[powerpc] Intermittent crashes ( link_path_walk) with linux-next
Sachin Sant
sachinp at linux.vnet.ibm.com
Thu Mar 26 19:27:08 AEDT 2020
I am running into intermittent crashes with linux-next on POWER 9 PowerVM LPAR
First it was against next-20200324 while running LTP tests. With next-20200325
I ran into similar crash (a different stack trace but same failure point — link_path_walk)
while running sosreport command.
BUG: Kernel NULL pointer dereference on read at 0x00000000
Faulting instruction address: 0xc00000000043f278
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Dumping ftrace buffer:
(ftrace buffer empty)
Modules linked in: loop iscsi_target_mod target_core_mod macsec tcp_diag udp_diag inet_diag unix_diag af_packet_diag netlink_diag binfmt_misc overlay dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c ip6_tables nft_compat ip_set rfkill nf_tables nfnetlink sunrpc sg pseries_rng uio_pdrv_genirq uio sch_fq_codel ip_tables ext4 mbcache jbd2 sr_mod sd_mod cdrom t10_pi ibmvscsi scsi_transport_srp ibmveth
CPU: 26 PID: 7771 Comm: avocado Not tainted 5.6.0-rc7-next-20200324-autotest #1
NIP: c00000000043f278 LR: c00000000043f330 CTR: 00000000000001fb
REGS: c00000082802f830 TRAP: 0300 Not tainted (5.6.0-rc7-next-20200324-autotest)
MSR: 8000000000009033 <SF,EE,ME,IR,DR,RI,LE> CR: 28248442 XER: 20040000
CFAR: c00000000000dec4 DAR: 0000000000000000 DSISR: 40000000 IRQMASK: 0
GPR00: c00000000043f330 c00000082802fac0 c00000000155e900 0000000000000000
GPR04: 0000000000000002 0000000000000000 0000000000000002 c0000008b3400000
GPR08: 0000000000031419 0000000000000000 0000000000000000 ffffffffffff0000
GPR12: 0000000000008000 c00000001ec48600 00007fffa08a53f8 0000000000000001
GPR16: 00007fff9faf9a63 00000100073bec00 00007fff9f2493b0 0000000000000000
GPR20: 00007fffa1143bf8 00007fffa1103b18 c00000087f547cb3 2f2f2f2f2f2f2f2f
GPR24: 0000000000000003 0000000000000000 c00000082802fbc8 fffffffffffff000
GPR28: 0000000000200000 ffffffffffffffff 61c8864680b583eb 0000000000000000
NIP [c00000000043f278] link_path_walk.part.49+0x228/0x400
LR [c00000000043f330] link_path_walk.part.49+0x2e0/0x400
Call Trace:
[c00000082802fac0] [c00000000043f330] link_path_walk.part.49+0x2e0/0x400 (unreliable)
[c00000082802fb50] [c00000000043f5a4] path_lookupat.isra.51+0x64/0x1f0
[c00000082802fba0] [c000000000441c00] filename_lookup.part.69+0xa0/0x1b0
[c00000082802fce0] [c00000000042ff38] vfs_statx+0xa8/0x190
[c00000082802fd60] [c0000000004302a0] __do_sys_newstat+0x40/0x90
[c00000082802fe20] [c00000000000b278] system_call+0x5c/0x68
Instruction dump:
3bffffff e93a0058 38800000 7f43d378 7fff07b4 1d5f0030 7d295214 eac90020
4bfffb21 2fa30000 409e00c8 e93a0008 <81290000> 55290256 7f89e000 419efecc
---[ end trace 34abf29ebd56e423 ]—
Relevant snippet from obj dump:
6dc4: 20 00 c9 ea ld r22,32(r9)
link = walk_component(nd, 0);
6db4: 78 d3 43 7f mr r3,r26
name = nd->stack[--depth].name;
6db8: b4 07 ff 7f extsw r31,r31
6dbc: 30 00 5f 1d mulli r10,r31,48
6dc0: 14 52 29 7d add r9,r9,r10
6dc4: 20 00 c9 ea ld r22,32(r9)
link = walk_component(nd, 0);
6dc8: 01 00 00 48 bl 6dc8 <link_path_walk.part.49+0x218>
if (unlikely(link)) {
6dcc: 00 00 a3 2f cmpdi cr7,r3,0
6dd0: c8 00 9e 40 bne cr7,6e98 <link_path_walk.part.49+0x2e8>
return dentry->d_flags & DCACHE_ENTRY_TYPE;
6dd4: 08 00 3a e9 ld r9,8(r26)
6dd8: 00 00 29 81 lwz r9,0(r9) <<=== crashes here ??
6ddc: 56 02 29 55 rlwinm r9,r9,0,9,11
if (unlikely(!d_can_lookup(nd->path.dentry))) {
6de0: 00 e0 89 7f cmpw cr7,r9,r28
The code in question (link_path_walk() in fs/namei.c ) was recently changed by
following commit:
commit 881386f7e46a:
link_path_walk(): sample parent's i_uid and i_mode for the last component
Thanks
-Sachin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: next-20200325.log
Type: application/octet-stream
Size: 18482 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20200326/81d93596/attachment-0001.obj>
More information about the Linuxppc-dev
mailing list