From: Arnout Engelen <arnout@bzzt.net>
To: ryan@lahfa.xyz
Cc: antony.antony@secunet.com, antony@phenome.org,
asmadeus@codewreck.org, brauner@kernel.org, dhowells@redhat.com,
ericvh@kernel.org, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, linux_oss@crudebyte.com,
lucho@ionkov.net, maximilian@mbosch.me, netfs@lists.linux.dev,
regressions@lists.linux.dev, sedat.dilek@gmail.com,
v9fs@lists.linux.dev
Subject: Re: [REGRESSION] 9pfs issues on 6.12-rc1
Date: Sun, 10 Aug 2025 19:57:11 +0200 [thread overview]
Message-ID: <20250810175712.3588005-1-arnout@bzzt.net> (raw)
In-Reply-To: <w5ap2zcsatkx4dmakrkjmaexwh3mnmgc5vhavb2miaj6grrzat@7kzr5vlsrmh5>
On Fri, 13 Jun 2025 00:24:13 +0200, Ryan Lahfa wrote:
> Le Wed, Oct 23, 2024 at 09:38:39PM +0200, Antony Antony a écrit :
> > On Wed, Oct 23, 2024 at 11:07:05 +0100, David Howells wrote:
> > > Hi Antony,
> > >
> > > I think the attached should fix it properly rather than working around it as
> > > the previous patch did. If you could give it a whirl?
> >
> > Yes this also fix the crash.
> >
> > Tested-by: Antony Antony <antony.antony@secunet.com>
>
> I cannot confirm this fixes the crash for me. My reproducer is slightly
> more complicated than Max's original one, albeit, still on NixOS and
> probably uses 9p more intensively than the automated NixOS testings
> workload.
I'm seeing a problem in the same area - the symptom is slightly different,
but the location seems very similar. I'm also running a NixOS image.
Mounting a 9p filesystem in qemu with `cache=readahead`, reading a
12943-byte file, in the guest I do see a 12943-byte file, but only
the first 12288 bytes are populated: the rest are zero. This also
reproduces (most but not all of the time) on 6.16-rc7, but not on all host
machines I've tried.
After applying a simplified version of [1] (i.e. [2]), the problem does not
reproduce anymore. It seems something in `p9_client_read_once` somehow
leaves the iov_iter in an unhealthy state. It would be good to understand
exactly what, but I haven't been able to figure that out yet.
I have a smallish nix-based reproducer at [3], and a more involved setup
with a lot of logging enabled and a convenient way to attach gdb at [4].
You start the VM and then 'cat /repro/default.json' manually, and see if
it looks 'truncated'.
Interestingly, the file is read in two p9 read calls: one of 12288 bytes and
one of 655 bytes. The first read is a zero-copy one, the second is not
zero-copy (because it is smaller than 1024). I've also tried with a slightly
larger version of the file, that is read as 2 zero-copy reads, and I have not
been able to reproduce the problem with that. From my (admittedly limited)
understanding the non-zerocopy code path looks fine, though.
I hope this is helpful - I'd be happy to keep looking into this further,
but any help pointing me in the right direction would be much appreciated :)
Kind regards,
Arnout
[1] https://lore.kernel.org/all/3327438.1729678025@warthog.procyon.org.uk/T/#mc97a248b0f673dff6dc8613b508ca4fd45c4fefe
[2] https://codeberg.org/raboof/nextcloud-onlyoffice-test-vm/src/branch/reproducer-with-debugging/kernel-use-copied-iov_iter.patch
[3] https://codeberg.org/raboof/nextcloud-onlyoffice-test-vm/src/branch/small-reproducer
[4] https://codeberg.org/raboof/nextcloud-onlyoffice-test-vm/src/branch/reproducer-with-debugging
next prev parent reply other threads:[~2025-08-10 17:57 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <D4LHHUNLG79Y.12PI0X6BEHRHW@mbosch.me>
[not found] ` <c3eff232-7db4-4e89-af2c-f992f00cd043@leemhuis.info>
[not found] ` <D4LNG4ZHZM5X.1STBTSTM9LN6E@mbosch.me>
[not found] ` <CA+icZUVkVcKw+wN1p10zLHpO5gqkpzDU6nH46Nna4qaws_Q5iA@mail.gmail.com>
[not found] ` <ZxFQw4OI9rrc7UYc@Antony2201.local>
2024-10-23 10:07 ` [REGRESSION] 9pfs issues on 6.12-rc1 David Howells
2024-10-23 19:38 ` Antony Antony
2025-06-12 22:24 ` Ryan Lahfa
2025-06-27 5:44 ` Christian Theune
2025-06-27 6:44 ` Dominique Martinet
2025-06-27 8:19 ` Christian Theune
2025-06-27 10:00 ` David Howells
2025-06-27 10:33 ` Ryan Lahfa
2025-08-10 17:57 ` Arnout Engelen [this message]
2025-08-11 0:57 ` asmadeus
2025-08-11 7:43 ` Dominique Martinet
2025-08-11 12:43 ` Arnout Engelen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250810175712.3588005-1-arnout@bzzt.net \
--to=arnout@bzzt.net \
--cc=antony.antony@secunet.com \
--cc=antony@phenome.org \
--cc=asmadeus@codewreck.org \
--cc=brauner@kernel.org \
--cc=dhowells@redhat.com \
--cc=ericvh@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux_oss@crudebyte.com \
--cc=lucho@ionkov.net \
--cc=maximilian@mbosch.me \
--cc=netfs@lists.linux.dev \
--cc=regressions@lists.linux.dev \
--cc=ryan@lahfa.xyz \
--cc=sedat.dilek@gmail.com \
--cc=v9fs@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox