bcachefs
bcachefs copied to clipboard
Published
20 hours ago •
koverstreet
koverstreet
BUG: KASAN: vmalloc-out-of-bounds in __bch2_trans_init+0x447/0x5f0 [dc966251]
During/after a kernel fsck on mount (with commit dc966251), KASAN complains about an out off bounds read in bch-reclaim:
Mar 31 19:59:54 extravaganza.localdomain 3,1809,1531876818,-;BUG: KASAN: vmalloc-out-of-bounds in __bch2_trans_init+0x447/0x5f0
Mar 31 19:59:54 extravaganza.localdomain 3,1810,1531880653,-;Read of size 8 at addr ffffc900024370d0 by task bch-reclaim/a4b/1293
Mar 31 19:59:54 extravaganza.localdomain 3,1811,1531884549,-;
Mar 31 19:59:54 extravaganza.localdomain 3,1812,1531888394,-;CPU: 0 PID: 1293 Comm: bch-reclaim/a4b Tainted: G D L 6.2.8+bcachefs.git20230329.dc966251-1-debug #1
Mar 31 19:59:54 extravaganza.localdomain 3,1813,1531896469,-;Hardware name: System manufacturer System Product Name/Z170 PRO GAMING, BIOS 1904 07/05/2016
Mar 31 19:59:54 extravaganza.localdomain 3,1814,1531900719,-;Call Trace:
Mar 31 19:59:54 extravaganza.localdomain 3,1815,1531904919,-; <TASK>
Mar 31 19:59:54 extravaganza.localdomain 3,1816,1531909084,-; dump_stack_lvl+0x5f/0xc0
Mar 31 19:59:54 extravaganza.localdomain 3,1817,1531913279,-; print_address_description.constprop.0+0x2d/0x370
Mar 31 19:59:54 extravaganza.localdomain 3,1818,1531917535,-; print_report+0xc0/0x2b0
Mar 31 19:59:54 extravaganza.localdomain 3,1819,1531921755,-; ? kasan_addr_to_slab+0xd/0xb0
Mar 31 19:59:54 extravaganza.localdomain 3,1820,1531926002,-; kasan_report+0xe3/0x130
Mar 31 19:59:54 extravaganza.localdomain 3,1821,1531930186,-; ? __bch2_trans_init+0x447/0x5f0
Mar 31 19:59:54 extravaganza.localdomain 3,1822,1531934426,-; ? __bch2_trans_init+0x447/0x5f0
Mar 31 19:59:54 extravaganza.localdomain 3,1823,1531938647,-; __asan_load8+0x8b/0xe0
Mar 31 19:59:54 extravaganza.localdomain 3,1824,1531942831,-; __bch2_trans_init+0x447/0x5f0
Mar 31 19:59:54 extravaganza.localdomain 3,1825,1531947001,-; ? __pfx_bch2_btree_node_flush1+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1826,1531951197,-; __btree_node_flush+0xf5/0x280
Mar 31 19:59:54 extravaganza.localdomain 3,1827,1531955296,-; ? __pfx___btree_node_flush+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1828,1531959362,-; ? journal_flush_pins.constprop.0+0x2c9/0x520
Mar 31 19:59:54 extravaganza.localdomain 3,1829,1531963173,-; ? __pfx_bch2_btree_node_flush1+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1830,1531966117,-; ? __kasan_check_read+0x11/0x20
Mar 31 19:59:54 extravaganza.localdomain 3,1831,1531969051,-; ? __pfx_bch2_btree_node_flush1+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1832,1531971988,-; bch2_btree_node_flush1+0x16/0x30
Mar 31 19:59:54 extravaganza.localdomain 3,1833,1531974903,-; journal_flush_pins.constprop.0+0x2f6/0x520
Mar 31 19:59:54 extravaganza.localdomain 3,1834,1531977855,-; __bch2_journal_reclaim+0x6f4/0xa80
Mar 31 19:59:54 extravaganza.localdomain 3,1835,1531980761,-; ? __pfx___bch2_journal_reclaim+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1836,1531983603,-; ? bch2_journal_reclaim_thread+0x235/0x300
Mar 31 19:59:54 extravaganza.localdomain 3,1837,1531986374,-; bch2_journal_reclaim_thread+0x10e/0x300
Mar 31 19:59:54 extravaganza.localdomain 3,1838,1531989056,-; ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1839,1531991741,-; ? __kthread_parkme+0xe2/0x110
Mar 31 19:59:54 extravaganza.localdomain 3,1840,1531994411,-; ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1841,1531997035,-; kthread+0x18f/0x1c0
Mar 31 19:59:54 extravaganza.localdomain 3,1842,1531999569,-; ? __pfx_kthread+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 3,1843,1532002065,-; ret_from_fork+0x29/0x50
Mar 31 19:59:54 extravaganza.localdomain 3,1844,1532004537,-; </TASK>
Mar 31 19:59:54 extravaganza.localdomain 3,1845,1532006970,-;
Mar 31 19:59:54 extravaganza.localdomain 3,1846,1532009364,-;Memory state around the buggy address:
Mar 31 19:59:54 extravaganza.localdomain 3,1847,1532011802,-; ffffc90002436f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
Mar 31 19:59:54 extravaganza.localdomain 3,1848,1532014302,-; ffffc90002437000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
Mar 31 19:59:54 extravaganza.localdomain 3,1849,1532016745,-;>ffffc90002437080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
Mar 31 19:59:54 extravaganza.localdomain 3,1850,1532019128,-; ^
Mar 31 19:59:54 extravaganza.localdomain 3,1851,1532021494,-; ffffc90002437100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
Mar 31 19:59:54 extravaganza.localdomain 3,1852,1532023904,-; ffffc90002437180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
Mar 31 19:59:54 extravaganza.localdomain 3,1853,1532026300,-;==================================================================
Mar 31 19:59:54 extravaganza.localdomain 1,1854,1532028710,-;BUG: unable to handle page fault for address: ffffc900024370d0
Mar 31 19:59:54 extravaganza.localdomain 1,1855,1532031093,-;#PF: supervisor read access in kernel mode
Mar 31 19:59:54 extravaganza.localdomain 1,1856,1532033427,-;#PF: error_code(0x0000) - not-present page
Mar 31 19:59:54 extravaganza.localdomain 6,1857,1532035729,-;PGD 100000067 P4D 100000067 PUD 100277067 PMD 13c299067 PTE 0
Mar 31 19:59:54 extravaganza.localdomain 4,1858,1532038050,-;Oops: 0000 [#2] PREEMPT SMP KASAN PTI
Mar 31 19:59:54 extravaganza.localdomain 4,1859,1532040311,-;CPU: 0 PID: 1293 Comm: bch-reclaim/a4b Tainted: G B D L 6.2.8+bcachefs.git20230329.dc966251-1-debug #1
Mar 31 19:59:54 extravaganza.localdomain 4,1860,1532044817,-;Hardware name: System manufacturer System Product Name/Z170 PRO GAMING, BIOS 1904 07/05/2016
Mar 31 19:59:54 extravaganza.localdomain 4,1861,1532047128,-;RIP: 0010:__bch2_trans_init+0x447/0x5f0
Mar 31 19:59:54 extravaganza.localdomain 4,1862,1532049460,-;Code: 00 00 48 8b 45 c8 49 8d 9c 24 70 ff ff ff 49 39 c4 0f 84 e1 00 00 00 48 8d 83 c8 00 00 00 48 89 c7 48 89 45 d0 e8 a9 95 c1 ff <4c> 8b bb c8 00 00 00 49 8d bf a0 09 00 00 e8 d6 93 c1 ff 41 8b 87
Mar 31 19:59:54 extravaganza.localdomain 4,1863,1532054409,-;RSP: 0018:ffffc9000223f948 EFLAGS: 00010246
Mar 31 19:59:54 extravaganza.localdomain 4,1864,1532056909,-;RAX: 0000000000000000 RBX: ffffc90002437008 RCX: 0000000000000000
Mar 31 19:59:54 extravaganza.localdomain 4,1865,1532059457,-;RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
Mar 31 19:59:54 extravaganza.localdomain 4,1866,1532061995,-;RBP: ffffc9000223f998 R08: 0000000000000000 R09: 0000000000000000
Mar 31 19:59:54 extravaganza.localdomain 4,1867,1532064525,-;R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90002437098
Mar 31 19:59:54 extravaganza.localdomain 4,1868,1532067091,-;R13: ffffc9000223fa00 R14: 000000000000050d R15: ffff88815e503e98
Mar 31 19:59:54 extravaganza.localdomain 4,1869,1532069657,-;FS: 0000000000000000(0000) GS:ffff8887e4800000(0000) knlGS:0000000000000000
Mar 31 19:59:54 extravaganza.localdomain 4,1870,1532072284,-;CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Mar 31 19:59:54 extravaganza.localdomain 4,1871,1532074914,-;CR2: ffffc900024370d0 CR3: 00000002d5c2c006 CR4: 00000000003706f0
Mar 31 19:59:54 extravaganza.localdomain 4,1872,1532077570,-;DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Mar 31 19:59:54 extravaganza.localdomain 4,1873,1532080221,-;DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Mar 31 19:59:54 extravaganza.localdomain 4,1874,1532082847,-;Call Trace:
Mar 31 19:59:54 extravaganza.localdomain 4,1875,1532085434,-; <TASK>
Mar 31 19:59:54 extravaganza.localdomain 4,1876,1532087998,-; ? __pfx_bch2_btree_node_flush1+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1877,1532090610,-; __btree_node_flush+0xf5/0x280
Mar 31 19:59:54 extravaganza.localdomain 4,1878,1532093212,-; ? __pfx___btree_node_flush+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1879,1532095849,-; ? journal_flush_pins.constprop.0+0x2c9/0x520
Mar 31 19:59:54 extravaganza.localdomain 4,1880,1532098460,-; ? __pfx_bch2_btree_node_flush1+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1881,1532101065,-; ? __kasan_check_read+0x11/0x20
Mar 31 19:59:54 extravaganza.localdomain 4,1882,1532103658,-; ? __pfx_bch2_btree_node_flush1+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1883,1532106261,-; bch2_btree_node_flush1+0x16/0x30
Mar 31 19:59:54 extravaganza.localdomain 4,1884,1532108852,-; journal_flush_pins.constprop.0+0x2f6/0x520
Mar 31 19:59:54 extravaganza.localdomain 4,1885,1532111465,-; __bch2_journal_reclaim+0x6f4/0xa80
Mar 31 19:59:54 extravaganza.localdomain 4,1886,1532114064,-; ? __pfx___bch2_journal_reclaim+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1887,1532116657,-; ? bch2_journal_reclaim_thread+0x235/0x300
Mar 31 19:59:54 extravaganza.localdomain 4,1888,1532119271,-; bch2_journal_reclaim_thread+0x10e/0x300
Mar 31 19:59:54 extravaganza.localdomain 4,1889,1532121890,-; ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1890,1532124533,-; ? __kthread_parkme+0xe2/0x110
Mar 31 19:59:54 extravaganza.localdomain 4,1891,1532127192,-; ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1892,1532129870,-; kthread+0x18f/0x1c0
Mar 31 19:59:54 extravaganza.localdomain 4,1893,1532132503,-; ? __pfx_kthread+0x10/0x10
Mar 31 19:59:54 extravaganza.localdomain 4,1894,1532135169,-; ret_from_fork+0x29/0x50
Mar 31 19:59:54 extravaganza.localdomain 4,1895,1532137857,-; </TASK>
Mar 31 19:59:54 extravaganza.localdomain 4,1896,1532140479,-;Modules linked in: netconsole hid_logitech_hidpp hid_logitech_dj hid_generic usbhid hid mfd_aaeon nvme asus_wmi i2c_i801 crc32_pclmul psmouse nvme_core e1000e nvme_common i2c_smbus ahci ledtrig_audio xhci_pci xhci_pci_renesas sparse_keymap libahci platform_profile video wmi z3fold lz4
Mar 31 19:59:54 extravaganza.localdomain 4,1897,1532149033,-;CR2: ffffc900024370d0
Mar 31 19:59:54 extravaganza.localdomain 4,1898,1532151860,-;---[ end trace 0000000000000000 ]---```
Full log [here](https://paste.rs/sBx)
