search

openzfs / zfs

OpenZFS on Linux and FreeBSD
https://openzfs.github.io/openzfs-docs
Other
10.44k stars 1.73k forks source link

memcpy: detected field-spanning write #16501

Open leelists opened 2 weeks ago

leelists commented 2 weeks ago

System information

Type Version/Name
Distribution Name armbian
Distribution Version 24.11
Kernel Version 6.11.0-rc4-edge-rockchip-rk3588
Architecture
OpenZFS Version 2.2.99-687_gb3b749161

Describe the problem you're observing

kernel warn on zpool import

Describe how to reproduce the problem

zpool import tank

Include any warning/errors/backtraces from the system logs

[   37.404937] ------------[ cut here ]------------
[   37.404949] memcpy: detected field-spanning write (size 14) of single field "lr + 1" at /var/lib/dkms/zfs/2.2.99/build/module/zfs/zfs_log.c:461 (size 0)
[   37.405016] WARNING: CPU: 0 PID: 2495 at /var/lib/dkms/zfs/2.2.99/build/module/zfs/zfs_log.c:461 zfs_log_link+0x100/0x108 [zfs]
[   37.405155] Modules linked in: ebtable_filter ebtables ip_set ip6table_raw iptable_raw ip6table_filter ip6_tables iptable_filter bridge bonding tls lz4hc lz4 zram sunrpc nfnetlink_log nfnetlink binfmt_misc crct10dif_ce hantro_vpu snd_soc_rt5616 v4l2_vp9 snd_soc_rl6231 rk805_pwrkey rockchip_vdec2 v4l2_jpeg rockchip_rga v4l2_h264 nvmem_rockchip_otp v4l2_mem2mem rk_crypto2 videobuf2_dma_sg videobuf2_dma_contig sm3_generic rockchip_rng crypto_engine sm3 videobuf2_memops snd_soc_rockchip_i2s_tdm videobuf2_v4l2 videodev videobuf2_common mc snd_soc_simple_card snd_soc_simple_card_utils snd_soc_core snd_compress ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore cfg80211 rfkill vhost_net tun vhost vhost_iotlb tap dm_mod ip_tables x_tables autofs4 zfs(PO) spl(O) r8169 raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx raid1 raid0 simplefb rk808_regulator rockchipdrm fusb302 dw_hdmi_qp dw_mipi_dsi dw_hdmi tcpm analogix_dp rk8xx_spi phy_rockchip_samsung_hdptx rk8xx_core phy_rockchip_snps_pcie3 cec
[   37.405356]  panthor drm_gpuvm drm_dma_helper gpu_sched drm_display_helper drm_shmem_helper drm_exec drm_kms_helper drm adc_keys
[   37.405385] CPU: 0 UID: 1000 PID: 2495 Comm: xauth Tainted: P        W  O       6.11.0-rc4-edge-rockchip-rk3588 #2
[   37.405395] Tainted: [P]=PROPRIETARY_MODULE, [W]=WARN, [O]=OOT_MODULE
[   37.405399] Hardware name: FriendlyElec CM3588 NAS (DT)
[   37.405403] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   37.405409] pc : zfs_log_link+0x100/0x108 [zfs]
[   37.405535] lr : zfs_log_link+0x100/0x108 [zfs]
[   37.405660] sp : ffff800090c3bb90
[   37.405663] x29: ffff800090c3bb90 x28: 0000000000000000 x27: ffff00010661c0f8
[   37.405674] x26: 0000000000000000 x25: ffff00016b7b7290 x24: ffff000141c8ee28
[   37.405685] x23: ffff000141ece938 x22: ffff000121b489c0 x21: ffff000102e1f000
[   37.405695] x20: ffff0001264fb600 x19: 000000000000000e x18: ffffffffffffffff
[   37.405705] x17: 0000000000000000 x16: 0000000000000000 x15: 667a2f736d6b642f
[   37.405715] x14: 62696c2f7261762f x13: 0000000000000496 x12: 00000000ffffffea
[   37.405725] x11: 0000000000000001 x10: 0000000000000001 x9 : ffff800081d80b90
[   37.405735] x8 : 000000000002ffe8 x7 : c0000000ffffdfff x6 : 00000000000affa8
[   37.405744] x5 : ffff0004fddf2f88 x4 : 0000000000000000 x3 : ffff80047c4ff000
[   37.405754] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000107263480
[   37.405764] Call trace:
[   37.405767]  zfs_log_link+0x100/0x108 [zfs]
[   37.405893]  zfs_link+0x5f8/0x678 [zfs]
[   37.406018]  zpl_link+0x8c/0x118 [zfs]
[   37.406142]  vfs_link+0x2c8/0x3e4
[   37.406152]  do_linkat+0x238/0x2d0
[   37.406157]  __arm64_sys_linkat+0x5c/0x78
[   37.406163]  invoke_syscall+0x48/0x110
[   37.406172]  el0_svc_common.constprop.0+0x40/0xe8
[   37.406179]  do_el0_svc+0x20/0x2c
[   37.406185]  el0_svc+0x38/0x100
[   37.406193]  el0t_64_sync_handler+0x13c/0x158
[   37.406199]  el0t_64_sync+0x1a4/0x1a8
[   37.406205] ---[ end trace 0000000000000000 ]---
dankamongmen commented 2 days ago

I'm also seeing this on x86, though in zfs_log_remove():

[ 1907.500667] ------------[ cut here ]------------
[ 1907.500673] memcpy: detected field-spanning write (size 64) of single field "lr + 1" at /var/lib/dkms/zfs/2.2.6/build/module/zfs/zfs_log.c:425 (size 0)
[ 1907.500705] WARNING: CPU: 8 PID: 3047 at /var/lib/dkms/zfs/2.2.6/build/module/zfs/zfs_log.c:425 zfs_log_remove+0xfa/0x100 [zfs]
[ 1907.500776] Modules linked in: tls nft_masq nft_nat nft_fib_ipv4 nft_fib nft_chain_nat xt_MASQUERADE nf_nat xt_multiport xt_tcpudp xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nft_compat rfcomm cmac algif_hash algif_skcipher af_alg bnep wireguard libchacha20poly1305 chacha_x86_64 poly1305_x86_64 ip6_udp_tunnel udp_tunnel curve25519_x86_64 libcurve25519_generic libchacha nf_tables binfmt_misc amdgpu nls_ascii nls_cp437 edac_mce_amd kvm_amd gigabyte_wmi wmi_bmof kvm snd_hda_codec_realtek snd_hda_codec_generic crct10dif_pclmul snd_hda_scodec_component ghash_clmulni_intel mt7921e sha512_ssse3 mt7921_common sha256_ssse3 mt792x_lib sha1_ssse3 snd_hda_codec_hdmi mt76_connac_lib mt76 snd_hda_intel snd_intel_dspcfg snd_usb_audio drm_exec drm_suballoc_helper snd_hda_codec amdxcp mac80211 mfd_core snd_usbmidi_lib drm_buddy uvcvideo snd_hda_core snd_rawmidi gpu_sched uvc aesni_intel snd_pcsp snd_hwdep snd_seq_device videobuf2_vmalloc drm_display_helper btusb gf128mul videobuf2_memops btrtl crypto_simd snd_pcm
[ 1907.500796]  videobuf2_v4l2 cec cryptd btbcm videobuf2_common libarc4 drm_ttm_helper btmtk snd_timer cdc_acm videodev ttm btintel ch341 ccp snd cfg80211 drm_kms_helper sp5100_tco bluetooth usbserial mc led_class usblp rapl k10temp watchdog aquacomputer_d5next soundcore i2c_algo_bit rng_core video rfkill zfs(POE) spl(OE) wmi evdev button sg tcp_bbr nfsd auth_rpcgss lockd grace drivetemp sunrpc it87(OE) drm hwmon_vid fuse efi_pstore configfs nfnetlink ip_tables x_tables autofs4 efivarfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid0 r8153_ecm cdc_ether usbnet raid1 hid_generic usbhid hid md_mod sfc r8169 crc32_pclmul r8152 crc32c_intel realtek i2c_piix4 mii mdio_devres i2c_smbus mdio libphy ptp pps_core ses enclosure
[ 1907.500833] CPU: 8 UID: 0 PID: 3047 Comm: nfsd Tainted: P           OE      6.11.0 #67
[ 1907.500836] Tainted: [P]=PROPRIETARY_MODULE, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[ 1907.500837] Hardware name: Gigabyte Technology Co., Ltd. X670 AORUS ELITE AX/X670 AORUS ELITE AX, BIOS F22b 02/06/2024
[ 1907.500839] RIP: 0010:zfs_log_remove+0xfa/0x100 [zfs]
[ 1907.500881] Code: 89 df e8 69 eb 00 00 eb d7 48 8b 74 24 10 31 c9 48 c7 c2 d0 af 0f c1 48 c7 c7 20 af 0f c1 c6 05 43 8c 0e 00 01 e8 86 18 68 c6 <0f> 0b eb 96 66 90 66 0f 1f 00 0f 1f 44 00 00 41 57 49 89 cf 41 56
[ 1907.500884] RSP: 0018:ffffbe2302d6bb90 EFLAGS: 00010286
[ 1907.500885] RAX: 0000000000000000 RBX: ffff9c6b63ecf800 RCX: 0000000000000000
[ 1907.500886] RDX: 0000000000000002 RSI: 0000000000000027 RDI: 00000000ffffffff
[ 1907.500887] RBP: ffff9c6b41118fc0 R08: 0000000000000000 R09: ffffbe2302d6ba00
[ 1907.500888] R10: ffffffff88ca8708 R11: 0000000000000003 R12: ffff9c6b476c2970
[ 1907.500889] R13: ffff9c6b78de7e00 R14: ffff9c6b78de7e70 R15: 00000000000208a3
[ 1907.500891] FS:  0000000000000000(0000) GS:ffff9c7a3e400000(0000) knlGS:0000000000000000
[ 1907.500892] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1907.500893] CR2: 00007f4c2169bd20 CR3: 0000000c13a1a000 CR4: 0000000000750ef0
[ 1907.500894] PKRU: 55555554
[ 1907.500895] Call Trace:
[ 1907.500897]  <TASK>
[ 1907.500898]  ? zfs_log_remove+0xfa/0x100 [zfs]
[ 1907.500936]  ? __warn.cold+0x8e/0xe8
[ 1907.500940]  ? zfs_log_remove+0xfa/0x100 [zfs]
[ 1907.500977]  ? report_bug+0xe6/0x170
[ 1907.500978]  ? handle_bug+0x38/0x70
[ 1907.500980]  ? exc_invalid_op+0x17/0x60
[ 1907.500982]  ? asm_exc_invalid_op+0x1a/0x20
[ 1907.500984]  ? zfs_log_remove+0xfa/0x100 [zfs]
[ 1907.501020]  zfs_remove+0x635/0xa20 [zfs]
[ 1907.501060]  zpl_unlink+0x65/0xb0 [zfs]
[ 1907.501096]  vfs_unlink+0xf6/0x280
[ 1907.501099]  nfsd_unlink+0x186/0x300 [nfsd]
[ 1907.501112]  nfsd4_remove+0x4f/0x90 [nfsd]
[ 1907.501123]  nfsd4_proc_compound+0x32b/0x630 [nfsd]
[ 1907.501131]  nfsd_dispatch+0xc8/0x210 [nfsd]
[ 1907.501142]  svc_process_common+0x493/0x600 [sunrpc]
[ 1907.501156]  ? nfsd_svc+0x320/0x320 [nfsd]
[ 1907.501164]  svc_process+0x131/0x170 [sunrpc]
[ 1907.501173]  svc_recv+0x7d7/0x980 [sunrpc]
[ 1907.501187]  ? nfsd_inet6addr_event+0x120/0x120 [nfsd]
[ 1907.501195]  nfsd+0x87/0xd0 [nfsd]
[ 1907.501203]  kthread+0xde/0x110
[ 1907.501205]  ? kthread_park+0x80/0x80
[ 1907.501206]  ret_from_fork+0x31/0x50
[ 1907.501208]  ? kthread_park+0x80/0x80
[ 1907.501209]  ret_from_fork_asm+0x11/0x20
[ 1907.501212]  </TASK>
[ 1907.501212] ---[ end trace 0000000000000000 ]---