search

openzfs / zfs

OpenZFS on Linux and FreeBSD
https://openzfs.github.io/openzfs-docs
Other
10.65k stars 1.76k forks source link

NULL pointer dereference in arc_buf_destroy #15450

Open sneakywumpus opened 1 year ago

sneakywumpus commented 1 year ago

System information

Type Version/Name
Distribution Name Arch
Distribution Version rolling
Kernel Version 6.5.8-arch1-1
Architecture x86_64
OpenZFS Version 2.2.0-1

Describe the problem you're observing

NULL pointer dereference while building a package

Describe how to reproduce the problem

First time this has happened

Include any warning/errors/backtraces from the system logs

Oct 25 10:24:44 murphy kernel: BUG: kernel NULL pointer dereference, address: 0000000000000000
Oct 25 10:24:44 murphy kernel: #PF: supervisor read access in kernel mode
Oct 25 10:24:44 murphy kernel: #PF: error_code(0x0000) - not-present page
Oct 25 10:24:44 murphy kernel: PGD 0 P4D 0 
Oct 25 10:24:44 murphy kernel: Oops: 0000 [#1] PREEMPT SMP NOPTI
Oct 25 10:24:44 murphy kernel: CPU: 2 PID: 243356 Comm: bash Tainted: P           OE      6.5.8-arch1-1 #1 aca2541cb626f3bcdce8e20e275c0136bb6621ca
Oct 25 10:24:44 murphy kernel: Hardware name: HP HP Pavilion All-in-One 27-xa0xxx/84EE, BIOS F.33 08/18/2023
Oct 25 10:24:44 murphy kernel: RIP: 0010:arc_buf_destroy+0x11/0x100 [zfs]
Oct 25 10:24:44 murphy kernel: Code: 04 c5 00 78 1a c1 eb 86 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 41 56 41 55 41 54 55 53 <48> 8b 2f 48 81 7d 60 40 4b fa c0 0f 84 8d 00 00 00 48 8b 4d 10 48
Oct 25 10:24:44 murphy kernel: RSP: 0018:ffffb2930a96f560 EFLAGS: 00010203
Oct 25 10:24:44 murphy kernel: RAX: ffff8a63d739a600 RBX: ffff8a63d7398c00 RCX: ffff8a63d739a710
Oct 25 10:24:44 murphy kernel: RDX: 0000000000000000 RSI: ffff8a650062cab8 RDI: 0000000000000000
Oct 25 10:24:44 murphy kernel: RBP: ffff8a650062cab8 R08: ffff8a650062c4d8 R09: 0000000000000040
Oct 25 10:24:44 murphy kernel: R10: ffff8a64b2564930 R11: ffff8a6476abbca0 R12: ffff8a63d7398c00
Oct 25 10:24:44 murphy kernel: R13: 000000000000a3f8 R14: 0000000000000000 R15: ffff8a6476abb9a8
Oct 25 10:24:44 murphy kernel: FS:  00007ff6c70fd000(0000) GS:ffff8a666f680000(0000) knlGS:0000000000000000
Oct 25 10:24:44 murphy kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Oct 25 10:24:44 murphy kernel: CR2: 0000000000000000 CR3: 00000001e7ebc002 CR4: 00000000003706e0
Oct 25 10:24:44 murphy kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Oct 25 10:24:44 murphy kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Oct 25 10:24:44 murphy kernel: Call Trace:
Oct 25 10:24:44 murphy kernel:  <TASK>
Oct 25 10:24:44 murphy kernel:  ? __die+0x23/0x70
Oct 25 10:24:44 murphy kernel:  ? page_fault_oops+0x171/0x4e0
Oct 25 10:24:44 murphy kernel:  ? __slab_free+0xf1/0x330
Oct 25 10:24:44 murphy kernel:  ? exc_page_fault+0x7f/0x180
Oct 25 10:24:44 murphy kernel:  ? asm_exc_page_fault+0x26/0x30
Oct 25 10:24:44 murphy kernel:  ? arc_buf_destroy+0x11/0x100 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  dbuf_undirty+0x2d4/0x2e0 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  dbuf_free_range+0x18e/0x3c0 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  dnode_free_range+0x1c0/0x6f0 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  dmu_free_long_range+0x37e/0x4d0 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  zfs_trunc+0x87/0x210 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  zfs_freesp+0xdb/0x480 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  ? generic_permission+0x39/0x220
Oct 25 10:24:44 murphy kernel:  zfs_setattr+0xe2c/0x23a0 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  zpl_setattr+0x110/0x250 [zfs 4a5be0149bf3d0d27c77f62efddd27f7ab2affbc]
Oct 25 10:24:44 murphy kernel:  notify_change+0x1f2/0x4b0
Oct 25 10:24:44 murphy kernel:  ? do_truncate+0x98/0xf0
Oct 25 10:24:44 murphy kernel:  do_truncate+0x98/0xf0
Oct 25 10:24:44 murphy kernel:  path_openat+0xf9b/0x1180
Oct 25 10:24:44 murphy kernel:  do_filp_open+0xb3/0x160
Oct 25 10:24:44 murphy kernel:  do_sys_openat2+0xab/0xe0
Oct 25 10:24:44 murphy kernel:  __x64_sys_openat+0x57/0xa0
Oct 25 10:24:44 murphy kernel:  do_syscall_64+0x5d/0x90
Oct 25 10:24:44 murphy kernel:  ? handle_mm_fault+0x9e/0x350
Oct 25 10:24:44 murphy kernel:  ? do_user_addr_fault+0x225/0x640
Oct 25 10:24:44 murphy kernel:  ? exc_page_fault+0x7f/0x180
Oct 25 10:24:44 murphy kernel:  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
Oct 25 10:24:44 murphy kernel: RIP: 0033:0x7ff6c7277bf2
Oct 25 10:24:44 murphy kernel: Code: 83 e2 40 75 53 89 f0 f7 d0 a9 00 00 41 00 74 48 80 3d 81 d7 0d 00 00 74 6c 89 da 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 92 00 00 00 48 8b 54 24 28 64 48 2b 14 25
Oct 25 10:24:44 murphy kernel: RSP: 002b:00007ffdd6d826a0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
Oct 25 10:24:44 murphy kernel: RAX: ffffffffffffffda RBX: 0000000000000241 RCX: 00007ff6c7277bf2
Oct 25 10:24:44 murphy kernel: RDX: 0000000000000241 RSI: 0000561c37044b00 RDI: 00000000ffffff9c
Oct 25 10:24:44 murphy kernel: RBP: 0000561c37044b00 R08: 0000000000000000 R09: 0000000000000000
Oct 25 10:24:44 murphy kernel: R10: 00000000000001b6 R11: 0000000000000202 R12: 0000000000000001
Oct 25 10:24:44 murphy kernel: R13: 0000000000000000 R14: 0000561c37044b00 R15: 0000561c35ffc220
Oct 25 10:24:44 murphy kernel:  </TASK>
Oct 25 10:24:44 murphy kernel: Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device ccm algif_aead crypto_null des_generic libdes algif_skcipher bnep cmac md4 algif_hash af_alg rc_pinnacle_pctv_hd em28xx_rc si2157 si2168 i2c_mux em28xx_dvb dvb_core snd_sof_pci_intel_cnl snd_sof_intel_hda_common soundwire_intel snd_sof_intel_hda_mlink soundwire_cadence snd_sof_intel_hda snd_sof_pci snd_sof_xtensa_dsp intel_rapl_msr intel_rapl_common intel_tcc_cooling snd_sof x86_pkg_temp_thermal intel_powerclamp snd_sof_utils coretemp soundwire_generic_allocation soundwire_bus kvm_intel snd_soc_skl snd_soc_hdac_hda snd_hda_codec_hdmi snd_hda_ext_core kvm snd_soc_sst_ipc snd_soc_sst_dsp snd_soc_acpi_intel_match snd_hda_codec_generic rtw88_8822be snd_soc_acpi ledtrig_audio irqbypass rtw88_8822b snd_soc_core crct10dif_pclmul crc32_pclmul rtw88_pci snd_compress crc32c_intel ac97_bus rtw88_core polyval_clmulni snd_pcm_dmaengine polyval_generic vboxnetflt(OE) snd_hda_intel gf128mul vboxnetadp(OE) ghash_clmulni_intel snd_intel_dspcfg
Oct 25 10:24:44 murphy kernel:  mac80211 sha512_ssse3 snd_intel_sdw_acpi aesni_intel snd_hda_codec btusb uvcvideo crypto_simd btrtl snd_hda_core videobuf2_vmalloc cryptd btbcm xts uvc ecb snd_hwdep libarc4 btintel vboxdrv(OE) vfat videobuf2_memops em28xx btmtk dm_crypt snd_pcm videobuf2_v4l2 tveeprom cbc mei_hdcp mei_pxp fat r8169 ee1004 videobuf2_common snd_timer hp_wmi usbip_host encrypted_keys rapl videodev cfg80211 mc bluetooth trusted intel_cstate realtek nvidia_drm(POE) i2c_i801 usbip_core mdio_devres sparse_keymap snd mei_me spi_nor pkcs8_key_parser ecdh_generic platform_profile asn1_encoder intel_uncore mousedev pcspkr wmi_bmof libphy nvidia_modeset(POE) crc16 mtd soundcore mei rfkill tee i2c_smbus intel_pch_thermal nvidia_uvm(POE) acpi_pad acpi_tad mac_hid nvidia(POE) dm_multipath sg vhba(OE) br_netfilter bridge stp llc crypto_user loop fuse dm_mod ip_tables x_tables usbhid zfs(POE) serio_raw atkbd sdhci_pci libps2 spl(OE) cqhci vivaldi_fmap nvme sdhci nvme_core spi_intel_pci mmc_core xhci_pci spi_intel nvme_common i8042
Oct 25 10:24:44 murphy kernel:  xhci_pci_renesas serio i915 i2c_algo_bit drm_buddy mxm_wmi video wmi ttm intel_gtt drm_display_helper cec
Oct 25 10:24:44 murphy kernel: CR2: 0000000000000000
Oct 25 10:24:44 murphy kernel: ---[ end trace 0000000000000000 ]---
Oct 25 10:24:44 murphy kernel: RIP: 0010:arc_buf_destroy+0x11/0x100 [zfs]
Oct 25 10:24:44 murphy kernel: Code: 04 c5 00 78 1a c1 eb 86 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 41 56 41 55 41 54 55 53 <48> 8b 2f 48 81 7d 60 40 4b fa c0 0f 84 8d 00 00 00 48 8b 4d 10 48
Oct 25 10:24:44 murphy kernel: RSP: 0018:ffffb2930a96f560 EFLAGS: 00010203
Oct 25 10:24:44 murphy kernel: RAX: ffff8a63d739a600 RBX: ffff8a63d7398c00 RCX: ffff8a63d739a710
Oct 25 10:24:44 murphy kernel: RDX: 0000000000000000 RSI: ffff8a650062cab8 RDI: 0000000000000000
Oct 25 10:24:44 murphy kernel: RBP: ffff8a650062cab8 R08: ffff8a650062c4d8 R09: 0000000000000040
Oct 25 10:24:44 murphy kernel: R10: ffff8a64b2564930 R11: ffff8a6476abbca0 R12: ffff8a63d7398c00
Oct 25 10:24:44 murphy kernel: R13: 000000000000a3f8 R14: 0000000000000000 R15: ffff8a6476abb9a8
Oct 25 10:24:44 murphy kernel: FS:  00007ff6c70fd000(0000) GS:ffff8a666f680000(0000) knlGS:0000000000000000
Oct 25 10:24:44 murphy kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Oct 25 10:24:44 murphy kernel: CR2: 0000000000000000 CR3: 00000001e7ebc002 CR4: 00000000003706e0
Oct 25 10:24:44 murphy kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Oct 25 10:24:44 murphy kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Oct 25 10:24:44 murphy kernel: note: bash[243356] exited with irqs disabled
snajpa commented 2 weeks ago

haha love this one, I'm probably going to have to solve it too, b/c currently it's "fix one bug, uncover another" for me :-D