] [35346.463412] ? __pfx___ext4_fill_super+0x10/0x10 [ext4] [35346.468695] ? __kmalloc_large_node+0x10c/0x1c0 [35346.473237] ? rcu_is_watching+0x11/0xb0 [35346.477165] ext4_fill_super+0x22a/0x7c0 [ext4] [35346.481758] get_tree_bdev+0x304/0x560 [35346.485515] ? __pfx_ext4_fill_super+0x10/0x10 [ext4] [35346.490622] ? __pfx_get_tree_bdev+0x10/0x10 [35346.494895] ? security_sb_eat_lsm_opts+0x44/0x80 [35346.499611] vfs_get_tree+0x87/0x350 [35346.503198] do_new_mount+0x2a0/0x5f0 [35346.506863] ? __pfx_do_new_mount+0x10/0x10 [35346.511049] ? security_capable+0x53/0xa0 [35346.515064] path_mount+0x2d5/0x1520 [35346.518644] ? __pfx_path_mount+0x10/0x10 [35346.522653] ? user_path_at_empty+0x45/0x60 [35346.526843] __x64_sys_mount+0x1fe/0x270 [35346.530775] ? __pfx___x64_sys_mount+0x10/0x10 [35346.535222] do_syscall_64+0x8c/0x180 [35346.538894] ? __pfx_map_id_up+0x10/0x10 [35346.542821] ? __pfx_do_mkdirat+0x10/0x10 [35346.546834] ? ktime_get_coarse_real_ts64+0x130/0x170 [35346.551890] ? from_kgid_munged+0x84/0x110 [35346.555996] ? rcu_is_watching+0x11/0xb0 [35346.559920] ? lockdep_hardirqs_on_prepare+0x179/0x400 [35346.565061] ? do_syscall_64+0x98/0x180 [35346.568899] ? lockdep_hardirqs_on+0x78/0x100 [35346.573259] ? do_syscall_64+0x98/0x180 [35346.577099] ? clear_bhb_loop+0x45/0xa0 [35346.580938] ? clear_bhb_loop+0x45/0xa0 [35346.584776] entry_SYSCALL_64_after_hwframe+0x76/0x7e [35346.589829] RIP: 0033:0x7fd5de50f03e [35346.593407] Code: 48 8b 0d e5 ad 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b2 ad 0e 00 f7 d8 64 89 01 48 [35346.612155] RSP: 002b:00007ffc6fe2ccc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [35346.619720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd5de50f03e [35346.626853] RDX: 000055e41568f630 RSI: 000055e41568f6b0 RDI: 000055e41568f690 [35346.633984] RBP: 000055e41568f400 R08: 000055e41568f650 R09: 00007ffc6fe2b9f0 [35346.641118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [35346.648251] R13: 000055e41568f630 R14: 000055e41568f690 R15: 000055e41568f400 [35346.655388] </TASK> [35346.657583] Modules linked in: ext4 mbcache jbd2 intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common i10nm_edac nfit x86_pkg_temp_thermal intel_powerclamp rfkill mlx5_ib coretemp dax_hmem cxl_acpi kvm_intel ib_uverbs mgag200 acpi_power_meter cxl_core iTCO_wdt i2c_algo_bit macsec mei_me dell_smbios iTCO_vendor_support drm_shmem_helper ipmi_ssif sunrpc dcdbas kvm rapl intel_cstate intel_uncore intel_th_gth wmi_bmof dell_wmi_descriptor einj pcspkr ib_core isst_if_mbox_pci drm_kms_helper isst_if_mmio mei intel_th_pci i2c_i801 isst_if_common ipmi_si i2c_smbus intel_vsec intel_pch_thermal acpi_ipmi intel_th ipmi_devintf ipmi_msghandler drm fuse xfs libcrc32c sd_mod t10_pi sg mlx5_core mlxfw crct10dif_pclmul crc32_pclmul crc32c_intel ahci tls libahci ghash_clmulni_intel psample dimlib megaraid_sas tg3 libata pci_hyperv_intf wmi [35346.733230] CR2: 0000000000000000 [35346.736548] ---[ end trace 0000000000000000 ]--- [35346.807404] RIP: 0010:0x0 [35346.810031] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [35346.816557] RSP: 0018:ffa000002e0ef6c8 EFLAGS: 00010246 [35346.821784] RAX: 0000000000000000 RBX: ff110015601db830 RCX: ffffffff81fa6fea [35346.828915] RDX: 1ffffffff0888c6f RSI: ffd400004f2556c0 RDI: ff110015601dba70 [35346.836049] RBP: ffd400004f2556c0 R08: 0000000000000000 R09: fffa7c0009e4aad8 [35346.843182] R10: ffd400004f2556c7 R11: 0000000000000000 R12: 0000000000000060 [35346.850314] R13: ff11001323c64a50 R14: 0000000000000000 R15: 0000000000000000 [35346.857447] FS: 00007fd5de6e6800(0000) GS:ff11002032400000(0000) knlGS:0000000000000000 [35346.865532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [35346.871277] CR2: ffffffffffffffd6 CR3: 0000001320da6001 CR4: 0000000000771ef0 [35346.878410] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [35346.885543] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [35346.892675] PKRU: 55555554 [35346.895390] note: mount[379238] exited with irqs disabled [35347.014675] EXT4-fs (sda3): unmounting filesystem bfceea3a-021b-46b0-944b-87e2d6693f83. ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-14 3:46 ` [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 Zorro Lang @ 2024-07-15 4:28 ` Theodore Ts'o 2024-07-15 8:01 ` Daniel Gomez 2024-07-16 6:20 ` Zorro Lang 2024-07-15 8:05 ` Daniel Gomez 1 sibling, 2 replies; 8+ messages in thread From: Theodore Ts'o @ 2024-07-15 4:28 UTC (permalink / raw) To: Zorro Lang; +Cc: linux-ext4, fstests, Darrick J. Wong, Daniel Gomez On Sun, Jul 14, 2024 at 11:46:24AM +0800, Zorro Lang wrote: > > A weird kernel panic on ext4 happened when I tried to test a > fstests patchset: > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 I'm confused; this patch set: Daniel Gomez (5): common/config: fix RECREATE_TEST_DEV initialization common/rc: add recreation support for tmpfs common/config: enable section parsing when recreation common/rc: read config section mount options for scratch devs common/rc: print test mount options seems to be mostly about how xfstest config section handling especially for tmpfs. Is this realy the right patch set? If so, I'm guessing that the reproducer would be very specific to the xfstests config. My {kvm,gce}-xfstest setup doesn't use the config sections at all, but instead uses shell script fragments, since it predates config sections by three years --- and I need something that works well with sharding separate configs to run on separate cloud VM's. So I'm not sure I'm going to be able to reprduce this easily using my test setup. Can you translate the stack trace to source file names / line numbers? Maybe that will give me a hint what's going on: > [35346.372867] Call Trace: > [35346.375319] <TASK> > [35346.377426] ? __die+0x20/0x70 > [35346.380493] ? page_fault_oops+0x116/0x230 > [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 > [35346.389048] ? _raw_spin_unlock+0x29/0x50 > [35346.393072] ? rcu_is_watching+0x11/0xb0 > [35346.397006] ? exc_page_fault+0x59/0xe0 > [35346.400854] ? asm_exc_page_fault+0x22/0x30 > [35346.405049] ? folio_mark_dirty+0x2a/0xf0 > [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] > [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] Getting line numbers for these two functions would be especially helpful. Thanks, - Ted ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-15 4:28 ` Theodore Ts'o @ 2024-07-15 8:01 ` Daniel Gomez 2024-07-15 14:24 ` Theodore Ts'o 2024-07-16 6:20 ` Zorro Lang 1 sibling, 1 reply; 8+ messages in thread From: Daniel Gomez @ 2024-07-15 8:01 UTC (permalink / raw) To: Theodore Ts'o Cc: Zorro Lang, linux-ext4@vger.kernel.org, fstests@vger.kernel.org, Darrick J. Wong On Mon, Jul 15, 2024 at 12:28:03AM GMT, Theodore Ts'o wrote: > On Sun, Jul 14, 2024 at 11:46:24AM +0800, Zorro Lang wrote: > > > > A weird kernel panic on ext4 happened when I tried to test a > > fstests patchset: > > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 > > I'm confused; this patch set: > > Daniel Gomez (5): > common/config: fix RECREATE_TEST_DEV initialization > common/rc: add recreation support for tmpfs > common/config: enable section parsing when recreation > common/rc: read config section mount options for scratch devs > common/rc: print test mount options > > seems to be mostly about how xfstest config section handling > especially for tmpfs. Is this realy the right patch set? If so, I'm Just to clarify, the changes in the patch set above will not only affect tmpfs (I renamed the header in v2 because of that). Mainly because the common mount options for both scratch and test devices were not properly handled in the cases described. > guessing that the reproducer would be very specific to the xfstests > config. I agree with this. Can you share Zorro your config? My guess is that '-o acl,user_xattr' [1] options are now included in the scratch device and they were not before. This is what patch 4 fixes. f2fs, tmpfs, reiserfs, gfs2 and ext* will be affected as well with their respective default mount options. Also, the test device will now include the default mount options if RECREATE_TEST_DEV is enabled. [1] From _common_mount_opts(). Snippet: ext2|ext3|ext4|ext4dev) # acls & xattrs aren't turned on by default on ext$FOO echo "-o acl,user_xattr $EXT_MOUNT_OPTIONS" ;; > > My {kvm,gce}-xfstest setup doesn't use the config sections at > all, but instead uses shell script fragments, since it predates config > sections by three years --- and I need something that works well with > sharding separate configs to run on separate cloud VM's. Similar to the fragments, my workaround for tmpfs has been to export TMPFS_MOUNT_OPTIONS so it had the default mount options + the config section mount option I was testing. > > So I'm not sure I'm going to be able to reprduce this easily using my > test setup. Can you translate the stack trace to source file names / Can you confirm if you are including '-o acl,user_xattr' in all your fragments? > line numbers? Maybe that will give me a hint what's going on: > > > [35346.372867] Call Trace: > > [35346.375319] <TASK> > > [35346.377426] ? __die+0x20/0x70 > > [35346.380493] ? page_fault_oops+0x116/0x230 > > [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 > > [35346.389048] ? _raw_spin_unlock+0x29/0x50 > > [35346.393072] ? rcu_is_watching+0x11/0xb0 > > [35346.397006] ? exc_page_fault+0x59/0xe0 > > [35346.400854] ? asm_exc_page_fault+0x22/0x30 > > [35346.405049] ? folio_mark_dirty+0x2a/0xf0 > > [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] > > [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] > > Getting line numbers for these two functions would be especially > helpful. > > Thanks, > > - Ted ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-15 8:01 ` Daniel Gomez @ 2024-07-15 14:24 ` Theodore Ts'o 0 siblings, 0 replies; 8+ messages in thread From: Theodore Ts'o @ 2024-07-15 14:24 UTC (permalink / raw) To: Daniel Gomez Cc: Zorro Lang, linux-ext4@vger.kernel.org, fstests@vger.kernel.org, Darrick J. Wong On Mon, Jul 15, 2024 at 08:01:54AM +0000, Daniel Gomez wrote: > > My guess is that '-o acl,user_xattr' [1] options are now included in > the scratch device and they were not before. This is what patch 4 > fixes. f2fs, tmpfs, reiserfs, gfs2 and ext* will be affected as well > with their respective default mount options. At least for ext4, acl and user_xattr are enabled by default: % kvm-xfstests shell ... root@kvm-xfstests:~# mount -t ext4 /dev/vdc /vdc [ 11.207917] EXT4-fs (vdc): recovery complete [ 11.209103] EXT4-fs (vdc): mounted filesystem 881ec32f-72a0-4b10-9a3f-a68c68f31f40 r/w with ordered data mode. Quota mode: none. root@kvm-xfstests:~# cat /proc/fs/ext4/vdc/options ... user_xattr acl ... root@kvm-xfstests:~# > [1] From _common_mount_opts(). Snippet: > > ext2|ext3|ext4|ext4dev) > # acls & xattrs aren't turned on by default on ext$FOO > echo "-o acl,user_xattr $EXT_MOUNT_OPTIONS" > ;; Yeah, that hasn't been true for a while.... commit ea6633369458992241599c9d9ebadffaeddec164 Author: Eric Sandeen <sandeen@redhat.com> Date: Wed Feb 23 17:51:51 2011 -0500 ext4: enable acls and user_xattr by default There's no good reason to require the extra step of providing a mount option for acl or user_xattr once the feature is configured on; no other filesystem that I know of requires this. So we probably remove that bit from _common_mount_opts. :-) - Ted ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-15 4:28 ` Theodore Ts'o 2024-07-15 8:01 ` Daniel Gomez @ 2024-07-16 6:20 ` Zorro Lang 2024-07-16 12:23 ` Daniel Gomez 1 sibling, 1 reply; 8+ messages in thread From: Zorro Lang @ 2024-07-16 6:20 UTC (permalink / raw) To: Theodore Ts'o; +Cc: linux-ext4, fstests, Darrick J. Wong, Daniel Gomez On Mon, Jul 15, 2024 at 12:28:03AM -0400, Theodore Ts'o wrote: > On Sun, Jul 14, 2024 at 11:46:24AM +0800, Zorro Lang wrote: > > > > A weird kernel panic on ext4 happened when I tried to test a > > fstests patchset: > > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 > > I'm confused; this patch set: > > Daniel Gomez (5): > common/config: fix RECREATE_TEST_DEV initialization > common/rc: add recreation support for tmpfs > common/config: enable section parsing when recreation > common/rc: read config section mount options for scratch devs > common/rc: print test mount options > > seems to be mostly about how xfstest config section handling > especially for tmpfs. Is this realy the right patch set? If so, I'm > guessing that the reproducer would be very specific to the xfstests > config. > > My {kvm,gce}-xfstest setup doesn't use the config sections at > all, but instead uses shell script fragments, since it predates config > sections by three years --- and I need something that works well with > sharding separate configs to run on separate cloud VM's. > > So I'm not sure I'm going to be able to reprduce this easily using my > test setup. Can you translate the stack trace to source file names / > line numbers? Maybe that will give me a hint what's going on: > > > [35346.372867] Call Trace: > > [35346.375319] <TASK> > > [35346.377426] ? __die+0x20/0x70 > > [35346.380493] ? page_fault_oops+0x116/0x230 > > [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 > > [35346.389048] ? _raw_spin_unlock+0x29/0x50 > > [35346.393072] ? rcu_is_watching+0x11/0xb0 > > [35346.397006] ? exc_page_fault+0x59/0xe0 > > [35346.400854] ? asm_exc_page_fault+0x22/0x30 > > [35346.405049] ? folio_mark_dirty+0x2a/0xf0 > > [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] > > [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] > > Getting line numbers for these two functions would be especially > helpful. Sure, Ted. I reproduced this bug and got below things[1] on mainline linux which HEAD=528dd46d0fc35c0176257a13a27d41e44fcc6cb3 And if you need, I pushed a temporary branch "whatamess4extN" to fstests repo, which contains the patches trigger this bug. Thanks, Zorro [1] # ./scripts/decode_stacktrace.sh vmlinux <~/calltrace.log [ 912.644200] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131891 [ 912.645099] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525225 [ 912.894856] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. [ 912.947581] EXT4-fs (vda2): 1 truncate cleaned up [ 912.947892] EXT4-fs (vda2): recovery complete [ 912.950912] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f r/w with ordered data mode. Quota mode: none. [ 912.994565] EXT4-fs warning (device vda2): ext4_convert_unwritten_extents_endio:3720: Inode (525267) finished: extent logical block 161, len 120; IO logical block 222, len 19 [ 912.997878] EXT4-fs warning (device vda2): ext4_convert_unwritten_extents_endio:3720: Inode (525267) finished: extent logical block 241, len 40; IO logical block 241, len 9 [ 914.017223] restraintd[1427]: *** Current Time: Sat Jul 13 15:03:01 2024 Localwatchdog at: Mon Jul 15 14:51:00 2024 [ 915.003343] EXT4-fs (vda2): shut down requested (2) [ 915.003671] Aborting journal on device vda2-8. [ 915.663314] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. [ 915.725813] EXT4-fs (vda2): INFO: recovery required on readonly filesystem [ 915.726249] EXT4-fs (vda2): write access will be enabled during recovery [ 916.035952] EXT4-fs (vda2): recovery complete [ 916.038225] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f ro with ordered data mode. Quota mode: none. [ 916.059891] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. [ 916.159613] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f r/w with ordered data mode. Quota mode: none. [ 916.199256] EXT4-fs (vda2): shut down requested (2) [ 916.199659] Aborting journal on device vda2-8. [ 916.200912] EXT4-fs warning (device vda2): ext4_evict_inode:253: couldn't mark inode dirty (err -5) [ 916.203621] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=263200 [ 916.205150] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525058 [ 916.205868] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=524568 [ 916.206610] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656330 [ 916.207979] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131080 [ 916.208932] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 [ 916.209218] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656330 [ 916.210157] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=262970 [ 916.211213] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=263204 [ 916.211777] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 [ 916.212301] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 [ 916.214649] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131374 [ 916.214786] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=524568 [ 916.216375] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 [ 916.216881] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 [ 916.217401] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 [ 916.219891] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131876 [ 916.221661] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656082 [ 916.221743] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 [ 916.223237] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 [ 916.225723] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 [ 916.230093] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131860 [ 916.232398] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525049 [ 916.233901] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131871 [ 916.235671] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131886 [ 916.238753] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131891 [ 916.489675] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. [ 916.540454] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 916.540885] #PF: supervisor instruction fetch in kernel mode [ 916.541226] #PF: error_code(0x0010) - not-present page [ 916.541533] PGD 0 P4D 0 [ 916.541694] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN PTI [ 916.542451] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 [ 916.542791] RIP: 0010:0x0 [ 916.542958] Code: Unable to access opcode bytes at 0xffffffffffffffd6. Code starting with the faulting instruction =========================================== [ 916.543340] RSP: 0018:ffffc90008f0f648 EFLAGS: 00010246 [ 916.543650] RAX: 0000000000000000 RBX: ffff88818c487820 RCX: ffffffff951a6fea [ 916.544069] RDX: 1ffffffff2ec8c6f RSI: ffffea0005130dc0 RDI: ffff88818c487a60 [ 916.544486] RBP: ffffea0005130dc0 R08: 0000000000000000 R09: fffff94000a261b8 [ 916.544903] R10: ffffea0005130dc7 R11: 0000000000000000 R12: 0000000000000216 [ 916.545326] R13: ffff88818c6822d0 R14: 0000000000000000 R15: 0000000000000000 [ 916.545743] FS: 00007ffa15285800(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 [ 916.546214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 916.546556] CR2: ffffffffffffffd6 CR3: 000000013914c004 CR4: 00000000003706f0 [ 916.546974] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 916.547393] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 916.547810] Call Trace: [ 916.547964] <TASK> [ 916.548102] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) [ 916.548298] ? page_fault_oops (arch/x86/mm/fault.c:715) [ 916.548547] ? __pfx_page_fault_oops (arch/x86/mm/fault.c:643) [ 916.548815] ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:103 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186) [ 916.549069] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) [ 916.549310] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:67 ./arch/x86/include/asm/irqflags.h:127 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539) [ 916.549543] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) [ 916.549797] ? folio_mark_dirty (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/linux/page-flggs.h:562 mm/page-writeback.c:2880) [ 916.550048] __ext4_block_zero_page_range (fs/ext4/inode.c:986 fs/ext4/inode.c:3679) ext4 [ 916.550453] ext4_truncate (fs/ext4/inode.c:3744 fs/ext4/inode.c:4119) ext4 [ 916.550779] ? ext4_process_orphan (fs/ext4/orphan.c:338 (discriminator 3)) ext4 [ 916.551142] ? __pfx_ext4_truncate (fs/ext4/inode.c:4070) ext4 [ 916.551490] ? __pfx_down_write (kernel/locking/rwsem.c:1577) [ 916.551732] ? ext4_inode_is_fast_symlink (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 fs/ext4/ext4.h:1939 fs/ext4/ext4.h:3603 fs/ext4/inode.c:152 fs/ext4/inode.c:146) ext4 [ 916.552128] ext4_process_orphan (fs/ext4/orphan.c:339 (discriminator 3)) ext4 [ 916.552483] ext4_orphan_cleanup (fs/ext4/orphan.c:456) ext4 [ 916.552839] ? __pfx_ext4_orphan_cleanup (fs/ext4/orphan.c:381) ext4 [ 916.553220] ? is_module_address (./arch/x86/include/asm/preempt.h:103 kernel/module/main.c:3283) [ 916.553471] __ext4_fill_super (fs/ext4/ext4.h:1763 fs/ext4/super.c:5554) ext4 [ 916.553828] ? __pfx___ext4_fill_super (fs/ext4/super.c:5181) ext4 [ 916.554203] ? __kmalloc_large_node (mm/slub.c:4081) [ 916.554480] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) [ 916.554718] ext4_fill_super (fs/ext4/super.c:5677) ext4 [ 916.555058] get_tree_bdev (fs/super.c:1624) [ 916.555290] ? __pfx_ext4_fill_super (fs/ext4/super.c:5657) ext4 [ 916.555651] ? __pfx_get_tree_bdev (fs/super.c:1595) [ 916.555910] ? security_sb_eat_lsm_opts (security/security.c:1361 (discriminator 13)) [ 916.556203] vfs_get_tree (fs/super.c:1789) [ 916.556423] do_new_mount (fs/namespace.c:3352) [ 916.556647] ? __pfx_do_new_mount (fs/namespace.c:3307) [ 916.556897] ? security_capable (security/security.c:1036 (discriminator 13)) [ 916.557142] path_mount (fs/namespace.c:3679) [ 916.557362] ? __pfx_path_mount (fs/namespace.c:3606) [ 916.557602] ? user_path_at_empty (fs/namei.c:2933) [ 916.557854] __x64_sys_mount (fs/namespace.c:3693 fs/namespace.c:3898 fs/namespace.c:3875 fs/namespace.c:3875) [ 916.558093] ? __pfx___x64_sys_mount (fs/namespace.c:3875) [ 916.558364] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) [ 916.558587] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) [ 916.558854] ? do_syscall_64 (arch/x86/entry/common.c:102) [ 916.559090] ? from_kuid_munged (kernel/user_namespace.c:460) [ 916.559338] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) [ 916.559574] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:4360) [ 916.559879] ? do_syscall_64 (arch/x86/entry/common.c:102) [ 916.560113] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) [ 916.560377] ? do_syscall_64 (arch/x86/entry/common.c:102) [ 916.560610] ? ktime_get_coarse_real_ts64 (./include/linux/seqlock.h:74 kernel/time/timekeeping.c:2264) [ 916.560910] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) [ 916.561252] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) [ 916.561494] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:4360) [ 916.561802] ? do_syscall_64 (arch/x86/entry/common.c:102) [ 916.562040] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) [ 916.562307] ? do_syscall_64 (arch/x86/entry/common.c:102) [ 916.562541] ? clear_bhb_loop (arch/x86/entry/entry_64.S:1539) [ 916.562774] ? clear_bhb_loop (arch/x86/entry/entry_64.S:1539) [ 916.563011] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 916.563314] RIP: 0033:0x7ffa1510f03e [ 916.563535] Code: 48 8b 0d e5 ad 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b2 ad 0e 00 f7 d8 64 89 01 48 All code ======== 0: 48 8b 0d e5 ad 0e 00 mov 0xeade5(%rip),%rcx # 0xeadec 7: f7 d8 neg %eax 9: 64 89 01 mov %eax,%fs:(%rcx) c: 48 83 c8 ff or $0xffffffffffffffff,%rax 10: c3 retq 11: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1) 18: 00 00 00 1b: 90 nop 1c: f3 0f 1e fa endbr64 20: 49 89 ca mov %rcx,%r10 23: b8 a5 00 00 00 mov $0xa5,%eax 28: 0f 05 syscall 2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction 30: 73 01 jae 0x33 32: c3 retq 33: 48 8b 0d b2 ad 0e 00 mov 0xeadb2(%rip),%rcx # 0xeadec 3a: f7 d8 neg %eax 3c: 64 89 01 mov %eax,%fs:(%rcx) 3f: 48 rex.W Code starting with the faulting instruction =========================================== 0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax 6: 73 01 jae 0x9 8: c3 retq 9: 48 8b 0d b2 ad 0e 00 mov 0xeadb2(%rip),%rcx # 0xeadc2 10: f7 d8 neg %eax 12: 64 89 01 mov %eax,%fs:(%rcx) 15: 48 rex.W [ 916.564607] RSP: 002b:00007ffc1e936e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 916.565054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffa1510f03e [ 916.565473] RDX: 00005555d6678630 RSI: 00005555d66786b0 RDI: 00005555d6678690 [ 916.565893] RBP: 00005555d6678400 R08: 00005555d6678650 R09: 00007ffc1e935b50 [ 916.566314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 916.566733] R13: 00005555d6678630 R14: 00005555d6678690 R15: 00005555d6678400 [ 916.567160] </TASK> [ 916.567301] Modules linked in: tls ext4 mbcache jbd2 rfkill snd_hda_codec_generic snd_hda_intel intel_rapl_msr snd_intel_dspcfg intel_rapl_common snd_intel_sdw_acpi snd_hda_codec snd_hda_core sunrpc intel_uncore_frequency_common snd_hwdep snd_seq intel_pmc_core snd_seq_device intel_vsec pmt_telemetry pmt_class snd_pcm qxl snd_timer pcspkr drm_ttm_helper ttm virtio_balloon snd soundcore drm_kms_helper i2c_piix4 joydev drm fuse xfs libcrc32c ata_generic virtio_net crct10dif_pclmul crc32_pclmul net_failover crc32c_intel failover ghash_clmulni_intel dimlib ata_piix virtio_console virtio_blk libata serio_raw [ 916.570389] CR2: 0000000000000000 [ 916.570597] ---[ end trace 0000000000000000 ]--- [ 916.570876] RIP: 0010:0x0 [ 916.571045] Code: Unable to access opcode bytes at 0xffffffffffffffd6. Code starting with the faulting instruction =========================================== [ 916.571428] RSP: 0018:ffffc90008f0f648 EFLAGS: 00010246 [ 916.571740] RAX: 0000000000000000 RBX: ffff88818c487820 RCX: ffffffff951a6fea [ 916.572163] RDX: 1ffffffff2ec8c6f RSI: ffffea0005130dc0 RDI: ffff88818c487a60 [ 916.572583] RBP: ffffea0005130dc0 R08: 0000000000000000 R09: fffff94000a261b8 [ 916.573005] R10: ffffea0005130dc7 R11: 0000000000000000 R12: 0000000000000216 [ 916.573425] R13: ffff88818c6822d0 R14: 0000000000000000 R15: 0000000000000000 [ 916.573848] FS: 00007ffa15285800(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 [ 916.574321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 916.574664] CR2: ffffffffffffffd6 CR3: 000000013914c004 CR4: 00000000003706f0 [ 916.575087] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 916.575508] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 916.575928] note: mount[99339] exited with irqs disabled [ 916.638225] EXT4-fs (vda3): unmounting filesystem 92fe26f7-76ab-4251-bac6-305c3e2ef932. [ 916.816486] EXT4-fs (vda3): mounted filesystem 92fe26f7-76ab-4251-bac6-305c3e2ef932 r/w with ordered data mode. Quota mode: none. > > Thanks, > > - Ted > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-16 6:20 ` Zorro Lang @ 2024-07-16 12:23 ` Daniel Gomez 2024-07-16 15:43 ` Zorro Lang 0 siblings, 1 reply; 8+ messages in thread From: Daniel Gomez @ 2024-07-16 12:23 UTC (permalink / raw) To: Zorro Lang Cc: Theodore Ts'o, linux-ext4@vger.kernel.org, fstests@vger.kernel.org, Darrick J. Wong On Tue, Jul 16, 2024 at 02:20:30PM GMT, Zorro Lang wrote: > On Mon, Jul 15, 2024 at 12:28:03AM -0400, Theodore Ts'o wrote: > > On Sun, Jul 14, 2024 at 11:46:24AM +0800, Zorro Lang wrote: > > > > > > A weird kernel panic on ext4 happened when I tried to test a > > > fstests patchset: > > > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 > > > > I'm confused; this patch set: > > > > Daniel Gomez (5): > > common/config: fix RECREATE_TEST_DEV initialization > > common/rc: add recreation support for tmpfs > > common/config: enable section parsing when recreation > > common/rc: read config section mount options for scratch devs > > common/rc: print test mount options > > > > seems to be mostly about how xfstest config section handling > > especially for tmpfs. Is this realy the right patch set? If so, I'm > > guessing that the reproducer would be very specific to the xfstests > > config. > > > > My {kvm,gce}-xfstest setup doesn't use the config sections at > > all, but instead uses shell script fragments, since it predates config > > sections by three years --- and I need something that works well with > > sharding separate configs to run on separate cloud VM's. > > > > So I'm not sure I'm going to be able to reprduce this easily using my > > test setup. Can you translate the stack trace to source file names / > > line numbers? Maybe that will give me a hint what's going on: > > > > > [35346.372867] Call Trace: > > > [35346.375319] <TASK> > > > [35346.377426] ? __die+0x20/0x70 > > > [35346.380493] ? page_fault_oops+0x116/0x230 > > > [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 > > > [35346.389048] ? _raw_spin_unlock+0x29/0x50 > > > [35346.393072] ? rcu_is_watching+0x11/0xb0 > > > [35346.397006] ? exc_page_fault+0x59/0xe0 > > > [35346.400854] ? asm_exc_page_fault+0x22/0x30 > > > [35346.405049] ? folio_mark_dirty+0x2a/0xf0 > > > [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] > > > [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] > > > > Getting line numbers for these two functions would be especially > > helpful. > > Sure, Ted. I reproduced this bug and got below things[1] on mainline linux > which HEAD=528dd46d0fc35c0176257a13a27d41e44fcc6cb3 > > And if you need, I pushed a temporary branch "whatamess4extN" to fstests > repo, which contains the patches trigger this bug. I tried reproducing this issue with below steps [1] and config [2] using above HEAD and branch but I didn't manage to trigger it (output at [3]). [1] steps: mkdir -p /mnt/scratch mkdir -p /mnt/test pushd /var/lib/xfstests ./check -s ext4_4k_block_size -R xunit generic/388 popd [2] config: [default] FSTYP=ext4 TEST_DIR=/mnt/test TEST_DEV=/dev/nvme0n1 SCRATCH_MNT=/mnt/scratch SCRATCH_DEV=/dev/nvme0n2 RESULT_BASE=$PWD/results/$HOST/$(uname -r) [ext4_4k_block_size] MKFS_OPTIONS="-q -F -b4096" [3] output: SECTION -- ext4_4k_block_size FSTYP -- ext4 PLATFORM -- Linux/aarch64 localhost 6.10.0-rc7 #6 SMP Tue Jul 16 14:14:22 CEST 2024 TEST_MKFS_OPTIONS -- -q -F -b4096 /dev/nvme0n1 TEST_MOUNT_OPTIONS -- -o acl,user_xattr /dev/nvme0n1 /mnt/test MKFS_OPTIONS -- -F -q -F -b4096 /dev/nvme0n2 MOUNT_OPTIONS -- -o acl,user_xattr /dev/nvme0n2 /mnt/scratch generic/388 59s Ran: generic/388 Passed all 1 tests Xunit report: /var/lib/xfstests/results/localhost/6.10.0-rc7/ext4_4k_block_size/result.xml SECTION -- ext4_4k_block_size ========================= Ran: generic/388 Passed all 1 tests > > Thanks, > Zorro > > [1] > # ./scripts/decode_stacktrace.sh vmlinux <~/calltrace.log > [ 912.644200] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131891 > [ 912.645099] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525225 > [ 912.894856] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > [ 912.947581] EXT4-fs (vda2): 1 truncate cleaned up > [ 912.947892] EXT4-fs (vda2): recovery complete > [ 912.950912] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f r/w with ordered data mode. Quota mode: none. > [ 912.994565] EXT4-fs warning (device vda2): ext4_convert_unwritten_extents_endio:3720: Inode (525267) finished: extent logical block 161, len 120; IO logical block 222, len 19 > [ 912.997878] EXT4-fs warning (device vda2): ext4_convert_unwritten_extents_endio:3720: Inode (525267) finished: extent logical block 241, len 40; IO logical block 241, len 9 > [ 914.017223] restraintd[1427]: *** Current Time: Sat Jul 13 15:03:01 2024 Localwatchdog at: Mon Jul 15 14:51:00 2024 > [ 915.003343] EXT4-fs (vda2): shut down requested (2) > [ 915.003671] Aborting journal on device vda2-8. > [ 915.663314] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > [ 915.725813] EXT4-fs (vda2): INFO: recovery required on readonly filesystem > [ 915.726249] EXT4-fs (vda2): write access will be enabled during recovery > [ 916.035952] EXT4-fs (vda2): recovery complete > [ 916.038225] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f ro with ordered data mode. Quota mode: none. > [ 916.059891] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > [ 916.159613] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f r/w with ordered data mode. Quota mode: none. > [ 916.199256] EXT4-fs (vda2): shut down requested (2) > [ 916.199659] Aborting journal on device vda2-8. > [ 916.200912] EXT4-fs warning (device vda2): ext4_evict_inode:253: couldn't mark inode dirty (err -5) > [ 916.203621] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=263200 > [ 916.205150] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525058 > [ 916.205868] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=524568 > [ 916.206610] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656330 > [ 916.207979] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131080 > [ 916.208932] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 > [ 916.209218] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656330 > [ 916.210157] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=262970 > [ 916.211213] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=263204 > [ 916.211777] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 > [ 916.212301] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 > [ 916.214649] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131374 > [ 916.214786] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=524568 > [ 916.216375] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 > [ 916.216881] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 > [ 916.217401] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 > [ 916.219891] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131876 > [ 916.221661] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656082 > [ 916.221743] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 > [ 916.223237] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 > [ 916.225723] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 > [ 916.230093] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131860 > [ 916.232398] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525049 > [ 916.233901] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131871 > [ 916.235671] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131886 > [ 916.238753] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131891 > [ 916.489675] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > [ 916.540454] BUG: kernel NULL pointer dereference, address: 0000000000000000 > [ 916.540885] #PF: supervisor instruction fetch in kernel mode > [ 916.541226] #PF: error_code(0x0010) - not-present page > [ 916.541533] PGD 0 P4D 0 > [ 916.541694] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN PTI > [ 916.542451] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 > [ 916.542791] RIP: 0010:0x0 > [ 916.542958] Code: Unable to access opcode bytes at 0xffffffffffffffd6. > > Code starting with the faulting instruction > =========================================== > [ 916.543340] RSP: 0018:ffffc90008f0f648 EFLAGS: 00010246 > [ 916.543650] RAX: 0000000000000000 RBX: ffff88818c487820 RCX: ffffffff951a6fea > [ 916.544069] RDX: 1ffffffff2ec8c6f RSI: ffffea0005130dc0 RDI: ffff88818c487a60 > [ 916.544486] RBP: ffffea0005130dc0 R08: 0000000000000000 R09: fffff94000a261b8 > [ 916.544903] R10: ffffea0005130dc7 R11: 0000000000000000 R12: 0000000000000216 > [ 916.545326] R13: ffff88818c6822d0 R14: 0000000000000000 R15: 0000000000000000 > [ 916.545743] FS: 00007ffa15285800(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 > [ 916.546214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 916.546556] CR2: ffffffffffffffd6 CR3: 000000013914c004 CR4: 00000000003706f0 > [ 916.546974] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > [ 916.547393] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > [ 916.547810] Call Trace: > [ 916.547964] <TASK> > [ 916.548102] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) > [ 916.548298] ? page_fault_oops (arch/x86/mm/fault.c:715) > [ 916.548547] ? __pfx_page_fault_oops (arch/x86/mm/fault.c:643) > [ 916.548815] ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:103 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186) > [ 916.549069] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > [ 916.549310] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:67 ./arch/x86/include/asm/irqflags.h:127 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539) > [ 916.549543] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) > [ 916.549797] ? folio_mark_dirty (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/linux/page-flggs.h:562 mm/page-writeback.c:2880) > [ 916.550048] __ext4_block_zero_page_range (fs/ext4/inode.c:986 fs/ext4/inode.c:3679) ext4 > [ 916.550453] ext4_truncate (fs/ext4/inode.c:3744 fs/ext4/inode.c:4119) ext4 > [ 916.550779] ? ext4_process_orphan (fs/ext4/orphan.c:338 (discriminator 3)) ext4 > [ 916.551142] ? __pfx_ext4_truncate (fs/ext4/inode.c:4070) ext4 > [ 916.551490] ? __pfx_down_write (kernel/locking/rwsem.c:1577) > [ 916.551732] ? ext4_inode_is_fast_symlink (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 fs/ext4/ext4.h:1939 fs/ext4/ext4.h:3603 fs/ext4/inode.c:152 fs/ext4/inode.c:146) ext4 > [ 916.552128] ext4_process_orphan (fs/ext4/orphan.c:339 (discriminator 3)) ext4 > [ 916.552483] ext4_orphan_cleanup (fs/ext4/orphan.c:456) ext4 > [ 916.552839] ? __pfx_ext4_orphan_cleanup (fs/ext4/orphan.c:381) ext4 > [ 916.553220] ? is_module_address (./arch/x86/include/asm/preempt.h:103 kernel/module/main.c:3283) > [ 916.553471] __ext4_fill_super (fs/ext4/ext4.h:1763 fs/ext4/super.c:5554) ext4 > [ 916.553828] ? __pfx___ext4_fill_super (fs/ext4/super.c:5181) ext4 > [ 916.554203] ? __kmalloc_large_node (mm/slub.c:4081) > [ 916.554480] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > [ 916.554718] ext4_fill_super (fs/ext4/super.c:5677) ext4 > [ 916.555058] get_tree_bdev (fs/super.c:1624) > [ 916.555290] ? __pfx_ext4_fill_super (fs/ext4/super.c:5657) ext4 > [ 916.555651] ? __pfx_get_tree_bdev (fs/super.c:1595) > [ 916.555910] ? security_sb_eat_lsm_opts (security/security.c:1361 (discriminator 13)) > [ 916.556203] vfs_get_tree (fs/super.c:1789) > [ 916.556423] do_new_mount (fs/namespace.c:3352) > [ 916.556647] ? __pfx_do_new_mount (fs/namespace.c:3307) > [ 916.556897] ? security_capable (security/security.c:1036 (discriminator 13)) > [ 916.557142] path_mount (fs/namespace.c:3679) > [ 916.557362] ? __pfx_path_mount (fs/namespace.c:3606) > [ 916.557602] ? user_path_at_empty (fs/namei.c:2933) > [ 916.557854] __x64_sys_mount (fs/namespace.c:3693 fs/namespace.c:3898 fs/namespace.c:3875 fs/namespace.c:3875) > [ 916.558093] ? __pfx___x64_sys_mount (fs/namespace.c:3875) > [ 916.558364] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) > [ 916.558587] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > [ 916.558854] ? do_syscall_64 (arch/x86/entry/common.c:102) > [ 916.559090] ? from_kuid_munged (kernel/user_namespace.c:460) > [ 916.559338] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > [ 916.559574] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:4360) > [ 916.559879] ? do_syscall_64 (arch/x86/entry/common.c:102) > [ 916.560113] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > [ 916.560377] ? do_syscall_64 (arch/x86/entry/common.c:102) > [ 916.560610] ? ktime_get_coarse_real_ts64 (./include/linux/seqlock.h:74 kernel/time/timekeeping.c:2264) > [ 916.560910] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > [ 916.561252] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > [ 916.561494] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:4360) > [ 916.561802] ? do_syscall_64 (arch/x86/entry/common.c:102) > [ 916.562040] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > [ 916.562307] ? do_syscall_64 (arch/x86/entry/common.c:102) > [ 916.562541] ? clear_bhb_loop (arch/x86/entry/entry_64.S:1539) > [ 916.562774] ? clear_bhb_loop (arch/x86/entry/entry_64.S:1539) > [ 916.563011] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) > [ 916.563314] RIP: 0033:0x7ffa1510f03e > [ 916.563535] Code: 48 8b 0d e5 ad 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b2 ad 0e 00 f7 d8 64 89 01 48 > All code > ======== > 0: 48 8b 0d e5 ad 0e 00 mov 0xeade5(%rip),%rcx # 0xeadec > 7: f7 d8 neg %eax > 9: 64 89 01 mov %eax,%fs:(%rcx) > c: 48 83 c8 ff or $0xffffffffffffffff,%rax > 10: c3 retq > 11: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1) > 18: 00 00 00 > 1b: 90 nop > 1c: f3 0f 1e fa endbr64 > 20: 49 89 ca mov %rcx,%r10 > 23: b8 a5 00 00 00 mov $0xa5,%eax > 28: 0f 05 syscall > 2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction > 30: 73 01 jae 0x33 > 32: c3 retq > 33: 48 8b 0d b2 ad 0e 00 mov 0xeadb2(%rip),%rcx # 0xeadec > 3a: f7 d8 neg %eax > 3c: 64 89 01 mov %eax,%fs:(%rcx) > 3f: 48 rex.W > > Code starting with the faulting instruction > =========================================== > 0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax > 6: 73 01 jae 0x9 > 8: c3 retq > 9: 48 8b 0d b2 ad 0e 00 mov 0xeadb2(%rip),%rcx # 0xeadc2 > 10: f7 d8 neg %eax > 12: 64 89 01 mov %eax,%fs:(%rcx) > 15: 48 rex.W > [ 916.564607] RSP: 002b:00007ffc1e936e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 > [ 916.565054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffa1510f03e > [ 916.565473] RDX: 00005555d6678630 RSI: 00005555d66786b0 RDI: 00005555d6678690 > [ 916.565893] RBP: 00005555d6678400 R08: 00005555d6678650 R09: 00007ffc1e935b50 > [ 916.566314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 > [ 916.566733] R13: 00005555d6678630 R14: 00005555d6678690 R15: 00005555d6678400 > [ 916.567160] </TASK> > [ 916.567301] Modules linked in: tls ext4 mbcache jbd2 rfkill snd_hda_codec_generic snd_hda_intel intel_rapl_msr snd_intel_dspcfg intel_rapl_common snd_intel_sdw_acpi snd_hda_codec snd_hda_core sunrpc intel_uncore_frequency_common snd_hwdep snd_seq intel_pmc_core snd_seq_device intel_vsec pmt_telemetry pmt_class snd_pcm qxl snd_timer pcspkr drm_ttm_helper ttm virtio_balloon snd soundcore drm_kms_helper i2c_piix4 joydev drm fuse xfs libcrc32c ata_generic virtio_net crct10dif_pclmul crc32_pclmul net_failover crc32c_intel failover ghash_clmulni_intel dimlib ata_piix virtio_console virtio_blk libata serio_raw > [ 916.570389] CR2: 0000000000000000 > [ 916.570597] ---[ end trace 0000000000000000 ]--- > [ 916.570876] RIP: 0010:0x0 > [ 916.571045] Code: Unable to access opcode bytes at 0xffffffffffffffd6. > > Code starting with the faulting instruction > =========================================== > [ 916.571428] RSP: 0018:ffffc90008f0f648 EFLAGS: 00010246 > [ 916.571740] RAX: 0000000000000000 RBX: ffff88818c487820 RCX: ffffffff951a6fea > [ 916.572163] RDX: 1ffffffff2ec8c6f RSI: ffffea0005130dc0 RDI: ffff88818c487a60 > [ 916.572583] RBP: ffffea0005130dc0 R08: 0000000000000000 R09: fffff94000a261b8 > [ 916.573005] R10: ffffea0005130dc7 R11: 0000000000000000 R12: 0000000000000216 > [ 916.573425] R13: ffff88818c6822d0 R14: 0000000000000000 R15: 0000000000000000 > [ 916.573848] FS: 00007ffa15285800(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 > [ 916.574321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 916.574664] CR2: ffffffffffffffd6 CR3: 000000013914c004 CR4: 00000000003706f0 > [ 916.575087] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > [ 916.575508] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > [ 916.575928] note: mount[99339] exited with irqs disabled > [ 916.638225] EXT4-fs (vda3): unmounting filesystem 92fe26f7-76ab-4251-bac6-305c3e2ef932. > [ 916.816486] EXT4-fs (vda3): mounted filesystem 92fe26f7-76ab-4251-bac6-305c3e2ef932 r/w with ordered data mode. Quota mode: none. > > > > > > Thanks, > > > > - Ted > > > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-16 12:23 ` Daniel Gomez @ 2024-07-16 15:43 ` Zorro Lang 0 siblings, 0 replies; 8+ messages in thread From: Zorro Lang @ 2024-07-16 15:43 UTC (permalink / raw) To: Daniel Gomez Cc: Theodore Ts'o, linux-ext4@vger.kernel.org, fstests@vger.kernel.org, Darrick J. Wong On Tue, Jul 16, 2024 at 12:23:53PM +0000, Daniel Gomez wrote: > On Tue, Jul 16, 2024 at 02:20:30PM GMT, Zorro Lang wrote: > > On Mon, Jul 15, 2024 at 12:28:03AM -0400, Theodore Ts'o wrote: > > > On Sun, Jul 14, 2024 at 11:46:24AM +0800, Zorro Lang wrote: > > > > > > > > A weird kernel panic on ext4 happened when I tried to test a > > > > fstests patchset: > > > > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 > > > > > > I'm confused; this patch set: > > > > > > Daniel Gomez (5): > > > common/config: fix RECREATE_TEST_DEV initialization > > > common/rc: add recreation support for tmpfs > > > common/config: enable section parsing when recreation > > > common/rc: read config section mount options for scratch devs > > > common/rc: print test mount options > > > > > > seems to be mostly about how xfstest config section handling > > > especially for tmpfs. Is this realy the right patch set? If so, I'm > > > guessing that the reproducer would be very specific to the xfstests > > > config. > > > > > > My {kvm,gce}-xfstest setup doesn't use the config sections at > > > all, but instead uses shell script fragments, since it predates config > > > sections by three years --- and I need something that works well with > > > sharding separate configs to run on separate cloud VM's. > > > > > > So I'm not sure I'm going to be able to reprduce this easily using my > > > test setup. Can you translate the stack trace to source file names / > > > line numbers? Maybe that will give me a hint what's going on: > > > > > > > [35346.372867] Call Trace: > > > > [35346.375319] <TASK> > > > > [35346.377426] ? __die+0x20/0x70 > > > > [35346.380493] ? page_fault_oops+0x116/0x230 > > > > [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 > > > > [35346.389048] ? _raw_spin_unlock+0x29/0x50 > > > > [35346.393072] ? rcu_is_watching+0x11/0xb0 > > > > [35346.397006] ? exc_page_fault+0x59/0xe0 > > > > [35346.400854] ? asm_exc_page_fault+0x22/0x30 > > > > [35346.405049] ? folio_mark_dirty+0x2a/0xf0 > > > > [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] > > > > [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] > > > > > > Getting line numbers for these two functions would be especially > > > helpful. > > > > Sure, Ted. I reproduced this bug and got below things[1] on mainline linux > > which HEAD=528dd46d0fc35c0176257a13a27d41e44fcc6cb3 > > > > And if you need, I pushed a temporary branch "whatamess4extN" to fstests > > repo, which contains the patches trigger this bug. > > I tried reproducing this issue with below steps [1] and config [2] using above > HEAD and branch but I didn't manage to trigger it (output at [3]). It's not 100% reproducible. As I said at beginning, it's ~1% reproducible on my side. I generally run it 100~200 times. And my config is simple: export FSTYP=ext4 export TEST_DEV=/dev/vda3 export TEST_DIR=/mnt/xfstests/test export SCRATCH_DEV=/dev/vda2 export SCRATCH_MNT=/mnt/xfstests/scratch export LOGWRITES_DEV=/dev/vda6 Thanks, Zorro > > [1] steps: > mkdir -p /mnt/scratch > mkdir -p /mnt/test > pushd /var/lib/xfstests > ./check -s ext4_4k_block_size -R xunit generic/388 > popd > > [2] config: > [default] > FSTYP=ext4 > TEST_DIR=/mnt/test > TEST_DEV=/dev/nvme0n1 > SCRATCH_MNT=/mnt/scratch > SCRATCH_DEV=/dev/nvme0n2 > RESULT_BASE=$PWD/results/$HOST/$(uname -r) > > [ext4_4k_block_size] > MKFS_OPTIONS="-q -F -b4096" > > [3] output: > SECTION -- ext4_4k_block_size > FSTYP -- ext4 > PLATFORM -- Linux/aarch64 localhost 6.10.0-rc7 #6 SMP Tue Jul 16 14:14:22 CEST 2024 > TEST_MKFS_OPTIONS -- -q -F -b4096 /dev/nvme0n1 > TEST_MOUNT_OPTIONS -- -o acl,user_xattr /dev/nvme0n1 /mnt/test > MKFS_OPTIONS -- -F -q -F -b4096 /dev/nvme0n2 > MOUNT_OPTIONS -- -o acl,user_xattr /dev/nvme0n2 /mnt/scratch > > generic/388 59s > Ran: generic/388 > Passed all 1 tests > Xunit report: /var/lib/xfstests/results/localhost/6.10.0-rc7/ext4_4k_block_size/result.xml > > SECTION -- ext4_4k_block_size > ========================= > Ran: generic/388 > Passed all 1 tests > > > > > Thanks, > > Zorro > > > > [1] > > # ./scripts/decode_stacktrace.sh vmlinux <~/calltrace.log > > [ 912.644200] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131891 > > [ 912.645099] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525225 > > [ 912.894856] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > > [ 912.947581] EXT4-fs (vda2): 1 truncate cleaned up > > [ 912.947892] EXT4-fs (vda2): recovery complete > > [ 912.950912] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f r/w with ordered data mode. Quota mode: none. > > [ 912.994565] EXT4-fs warning (device vda2): ext4_convert_unwritten_extents_endio:3720: Inode (525267) finished: extent logical block 161, len 120; IO logical block 222, len 19 > > [ 912.997878] EXT4-fs warning (device vda2): ext4_convert_unwritten_extents_endio:3720: Inode (525267) finished: extent logical block 241, len 40; IO logical block 241, len 9 > > [ 914.017223] restraintd[1427]: *** Current Time: Sat Jul 13 15:03:01 2024 Localwatchdog at: Mon Jul 15 14:51:00 2024 > > [ 915.003343] EXT4-fs (vda2): shut down requested (2) > > [ 915.003671] Aborting journal on device vda2-8. > > [ 915.663314] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > > [ 915.725813] EXT4-fs (vda2): INFO: recovery required on readonly filesystem > > [ 915.726249] EXT4-fs (vda2): write access will be enabled during recovery > > [ 916.035952] EXT4-fs (vda2): recovery complete > > [ 916.038225] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f ro with ordered data mode. Quota mode: none. > > [ 916.059891] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > > [ 916.159613] EXT4-fs (vda2): mounted filesystem b9690547-c193-4a82-b0df-4682bd621d3f r/w with ordered data mode. Quota mode: none. > > [ 916.199256] EXT4-fs (vda2): shut down requested (2) > > [ 916.199659] Aborting journal on device vda2-8. > > [ 916.200912] EXT4-fs warning (device vda2): ext4_evict_inode:253: couldn't mark inode dirty (err -5) > > [ 916.203621] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=263200 > > [ 916.205150] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525058 > > [ 916.205868] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=524568 > > [ 916.206610] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656330 > > [ 916.207979] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131080 > > [ 916.208932] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 > > [ 916.209218] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656330 > > [ 916.210157] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=262970 > > [ 916.211213] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=263204 > > [ 916.211777] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 > > [ 916.212301] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132089 > > [ 916.214649] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131374 > > [ 916.214786] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=524568 > > [ 916.216375] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 > > [ 916.216881] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 > > [ 916.217401] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=132004 > > [ 916.219891] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131876 > > [ 916.221661] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=656082 > > [ 916.221743] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 > > [ 916.223237] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 > > [ 916.225723] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131875 > > [ 916.230093] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131860 > > [ 916.232398] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=525049 > > [ 916.233901] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131871 > > [ 916.235671] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131886 > > [ 916.238753] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=vda2 ino=131891 > > [ 916.489675] EXT4-fs (vda2): unmounting filesystem b9690547-c193-4a82-b0df-4682bd621d3f. > > [ 916.540454] BUG: kernel NULL pointer dereference, address: 0000000000000000 > > [ 916.540885] #PF: supervisor instruction fetch in kernel mode > > [ 916.541226] #PF: error_code(0x0010) - not-present page > > [ 916.541533] PGD 0 P4D 0 > > [ 916.541694] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN PTI > > [ 916.542451] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 > > [ 916.542791] RIP: 0010:0x0 > > [ 916.542958] Code: Unable to access opcode bytes at 0xffffffffffffffd6. > > > > Code starting with the faulting instruction > > =========================================== > > [ 916.543340] RSP: 0018:ffffc90008f0f648 EFLAGS: 00010246 > > [ 916.543650] RAX: 0000000000000000 RBX: ffff88818c487820 RCX: ffffffff951a6fea > > [ 916.544069] RDX: 1ffffffff2ec8c6f RSI: ffffea0005130dc0 RDI: ffff88818c487a60 > > [ 916.544486] RBP: ffffea0005130dc0 R08: 0000000000000000 R09: fffff94000a261b8 > > [ 916.544903] R10: ffffea0005130dc7 R11: 0000000000000000 R12: 0000000000000216 > > [ 916.545326] R13: ffff88818c6822d0 R14: 0000000000000000 R15: 0000000000000000 > > [ 916.545743] FS: 00007ffa15285800(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 > > [ 916.546214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > > [ 916.546556] CR2: ffffffffffffffd6 CR3: 000000013914c004 CR4: 00000000003706f0 > > [ 916.546974] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > > [ 916.547393] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > > [ 916.547810] Call Trace: > > [ 916.547964] <TASK> > > [ 916.548102] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) > > [ 916.548298] ? page_fault_oops (arch/x86/mm/fault.c:715) > > [ 916.548547] ? __pfx_page_fault_oops (arch/x86/mm/fault.c:643) > > [ 916.548815] ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:103 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186) > > [ 916.549069] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > > [ 916.549310] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:67 ./arch/x86/include/asm/irqflags.h:127 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539) > > [ 916.549543] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) > > [ 916.549797] ? folio_mark_dirty (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/linux/page-flggs.h:562 mm/page-writeback.c:2880) > > [ 916.550048] __ext4_block_zero_page_range (fs/ext4/inode.c:986 fs/ext4/inode.c:3679) ext4 > > [ 916.550453] ext4_truncate (fs/ext4/inode.c:3744 fs/ext4/inode.c:4119) ext4 > > [ 916.550779] ? ext4_process_orphan (fs/ext4/orphan.c:338 (discriminator 3)) ext4 > > [ 916.551142] ? __pfx_ext4_truncate (fs/ext4/inode.c:4070) ext4 > > [ 916.551490] ? __pfx_down_write (kernel/locking/rwsem.c:1577) > > [ 916.551732] ? ext4_inode_is_fast_symlink (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 fs/ext4/ext4.h:1939 fs/ext4/ext4.h:3603 fs/ext4/inode.c:152 fs/ext4/inode.c:146) ext4 > > [ 916.552128] ext4_process_orphan (fs/ext4/orphan.c:339 (discriminator 3)) ext4 > > [ 916.552483] ext4_orphan_cleanup (fs/ext4/orphan.c:456) ext4 > > [ 916.552839] ? __pfx_ext4_orphan_cleanup (fs/ext4/orphan.c:381) ext4 > > [ 916.553220] ? is_module_address (./arch/x86/include/asm/preempt.h:103 kernel/module/main.c:3283) > > [ 916.553471] __ext4_fill_super (fs/ext4/ext4.h:1763 fs/ext4/super.c:5554) ext4 > > [ 916.553828] ? __pfx___ext4_fill_super (fs/ext4/super.c:5181) ext4 > > [ 916.554203] ? __kmalloc_large_node (mm/slub.c:4081) > > [ 916.554480] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > > [ 916.554718] ext4_fill_super (fs/ext4/super.c:5677) ext4 > > [ 916.555058] get_tree_bdev (fs/super.c:1624) > > [ 916.555290] ? __pfx_ext4_fill_super (fs/ext4/super.c:5657) ext4 > > [ 916.555651] ? __pfx_get_tree_bdev (fs/super.c:1595) > > [ 916.555910] ? security_sb_eat_lsm_opts (security/security.c:1361 (discriminator 13)) > > [ 916.556203] vfs_get_tree (fs/super.c:1789) > > [ 916.556423] do_new_mount (fs/namespace.c:3352) > > [ 916.556647] ? __pfx_do_new_mount (fs/namespace.c:3307) > > [ 916.556897] ? security_capable (security/security.c:1036 (discriminator 13)) > > [ 916.557142] path_mount (fs/namespace.c:3679) > > [ 916.557362] ? __pfx_path_mount (fs/namespace.c:3606) > > [ 916.557602] ? user_path_at_empty (fs/namei.c:2933) > > [ 916.557854] __x64_sys_mount (fs/namespace.c:3693 fs/namespace.c:3898 fs/namespace.c:3875 fs/namespace.c:3875) > > [ 916.558093] ? __pfx___x64_sys_mount (fs/namespace.c:3875) > > [ 916.558364] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) > > [ 916.558587] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > > [ 916.558854] ? do_syscall_64 (arch/x86/entry/common.c:102) > > [ 916.559090] ? from_kuid_munged (kernel/user_namespace.c:460) > > [ 916.559338] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > > [ 916.559574] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:4360) > > [ 916.559879] ? do_syscall_64 (arch/x86/entry/common.c:102) > > [ 916.560113] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > > [ 916.560377] ? do_syscall_64 (arch/x86/entry/common.c:102) > > [ 916.560610] ? ktime_get_coarse_real_ts64 (./include/linux/seqlock.h:74 kernel/time/timekeeping.c:2264) > > [ 916.560910] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > > [ 916.561252] ? rcu_is_watching (./include/linux/context_tracking.h:122 kernel/rcu/tree.c:724) > > [ 916.561494] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:4360) > > [ 916.561802] ? do_syscall_64 (arch/x86/entry/common.c:102) > > [ 916.562040] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421) > > [ 916.562307] ? do_syscall_64 (arch/x86/entry/common.c:102) > > [ 916.562541] ? clear_bhb_loop (arch/x86/entry/entry_64.S:1539) > > [ 916.562774] ? clear_bhb_loop (arch/x86/entry/entry_64.S:1539) > > [ 916.563011] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) > > [ 916.563314] RIP: 0033:0x7ffa1510f03e > > [ 916.563535] Code: 48 8b 0d e5 ad 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b2 ad 0e 00 f7 d8 64 89 01 48 > > All code > > ======== > > 0: 48 8b 0d e5 ad 0e 00 mov 0xeade5(%rip),%rcx # 0xeadec > > 7: f7 d8 neg %eax > > 9: 64 89 01 mov %eax,%fs:(%rcx) > > c: 48 83 c8 ff or $0xffffffffffffffff,%rax > > 10: c3 retq > > 11: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1) > > 18: 00 00 00 > > 1b: 90 nop > > 1c: f3 0f 1e fa endbr64 > > 20: 49 89 ca mov %rcx,%r10 > > 23: b8 a5 00 00 00 mov $0xa5,%eax > > 28: 0f 05 syscall > > 2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction > > 30: 73 01 jae 0x33 > > 32: c3 retq > > 33: 48 8b 0d b2 ad 0e 00 mov 0xeadb2(%rip),%rcx # 0xeadec > > 3a: f7 d8 neg %eax > > 3c: 64 89 01 mov %eax,%fs:(%rcx) > > 3f: 48 rex.W > > > > Code starting with the faulting instruction > > =========================================== > > 0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax > > 6: 73 01 jae 0x9 > > 8: c3 retq > > 9: 48 8b 0d b2 ad 0e 00 mov 0xeadb2(%rip),%rcx # 0xeadc2 > > 10: f7 d8 neg %eax > > 12: 64 89 01 mov %eax,%fs:(%rcx) > > 15: 48 rex.W > > [ 916.564607] RSP: 002b:00007ffc1e936e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 > > [ 916.565054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffa1510f03e > > [ 916.565473] RDX: 00005555d6678630 RSI: 00005555d66786b0 RDI: 00005555d6678690 > > [ 916.565893] RBP: 00005555d6678400 R08: 00005555d6678650 R09: 00007ffc1e935b50 > > [ 916.566314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 > > [ 916.566733] R13: 00005555d6678630 R14: 00005555d6678690 R15: 00005555d6678400 > > [ 916.567160] </TASK> > > [ 916.567301] Modules linked in: tls ext4 mbcache jbd2 rfkill snd_hda_codec_generic snd_hda_intel intel_rapl_msr snd_intel_dspcfg intel_rapl_common snd_intel_sdw_acpi snd_hda_codec snd_hda_core sunrpc intel_uncore_frequency_common snd_hwdep snd_seq intel_pmc_core snd_seq_device intel_vsec pmt_telemetry pmt_class snd_pcm qxl snd_timer pcspkr drm_ttm_helper ttm virtio_balloon snd soundcore drm_kms_helper i2c_piix4 joydev drm fuse xfs libcrc32c ata_generic virtio_net crct10dif_pclmul crc32_pclmul net_failover crc32c_intel failover ghash_clmulni_intel dimlib ata_piix virtio_console virtio_blk libata serio_raw > > [ 916.570389] CR2: 0000000000000000 > > [ 916.570597] ---[ end trace 0000000000000000 ]--- > > [ 916.570876] RIP: 0010:0x0 > > [ 916.571045] Code: Unable to access opcode bytes at 0xffffffffffffffd6. > > > > Code starting with the faulting instruction > > =========================================== > > [ 916.571428] RSP: 0018:ffffc90008f0f648 EFLAGS: 00010246 > > [ 916.571740] RAX: 0000000000000000 RBX: ffff88818c487820 RCX: ffffffff951a6fea > > [ 916.572163] RDX: 1ffffffff2ec8c6f RSI: ffffea0005130dc0 RDI: ffff88818c487a60 > > [ 916.572583] RBP: ffffea0005130dc0 R08: 0000000000000000 R09: fffff94000a261b8 > > [ 916.573005] R10: ffffea0005130dc7 R11: 0000000000000000 R12: 0000000000000216 > > [ 916.573425] R13: ffff88818c6822d0 R14: 0000000000000000 R15: 0000000000000000 > > [ 916.573848] FS: 00007ffa15285800(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 > > [ 916.574321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > > [ 916.574664] CR2: ffffffffffffffd6 CR3: 000000013914c004 CR4: 00000000003706f0 > > [ 916.575087] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > > [ 916.575508] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > > [ 916.575928] note: mount[99339] exited with irqs disabled > > [ 916.638225] EXT4-fs (vda3): unmounting filesystem 92fe26f7-76ab-4251-bac6-305c3e2ef932. > > [ 916.816486] EXT4-fs (vda3): mounted filesystem 92fe26f7-76ab-4251-bac6-305c3e2ef932 r/w with ordered data mode. Quota mode: none. > > > > > > > > > > Thanks, > > > > > > - Ted > > > > > > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 2024-07-14 3:46 ` [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 Zorro Lang 2024-07-15 4:28 ` Theodore Ts'o @ 2024-07-15 8:05 ` Daniel Gomez 1 sibling, 0 replies; 8+ messages in thread From: Daniel Gomez @ 2024-07-15 8:05 UTC (permalink / raw) To: Zorro Lang Cc: linux-ext4@vger.kernel.org, fstests@vger.kernel.org, Darrick J. Wong On Sun, Jul 14, 2024 at 11:46:24AM GMT, Zorro Lang wrote: > Hi, > > A weird kernel panic on ext4 happened when I tried to test a > fstests patchset: > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#med4b8d2fe14ef627519d84474b4cd1a25d386f75 > > its 4nd one: > https://lore.kernel.org/fstests/20240712093341.ftesijixy2yrjlxx@dell-per750-06-vm-08.rhts.eng.pek2.redhat.com/T/#m5627037d617e9bc41b12bb7cc3f54fe4fb238dc6 > brings in lots of test failures, that might be a test bug. > > But besides that, an ext4 kernel panic was triggered with this > patchset (I can't reproduce it without this patchset). Looks like > an error was triggered by another error, so I decided to report out. > > With this patchset, the generic/388 rarely(~1%) hit below panic[1], the > .full output as [0]. I'm not sure if it's a hidden ext4 bug, so send > to ext4 list to get a review. Thanks Zorro for testing the patch set and for the report. As I mentioned to Ted earlier, my assumption is that we are now including the default ext* mount options for the scratch device, which we hadn't done previously. Can you confirm if removing them 'fixes' the test? > > Thanks, > Zorro > > > [0] > Creating filesystem with 3932160 4k blocks and 983040 inodes > Filesystem UUID: b9690547-c193-4a82-b0df-4682bd621d3f > Superblock backups stored on blocks: > 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208 > > Allocating group tables: 0/120␈␈␈␈␈␈␈ ␈␈␈␈␈␈␈done > Writing inode tables: 0/120␈␈␈␈␈␈␈ ␈␈␈␈␈␈␈done > Creating journal (16384 blocks): done > Writing superblocks and filesystem accounting information: 0/120␈␈␈␈␈␈␈ ␈␈␈␈␈␈␈done > > seed = 1721442161 > seed = 1721536124 > seed = 1721158986 > seed = 1720946557 > seed = 1721227174 > seed = 1721752477 > seed = 1721267087 > seed = 1721329675 > seed = 1721263635 > seed = 1721309164 > seed = 1721144436 > seed = 1721492144 > seed = 1721512519 > seed = 1720725632 > cycle mount failed > > [1] > [35310.777927] run fstests generic/388 at 2024-07-13 21:12:06 > [35312.098738] EXT4-fs (sda2): mounted filesystem 6fedaf97-5fe1-4d3d-868d-5ad4900db404 r/w with ordered data mode. Quota mode: none. > [35312.124292] EXT4-fs (sda2): shut down requested (1) > [35312.129211] Aborting journal on device sda2-8. > [35312.147925] EXT4-fs (sda2): unmounting filesystem 6fedaf97-5fe1-4d3d-868d-5ad4900db404. > [35312.486599] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35312.524885] EXT4-fs (sda2): shut down requested (2) > [35312.529803] Aborting journal on device sda2-8. > [35313.280289] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35313.353971] EXT4-fs (sda2): recovery complete > [35313.359705] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35315.399337] EXT4-fs (sda2): shut down requested (2) > [35315.404250] Aborting journal on device sda2-8. > [35316.683330] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35316.764573] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35316.771480] EXT4-fs (sda2): write access will be enabled during recovery > [35317.049655] EXT4-fs (sda2): recovery complete > [35317.055129] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35317.080533] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35317.165130] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35319.203680] EXT4-fs (sda2): shut down requested (2) > [35319.208606] Aborting journal on device sda2-8. > [35320.521093] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35320.603849] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35320.611211] EXT4-fs (sda2): write access will be enabled during recovery > [35320.993602] EXT4-fs (sda2): recovery complete > [35320.999013] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35321.025053] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35321.119319] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35323.157897] EXT4-fs (sda2): shut down requested (2) > [35323.162810] Aborting journal on device sda2-8. > [35324.496257] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35324.575773] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35324.582695] EXT4-fs (sda2): write access will be enabled during recovery > [35324.717245] EXT4-fs (sda2): recovery complete > [35324.723102] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35324.748295] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35324.817159] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35324.855518] EXT4-fs (sda2): shut down requested (2) > [35324.860423] Aborting journal on device sda2-8. > [35324.867025] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=393645 > [35324.867280] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786642 > [35324.868330] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=131526 > [35324.868593] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=131938 > [35324.878133] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=394150 > [35324.883455] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786642 > [35324.916255] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786642 > [35325.610405] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35325.662638] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35325.669550] EXT4-fs (sda2): write access will be enabled during recovery > [35325.687756] EXT4-fs (sda2): recovery complete > [35325.694064] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35325.719752] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35325.770603] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35326.809758] EXT4-fs (sda2): shut down requested (2) > [35326.814670] Aborting journal on device sda2-8. > [35327.823794] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35328.283170] EXT4-fs (sda2): 1 orphan inode deleted > [35328.288002] EXT4-fs (sda2): recovery complete > [35328.294197] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35329.333283] EXT4-fs (sda2): shut down requested (2) > [35329.338200] Aborting journal on device sda2-8. > [35330.341614] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35330.912577] EXT4-fs (sda2): 1 truncate cleaned up > [35330.917347] EXT4-fs (sda2): recovery complete > [35330.923052] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35331.962748] EXT4-fs (sda2): shut down requested (2) > [35331.967667] Aborting journal on device sda2-8. > [35333.031590] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35333.147943] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35333.154863] EXT4-fs (sda2): write access will be enabled during recovery > [35333.577648] EXT4-fs (sda2): recovery complete > [35333.583083] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35333.611173] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35333.706016] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35333.803908] EXT4-fs warning (device sda2): ext4_convert_unwritten_extents_endio:3720: Inode (132935) finished: extent logical block 733, len 66; IO logical block 758, len 26 > [35335.746179] EXT4-fs (sda2): shut down requested (2) > [35335.751095] Aborting journal on device sda2-8. > [35337.014618] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35337.098961] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35337.106293] EXT4-fs (sda2): write access will be enabled during recovery > [35337.361488] EXT4-fs (sda2): recovery complete > [35337.366906] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35337.392378] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35337.472254] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35338.512258] EXT4-fs (sda2): shut down requested (2) > [35338.517251] Aborting journal on device sda2-8. > [35339.596659] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35339.660376] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35339.667282] EXT4-fs (sda2): write access will be enabled during recovery > [35340.055893] EXT4-fs (sda2): recovery complete > [35340.061309] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35340.086643] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35340.180932] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35341.220716] EXT4-fs (sda2): shut down requested (2) > [35341.225633] Aborting journal on device sda2-8. > [35342.243570] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35342.672960] EXT4-fs (sda2): recovery complete > [35342.678447] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35343.300000] EXT4-fs warning (device sda2): ext4_convert_unwritten_extents_endio:3720: Inode (133749) finished: extent logical block 144, len 101; IO logical block 175, len 31 > [35343.717912] EXT4-fs (sda2): shut down requested (2) > [35343.722824] Aborting journal on device sda2-8. > [35344.767987] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35344.876771] EXT4-fs (sda2): INFO: recovery required on readonly filesystem > [35344.883673] EXT4-fs (sda2): write access will be enabled during recovery > [35345.260916] EXT4-fs (sda2): recovery complete > [35345.266320] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 ro with ordered data mode. Quota mode: none. > [35345.291510] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35345.383234] EXT4-fs (sda2): mounted filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2 r/w with ordered data mode. Quota mode: none. > [35345.422241] EXT4-fs (sda2): shut down requested (2) > [35345.427163] Aborting journal on device sda2-8. > [35345.431675] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=394420 > [35345.431678] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264308 > [35345.433372] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=789092 > [35345.434998] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263942 > [35345.435030] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263942 > [35345.435048] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263942 > [35345.436064] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133331 > [35345.436251] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264675 > [35345.437159] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264710 > [35345.437251] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133579 > [35345.437281] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133579 > [35345.437301] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=133579 > [35345.438368] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263983 > [35345.439129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=263949 > [35345.439894] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=131950 > [35345.441211] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=264682 > [35345.442818] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132288 > [35345.443412] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132494 > [35345.443556] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132490 > [35345.444855] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=395376 > [35345.446132] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=132705 > [35345.446580] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=395370 > [35345.449679] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=394044 > [35345.450739] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=788856 > [35345.450766] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=788856 > [35345.452532] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=786827 > [35345.454651] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=788873 > [35345.655294] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=sda2 ino=395839 > [35346.176336] EXT4-fs (sda2): unmounting filesystem 23005ea9-4b8d-4f4d-a3d8-9eb88399cde2. > [35346.243173] BUG: kernel NULL pointer dereference, address: 0000000000000000 > [35346.250140] #PF: supervisor instruction fetch in kernel mode > [35346.255799] #PF: error_code(0x0010) - not-present page > [35346.260938] PGD 1140f35067 P4D 0 > [35346.264267] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN NOPTI > [35346.269665] CPU: 11 PID: 379238 Comm: mount Kdump: loaded Not tainted 6.10.0-rc7+ #1 > [35346.277405] Hardware name: Dell Inc. PowerEdge R750/0PJ80M, BIOS 1.5.4 12/17/2021 > [35346.284883] RIP: 0010:0x0 > [35346.287512] Code: Unable to access opcode bytes at 0xffffffffffffffd6. > [35346.294035] RSP: 0018:ffa000002e0ef6c8 EFLAGS: 00010246 > [35346.299260] RAX: 0000000000000000 RBX: ff110015601db830 RCX: ffffffff81fa6fea > [35346.306393] RDX: 1ffffffff0888c6f RSI: ffd400004f2556c0 RDI: ff110015601dba70 > [35346.313527] RBP: ffd400004f2556c0 R08: 0000000000000000 R09: fffa7c0009e4aad8 > [35346.320661] R10: ffd400004f2556c7 R11: 0000000000000000 R12: 0000000000000060 > [35346.327792] R13: ff11001323c64a50 R14: 0000000000000000 R15: 0000000000000000 > [35346.334925] FS: 00007fd5de6e6800(0000) GS:ff11002032400000(0000) knlGS:0000000000000000 > [35346.343011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [35346.348758] CR2: ffffffffffffffd6 CR3: 0000001320da6001 CR4: 0000000000771ef0 > [35346.355890] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > [35346.363023] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > [35346.370156] PKRU: 55555554 > [35346.372867] Call Trace: > [35346.375319] <TASK> > [35346.377426] ? __die+0x20/0x70 > [35346.380493] ? page_fault_oops+0x116/0x230 > [35346.384602] ? __pfx_page_fault_oops+0x10/0x10 > [35346.389048] ? _raw_spin_unlock+0x29/0x50 > [35346.393072] ? rcu_is_watching+0x11/0xb0 > [35346.397006] ? exc_page_fault+0x59/0xe0 > [35346.400854] ? asm_exc_page_fault+0x22/0x30 > [35346.405049] ? folio_mark_dirty+0x2a/0xf0 > [35346.409072] __ext4_block_zero_page_range+0x50c/0x7b0 [ext4] > [35346.414809] ext4_truncate+0xcd3/0x1210 [ext4] > [35346.419312] ? ext4_process_orphan+0xe3/0x3a0 [ext4] > [35346.424349] ? __pfx_ext4_truncate+0x10/0x10 [ext4] > [35346.429288] ? __pfx_down_write+0x10/0x10 > [35346.433301] ? ext4_inode_is_fast_symlink+0x125/0x2f0 [ext4] > [35346.439021] ext4_process_orphan+0x132/0x3a0 [ext4] > [35346.443961] ext4_orphan_cleanup+0x611/0xeb0 [ext4] > [35346.448904] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ext4] > [35346.454359] ? is_module_address+0x34/0x70 > [35346.458464] __ext4_fill_super+0x2824/0x46e0 [ext4] > [35346.463412] ? __pfx___ext4_fill_super+0x10/0x10 [ext4] > [35346.468695] ? __kmalloc_large_node+0x10c/0x1c0 > [35346.473237] ? rcu_is_watching+0x11/0xb0 > [35346.477165] ext4_fill_super+0x22a/0x7c0 [ext4] > [35346.481758] get_tree_bdev+0x304/0x560 > [35346.485515] ? __pfx_ext4_fill_super+0x10/0x10 [ext4] > [35346.490622] ? __pfx_get_tree_bdev+0x10/0x10 > [35346.494895] ? security_sb_eat_lsm_opts+0x44/0x80 > [35346.499611] vfs_get_tree+0x87/0x350 > [35346.503198] do_new_mount+0x2a0/0x5f0 > [35346.506863] ? __pfx_do_new_mount+0x10/0x10 > [35346.511049] ? security_capable+0x53/0xa0 > [35346.515064] path_mount+0x2d5/0x1520 > [35346.518644] ? __pfx_path_mount+0x10/0x10 > [35346.522653] ? user_path_at_empty+0x45/0x60 > [35346.526843] __x64_sys_mount+0x1fe/0x270 > [35346.530775] ? __pfx___x64_sys_mount+0x10/0x10 > [35346.535222] do_syscall_64+0x8c/0x180 > [35346.538894] ? __pfx_map_id_up+0x10/0x10 > [35346.542821] ? __pfx_do_mkdirat+0x10/0x10 > [35346.546834] ? ktime_get_coarse_real_ts64+0x130/0x170 > [35346.551890] ? from_kgid_munged+0x84/0x110 > [35346.555996] ? rcu_is_watching+0x11/0xb0 > [35346.559920] ? lockdep_hardirqs_on_prepare+0x179/0x400 > [35346.565061] ? do_syscall_64+0x98/0x180 > [35346.568899] ? lockdep_hardirqs_on+0x78/0x100 > [35346.573259] ? do_syscall_64+0x98/0x180 > [35346.577099] ? clear_bhb_loop+0x45/0xa0 > [35346.580938] ? clear_bhb_loop+0x45/0xa0 > [35346.584776] entry_SYSCALL_64_after_hwframe+0x76/0x7e > [35346.589829] RIP: 0033:0x7fd5de50f03e > [35346.593407] Code: 48 8b 0d e5 ad 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b2 ad 0e 00 f7 d8 64 89 01 48 > [35346.612155] RSP: 002b:00007ffc6fe2ccc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 > [35346.619720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd5de50f03e > [35346.626853] RDX: 000055e41568f630 RSI: 000055e41568f6b0 RDI: 000055e41568f690 > [35346.633984] RBP: 000055e41568f400 R08: 000055e41568f650 R09: 00007ffc6fe2b9f0 > [35346.641118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 > [35346.648251] R13: 000055e41568f630 R14: 000055e41568f690 R15: 000055e41568f400 > [35346.655388] </TASK> > [35346.657583] Modules linked in: ext4 mbcache jbd2 intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common i10nm_edac nfit x86_pkg_temp_thermal intel_powerclamp rfkill mlx5_ib coretemp dax_hmem cxl_acpi kvm_intel ib_uverbs mgag200 acpi_power_meter cxl_core iTCO_wdt i2c_algo_bit macsec mei_me dell_smbios iTCO_vendor_support drm_shmem_helper ipmi_ssif sunrpc dcdbas kvm rapl intel_cstate intel_uncore intel_th_gth wmi_bmof dell_wmi_descriptor einj pcspkr ib_core isst_if_mbox_pci drm_kms_helper isst_if_mmio mei intel_th_pci i2c_i801 isst_if_common ipmi_si i2c_smbus intel_vsec intel_pch_thermal acpi_ipmi intel_th ipmi_devintf ipmi_msghandler drm fuse xfs libcrc32c sd_mod t10_pi sg mlx5_core mlxfw crct10dif_pclmul crc32_pclmul crc32c_intel ahci tls libahci ghash_clmulni_intel psample dimlib megaraid_sas tg3 libata pci_hyperv_intf wmi > [35346.733230] CR2: 0000000000000000 > [35346.736548] ---[ end trace 0000000000000000 ]--- > [35346.807404] RIP: 0010:0x0 > [35346.810031] Code: Unable to access opcode bytes at 0xffffffffffffffd6. > [35346.816557] RSP: 0018:ffa000002e0ef6c8 EFLAGS: 00010246 > [35346.821784] RAX: 0000000000000000 RBX: ff110015601db830 RCX: ffffffff81fa6fea > [35346.828915] RDX: 1ffffffff0888c6f RSI: ffd400004f2556c0 RDI: ff110015601dba70 > [35346.836049] RBP: ffd400004f2556c0 R08: 0000000000000000 R09: fffa7c0009e4aad8 > [35346.843182] R10: ffd400004f2556c7 R11: 0000000000000000 R12: 0000000000000060 > [35346.850314] R13: ff11001323c64a50 R14: 0000000000000000 R15: 0000000000000000 > [35346.857447] FS: 00007fd5de6e6800(0000) GS:ff11002032400000(0000) knlGS:0000000000000000 > [35346.865532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [35346.871277] CR2: ffffffffffffffd6 CR3: 0000001320da6001 CR4: 0000000000771ef0 > [35346.878410] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > [35346.885543] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > [35346.892675] PKRU: 55555554 > [35346.895390] note: mount[379238] exited with irqs disabled > [35347.014675] EXT4-fs (sda3): unmounting filesystem bfceea3a-021b-46b0-944b-87e2d6693f83. > ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2024-07-16 15:43 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CGME20240714034640eucas1p20269c99db76a1958bb4207df92552896@eucas1p2.samsung.com>
2024-07-14 3:46 ` [Bug report]: fstests g/388 crash on ext4, BUG: kernel NULL pointer dereference, address: 0000000000000000 Zorro Lang
2024-07-15 4:28 ` Theodore Ts'o
2024-07-15 8:01 ` Daniel Gomez
2024-07-15 14:24 ` Theodore Ts'o
2024-07-16 6:20 ` Zorro Lang
2024-07-16 12:23 ` Daniel Gomez
2024-07-16 15:43 ` Zorro Lang
2024-07-15 8:05 ` Daniel Gomez
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox