search

openzfs / zfs

OpenZFS on Linux and FreeBSD
https://openzfs.github.io/openzfs-docs
Other
10.52k stars 1.74k forks source link

Linux 6.9 compat: UBSAN: array-index-out-of-bounds #16303

Closed vasylenkomykola closed 3 months ago

vasylenkomykola commented 3 months ago

System information

Type Version/Name
Distribution Name Fedora
Distribution Version 40
Kernel Version 6.9.4-200
Architecture x86_64
OpenZFS Version 2.2.4 and 2.2.5-staging

Describe the problem you're observing

thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:314:44
thu 27 12:19:50 kernel: index 1 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 2 PID: 1093 Comm: zpool Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  zap_lockdir_impl+0x7e1/0x7f0 [zfs]
thu 27 12:19:50 kernel:  zap_lockdir+0xc1/0x110 [zfs]
thu 27 12:19:50 kernel:  zap_cursor_retrieve+0x19b/0x3a0 [zfs]
thu 27 12:19:50 kernel:  spa_features_check+0xbe/0x1b0 [zfs]
thu 27 12:19:50 kernel:  spa_load+0x786/0x1a80 [zfs]
thu 27 12:19:50 kernel:  spa_tryimport+0x15f/0x470 [zfs]
thu 27 12:19:50 kernel:  zfs_ioc_pool_tryimport+0x77/0xd0 [zfs]
thu 27 12:19:50 kernel:  zfsdev_ioctl_common+0x7d0/0x9a0 [zfs]
thu 27 12:19:50 kernel:  ? ioctl_has_perm.constprop.0.isra.0+0xd8/0x130
thu 27 12:19:50 kernel:  zfsdev_ioctl+0x53/0xe0 [zfs]
thu 27 12:19:50 kernel:  __x64_sys_ioctl+0x97/0xd0
thu 27 12:19:50 kernel:  do_syscall_64+0x82/0x160
thu 27 12:19:50 kernel:  ? exc_page_fault+0x7e/0x180
thu 27 12:19:50 kernel:  entry_SYSCALL_64_after_hwframe+0x76/0x7e
thu 27 12:19:50 kernel: RIP: 0033:0x7fc757440d5d
thu 27 12:19:50 kernel: Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 >
thu 27 12:19:50 kernel: RSP: 002b:00007fffed410eb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
thu 27 12:19:50 kernel: RAX: ffffffffffffffda RBX: 00007fc756b69010 RCX: 00007fc757440d5d
thu 27 12:19:50 kernel: RDX: 00007fffed410f20 RSI: 0000000000005a06 RDI: 0000000000000003
thu 27 12:19:50 kernel: RBP: 00007fffed410f00 R08: 0000000000000000 R09: 00007fc75778f420
thu 27 12:19:50 kernel: R10: 0000000000000022 R11: 0000000000000246 R12: 00005608d3eee500
thu 27 12:19:50 kernel: R13: 00007fffed410f20 R14: 00007fffed414730 R15: 00007fffed4147b0
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:473:34
thu 27 12:19:50 kernel: index 2 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 2 PID: 1093 Comm: zpool Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  zap_lockdir_impl+0x7c3/0x7f0 [zfs]
thu 27 12:19:50 kernel:  zap_lockdir+0xc1/0x110 [zfs]
thu 27 12:19:50 kernel:  zap_cursor_retrieve+0x19b/0x3a0 [zfs]
thu 27 12:19:50 kernel:  spa_features_check+0xbe/0x1b0 [zfs]
thu 27 12:19:50 kernel:  spa_load+0x786/0x1a80 [zfs]
thu 27 12:19:50 kernel:  spa_tryimport+0x15f/0x470 [zfs]
thu 27 12:19:50 kernel:  zfs_ioc_pool_tryimport+0x77/0xd0 [zfs]
thu 27 12:19:50 kernel:  zfsdev_ioctl_common+0x7d0/0x9a0 [zfs]
thu 27 12:19:50 kernel:  ? ioctl_has_perm.constprop.0.isra.0+0xd8/0x130
thu 27 12:19:50 kernel:  zfsdev_ioctl+0x53/0xe0 [zfs]
thu 27 12:19:50 kernel:  __x64_sys_ioctl+0x97/0xd0
thu 27 12:19:50 kernel:  do_syscall_64+0x82/0x160
thu 27 12:19:50 kernel:  ? exc_page_fault+0x7e/0x180
thu 27 12:19:50 kernel:  entry_SYSCALL_64_after_hwframe+0x76/0x7e
thu 27 12:19:50 kernel: RIP: 0033:0x7fc757440d5d
thu 27 12:19:50 kernel: Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 >
thu 27 12:19:50 kernel: RSP: 002b:00007fffed410eb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
thu 27 12:19:50 kernel: RAX: ffffffffffffffda RBX: 00007fc756b69010 RCX: 00007fc757440d5d
thu 27 12:19:50 kernel: RDX: 00007fffed410f20 RSI: 0000000000005a06 RDI: 0000000000000003
thu 27 12:19:50 kernel: RBP: 00007fffed410f00 R08: 0000000000000000 R09: 00007fc75778f420
thu 27 12:19:50 kernel: R10: 0000000000000022 R11: 0000000000000246 R12: 00005608d3eee500
thu 27 12:19:50 kernel: R13: 00007fffed410f20 R14: 00007fffed414730 R15: 00007fffed4147b0
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:1715:28
thu 27 12:19:50 kernel: index 12 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 2 PID: 1093 Comm: zpool Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  zap_cursor_retrieve+0x394/0x3a0 [zfs]
thu 27 12:19:50 kernel:  spa_features_check+0xbe/0x1b0 [zfs]
thu 27 12:19:50 kernel:  spa_load+0x786/0x1a80 [zfs]
thu 27 12:19:50 kernel:  spa_tryimport+0x15f/0x470 [zfs]
thu 27 12:19:50 kernel:  zfs_ioc_pool_tryimport+0x77/0xd0 [zfs]
thu 27 12:19:50 kernel:  zfsdev_ioctl_common+0x7d0/0x9a0 [zfs]
thu 27 12:19:50 kernel:  ? ioctl_has_perm.constprop.0.isra.0+0xd8/0x130
thu 27 12:19:50 kernel:  zfsdev_ioctl+0x53/0xe0 [zfs]
thu 27 12:19:50 kernel:  __x64_sys_ioctl+0x97/0xd0
thu 27 12:19:50 kernel:  do_syscall_64+0x82/0x160
thu 27 12:19:50 kernel:  ? exc_page_fault+0x7e/0x180
thu 27 12:19:50 kernel:  entry_SYSCALL_64_after_hwframe+0x76/0x7e
thu 27 12:19:50 kernel: RIP: 0033:0x7fc757440d5d
thu 27 12:19:50 kernel: Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 >
thu 27 12:19:50 kernel: RSP: 002b:00007fffed410eb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
thu 27 12:19:50 kernel: RAX: ffffffffffffffda RBX: 00007fc756b69010 RCX: 00007fc757440d5d
thu 27 12:19:50 kernel: RDX: 00007fffed410f20 RSI: 0000000000005a06 RDI: 0000000000000003
thu 27 12:19:50 kernel: RBP: 00007fffed410f00 R08: 0000000000000000 R09: 00007fc75778f420
thu 27 12:19:50 kernel: R10: 0000000000000022 R11: 0000000000000246 R12: 00005608d3eee500
thu 27 12:19:50 kernel: R13: 00007fffed410f20 R14: 00007fffed414730 R15: 00007fffed4147b0
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:339:46
thu 27 12:19:50 kernel: index 1 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 2 PID: 1093 Comm: zpool Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  mze_find+0xee/0x100 [zfs]
thu 27 12:19:50 kernel:  zap_lookup_impl+0x10a/0x330 [zfs]
thu 27 12:19:50 kernel:  zap_lookup+0xa9/0x120 [zfs]
thu 27 12:19:50 kernel:  feature_get_refcount_from_disk+0x60/0xe0 [zfs]
thu 27 12:19:50 kernel:  spa_load+0x868/0x1a80 [zfs]
thu 27 12:19:50 kernel:  spa_tryimport+0x15f/0x470 [zfs]
thu 27 12:19:50 kernel:  zfs_ioc_pool_tryimport+0x77/0xd0 [zfs]
thu 27 12:19:50 kernel:  zfsdev_ioctl_common+0x7d0/0x9a0 [zfs]
thu 27 12:19:50 kernel:  ? ioctl_has_perm.constprop.0.isra.0+0xd8/0x130
thu 27 12:19:50 kernel:  zfsdev_ioctl+0x53/0xe0 [zfs]
thu 27 12:19:50 kernel:  __x64_sys_ioctl+0x97/0xd0
thu 27 12:19:50 kernel:  do_syscall_64+0x82/0x160
thu 27 12:19:50 kernel:  ? exc_page_fault+0x7e/0x180
thu 27 12:19:50 kernel:  entry_SYSCALL_64_after_hwframe+0x76/0x7e
thu 27 12:19:50 kernel: RIP: 0033:0x7fc757440d5d
thu 27 12:19:50 kernel: Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 >
thu 27 12:19:50 kernel: RSP: 002b:00007fffed410eb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
thu 27 12:19:50 kernel: RAX: ffffffffffffffda RBX: 00007fc756b69010 RCX: 00007fc757440d5d
thu 27 12:19:50 kernel: RDX: 00007fffed410f20 RSI: 0000000000005a06 RDI: 0000000000000003
thu 27 12:19:50 kernel: RBP: 00007fffed410f00 R08: 0000000000000000 R09: 00007fc75778f420
thu 27 12:19:50 kernel: R10: 0000000000000022 R11: 0000000000000246 R12: 00005608d3eee500
thu 27 12:19:50 kernel: R13: 00007fffed410f20 R14: 00007fffed414730 R15: 00007fffed4147b0
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:1019:27
thu 27 12:19:50 kernel: index 1 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 2 PID: 1093 Comm: zpool Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  zap_lookup_impl+0x2f5/0x330 [zfs]
thu 27 12:19:50 kernel:  zap_lookup+0xa9/0x120 [zfs]
thu 27 12:19:50 kernel:  feature_get_refcount_from_disk+0x60/0xe0 [zfs]
thu 27 12:19:50 kernel:  spa_load+0x868/0x1a80 [zfs]
thu 27 12:19:50 kernel:  spa_tryimport+0x15f/0x470 [zfs]
thu 27 12:19:50 kernel:  zfs_ioc_pool_tryimport+0x77/0xd0 [zfs]
thu 27 12:19:50 kernel:  zfsdev_ioctl_common+0x7d0/0x9a0 [zfs]
thu 27 12:19:50 kernel:  ? ioctl_has_perm.constprop.0.isra.0+0xd8/0x130
thu 27 12:19:50 kernel:  zfsdev_ioctl+0x53/0xe0 [zfs]
thu 27 12:19:50 kernel:  __x64_sys_ioctl+0x97/0xd0
thu 27 12:19:50 kernel:  do_syscall_64+0x82/0x160
thu 27 12:19:50 kernel:  ? exc_page_fault+0x7e/0x180
thu 27 12:19:50 kernel:  entry_SYSCALL_64_after_hwframe+0x76/0x7e
thu 27 12:19:50 kernel: RIP: 0033:0x7fc757440d5d
thu 27 12:19:50 kernel: Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 >
thu 27 12:19:50 kernel: RSP: 002b:00007fffed410eb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
thu 27 12:19:50 kernel: RAX: ffffffffffffffda RBX: 00007fc756b69010 RCX: 00007fc757440d5d
thu 27 12:19:50 kernel: RDX: 00007fffed410f20 RSI: 0000000000005a06 RDI: 0000000000000003
thu 27 12:19:50 kernel: RBP: 00007fffed410f00 R08: 0000000000000000 R09: 00007fc75778f420
thu 27 12:19:50 kernel: R10: 0000000000000022 R11: 0000000000000246 R12: 00005608d3eee500
thu 27 12:19:50 kernel: R13: 00007fffed410f20 R14: 00007fffed414730 R15: 00007fffed4147b0
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:1415:22
thu 27 12:19:50 kernel: index 2 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 5 PID: 1268 Comm: txg_sync Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  zap_update+0x2db/0x2e0 [zfs]
thu 27 12:19:50 kernel:  feature_sync+0x53/0x150 [zfs]
thu 27 12:19:50 kernel:  space_map_alloc+0x70/0x80 [zfs]
thu 27 12:19:50 kernel:  spa_generate_syncing_log_sm+0xd1/0x250 [zfs]
thu 27 12:19:50 kernel:  spa_flush_metaslabs+0xa7/0x430 [zfs]
thu 27 12:19:50 kernel:  ? mutex_lock+0x12/0x30
thu 27 12:19:50 kernel:  spa_sync+0x628/0x1050 [zfs]
thu 27 12:19:50 kernel:  ? spa_txg_history_init_io+0x115/0x120 [zfs]
thu 27 12:19:50 kernel:  txg_sync_thread+0x20a/0x3b0 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_txg_sync_thread+0x10/0x10 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_thread_generic_wrapper+0x10/0x10 [spl]
thu 27 12:19:50 kernel:  thread_generic_wrapper+0x5d/0x70 [spl]
thu 27 12:19:50 kernel:  kthread+0xd2/0x100
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork+0x34/0x50
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork_asm+0x1a/0x30
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:1232:52
thu 27 12:19:50 kernel: index 2 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 5 PID: 1268 Comm: txg_sync Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  mzap_addent+0x280/0x2b0 [zfs]
thu 27 12:19:50 kernel:  zap_add_impl+0x37b/0x390 [zfs]
thu 27 12:19:50 kernel:  zap_add_int_key+0x84/0xb0 [zfs]
thu 27 12:19:50 kernel:  spa_generate_syncing_log_sm+0xe9/0x250 [zfs]
thu 27 12:19:50 kernel:  spa_flush_metaslabs+0xa7/0x430 [zfs]
thu 27 12:19:50 kernel:  ? mutex_lock+0x12/0x30
thu 27 12:19:50 kernel:  spa_sync+0x628/0x1050 [zfs]
thu 27 12:19:50 kernel:  ? spa_txg_history_init_io+0x115/0x120 [zfs]
thu 27 12:19:50 kernel:  txg_sync_thread+0x20a/0x3b0 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_txg_sync_thread+0x10/0x10 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_thread_generic_wrapper+0x10/0x10 [spl]
thu 27 12:19:50 kernel:  thread_generic_wrapper+0x5d/0x70 [spl]
thu 27 12:19:50 kernel:  kthread+0xd2/0x100
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork+0x34/0x50
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork_asm+0x1a/0x30
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:314:44
thu 27 12:19:50 kernel: index 3 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 5 PID: 1268 Comm: txg_sync Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  mzap_addent+0x2a8/0x2b0 [zfs]
thu 27 12:19:50 kernel:  zap_add_impl+0x37b/0x390 [zfs]
thu 27 12:19:50 kernel:  zap_add_int_key+0x84/0xb0 [zfs]
thu 27 12:19:50 kernel:  spa_generate_syncing_log_sm+0xe9/0x250 [zfs]
thu 27 12:19:50 kernel:  spa_flush_metaslabs+0xa7/0x430 [zfs]
thu 27 12:19:50 kernel:  ? mutex_lock+0x12/0x30
thu 27 12:19:50 kernel:  spa_sync+0x628/0x1050 [zfs]
thu 27 12:19:50 kernel:  ? spa_txg_history_init_io+0x115/0x120 [zfs]
thu 27 12:19:50 kernel:  txg_sync_thread+0x20a/0x3b0 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_txg_sync_thread+0x10/0x10 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_thread_generic_wrapper+0x10/0x10 [spl]
thu 27 12:19:50 kernel:  thread_generic_wrapper+0x5d/0x70 [spl]
thu 27 12:19:50 kernel:  kthread+0xd2/0x100
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork+0x34/0x50
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork_asm+0x1a/0x30
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:19:50 kernel: ------------[ cut here ]------------
thu 27 12:19:50 kernel: UBSAN: array-index-out-of-bounds in /var/lib/dkms/zfs/2.2.4/build/module/zfs/zap_micro.c:1504:4
thu 27 12:19:50 kernel: index 28 is out of range for type 'mzap_ent_phys_t [1]'
thu 27 12:19:50 kernel: CPU: 5 PID: 1268 Comm: txg_sync Tainted: P           OE      6.9.4-200.fc40.x86_64 #1
thu 27 12:19:50 kernel: Hardware name: Gigabyte Technology Co., Ltd. B85-HD3-A/B85-HD3-A, BIOS F3 09/17/2015
thu 27 12:19:50 kernel: Call Trace:
thu 27 12:19:50 kernel:  <TASK>
thu 27 12:19:50 kernel:  dump_stack_lvl+0x5d/0x80
thu 27 12:19:50 kernel:  ubsan_epilogue+0x5/0x30
thu 27 12:19:50 kernel:  __ubsan_handle_out_of_bounds.cold+0x46/0x4b
thu 27 12:19:50 kernel:  zap_remove_impl+0x1ba/0x1d0 [zfs]
thu 27 12:19:50 kernel:  zap_remove+0x8f/0x100 [zfs]
thu 27 12:19:50 kernel:  zap_remove_int+0x71/0xa0 [zfs]
thu 27 12:19:50 kernel:  spa_cleanup_old_sm_logs+0xf8/0x170 [zfs]
thu 27 12:19:50 kernel:  metaslab_flush+0x19f/0x350 [zfs]
thu 27 12:19:50 kernel:  ? spa_cleanup_old_sm_logs+0xbe/0x170 [zfs]
thu 27 12:19:50 kernel:  spa_flush_metaslabs+0x1a1/0x430 [zfs]
thu 27 12:19:50 kernel:  spa_sync+0x628/0x1050 [zfs]
thu 27 12:19:50 kernel:  ? spa_txg_history_init_io+0x115/0x120 [zfs]
thu 27 12:19:50 kernel:  txg_sync_thread+0x20a/0x3b0 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_txg_sync_thread+0x10/0x10 [zfs]
thu 27 12:19:50 kernel:  ? __pfx_thread_generic_wrapper+0x10/0x10 [spl]
thu 27 12:19:50 kernel:  thread_generic_wrapper+0x5d/0x70 [spl]
thu 27 12:19:50 kernel:  kthread+0xd2/0x100
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork+0x34/0x50
thu 27 12:19:50 kernel:  ? __pfx_kthread+0x10/0x10
thu 27 12:19:50 kernel:  ret_from_fork_asm+0x1a/0x30
thu 27 12:19:50 kernel:  </TASK>
thu 27 12:19:50 kernel: ---[ end trace ]---
thu 27 12:20:33 kernel: kauditd_printk_skb: 2 callbacks suppressed

Describe how to reproduce the problem

The error was encountered after starting the zfs-import-cache.service during the OS boot with the 6.9.x kernel. The subsequent boot process was interrupted.

I understand that kernel version 6.9 is not on the supported list, but DKMS compiled the 2.2.4 module and the zfs-2.2.5-staging for kernel 6.9 without any code issues.

Include any warning/errors/backtraces from the system logs

make.log .config zfs_config.h

robn commented 3 months ago

Duplicate of #16278.

tonyhutter commented 3 months ago

Fixed: https://github.com/openzfs/zfs/commit/156a64161b4f9da35f2e0484106173344cf78317