zfs icon indicating copy to clipboard operation
zfs copied to clipboard
verified publisher icon openzfs

Consistent NULL dereference during ZTS on Linux/sparc64

Open rincebrain opened this issue 4 years ago • 2 comments

System information

Type Version/Name
Distribution Name Debian
Distribution Version sid
Linux Kernel 4.15.0-2-sparc64
Architecture sparc64
ZFS Version 7457b024b*
(The * is "plus the trivial patch to fix #12008" )

Describe the problem you're observing

Ran a subset of ZTS twice, both times it spit this out.

The first time, it was hung in cli_root/zfs_receive/zfs_receive_raw.ksh; the second time, cli_root/zfs_receive/zfs_receive_raw_-d.ksh

Describe how to reproduce the problem

Run this runfile on sparc64.

Include any warning/errors/backtraces from the system logs

[35767.884793] ZFS: Loaded module v2.1.99-174_g7457b024b, ZFS pool version 5000, ZFS filesystem version 5
[36129.229830] INFO: task kworker/0:1:173284 blocked for more than 120 seconds.
[36129.322668]       Tainted: P           O     4.15.0-2-sparc64 #1 Debian 4.15.11-1
[36129.421134] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[36129.524213] kworker/0:1     D    0 173284      2 0x03000000
[36129.597516] Workqueue: events cgwb_release_workfn
[36129.659357] Call Trace:
[36129.691502]  [00000000009f8d04] schedule+0x24/0xa0
[36129.754540]  [00000000009f94ec] bit_wait+0xc/0x60
[36129.816400]  [00000000009f9120] __wait_on_bit+0x60/0xe0
[36129.885121]  [00000000009f9224] out_of_line_wait_on_bit+0x84/0xa0
[36129.965299]  [000000000058c6c8] wb_shutdown+0x108/0x140
[36130.034040]  [000000000058de2c] cgwb_release_workfn+0xc/0x120
[36130.109659]  [000000000047e4b8] process_one_work+0x158/0x400
[36130.184090]  [000000000047e8ac] worker_thread+0x14c/0x500
[36130.255119]  [0000000000484b08] kthread+0x108/0x120
[36130.319273]  [0000000000405f64] ret_from_fork+0x1c/0x2c
[36130.388076]  [0000000000000000]           (null)
[36252.074347] INFO: task kworker/0:1:173284 blocked for more than 120 seconds.
[36252.167183]       Tainted: P           O     4.15.0-2-sparc64 #1 Debian 4.15.11-1
[36252.265680] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[36252.368766] kworker/0:1     D    0 173284      2 0x03000000
[36252.442091] Workqueue: events cgwb_release_workfn
[36252.503928] Call Trace:
[36252.536082]  [00000000009f8d04] schedule+0x24/0xa0
[36252.599092]  [00000000009f94ec] bit_wait+0xc/0x60
[36252.660969]  [00000000009f9120] __wait_on_bit+0x60/0xe0
[36252.729712]  [00000000009f9224] out_of_line_wait_on_bit+0x84/0xa0
[36252.809875]  [000000000058c6c8] wb_shutdown+0x108/0x140
[36252.878608]  [000000000058de2c] cgwb_release_workfn+0xc/0x120
[36252.954220]  [000000000047e4b8] process_one_work+0x158/0x400
[36253.028663]  [000000000047e8ac] worker_thread+0x14c/0x500
[36253.099692]  [0000000000484b08] kthread+0x108/0x120
[36253.163853]  [0000000000405f64] ret_from_fork+0x1c/0x2c
[36253.232573]  [0000000000000000]           (null)
[36374.973680] INFO: task kworker/0:1:173284 blocked for more than 120 seconds.
[36375.066472]       Tainted: P           O     4.15.0-2-sparc64 #1 Debian 4.15.11-1
[36375.165019] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[36375.268127] kworker/0:1     D    0 173284      2 0x03000000
[36375.341485] Workqueue: events cgwb_release_workfn
[36375.403316] Call Trace:
[36375.435471]  [00000000009f8d04] schedule+0x24/0xa0
[36375.498479]  [00000000009f94ec] bit_wait+0xc/0x60
[36375.560372]  [00000000009f9120] __wait_on_bit+0x60/0xe0
[36375.629094]  [00000000009f9224] out_of_line_wait_on_bit+0x84/0xa0
[36375.709267]  [000000000058c6c8] wb_shutdown+0x108/0x140
[36375.777994]  [000000000058de2c] cgwb_release_workfn+0xc/0x120
[36375.853607]  [000000000047e4b8] process_one_work+0x158/0x400
[36375.928056]  [000000000047e8ac] worker_thread+0x14c/0x500
[36375.999078]  [0000000000484b08] kthread+0x108/0x120
[36376.063241]  [0000000000405f64] ret_from_fork+0x1c/0x2c
[36376.131959]  [0000000000000000]           (null)
[36456.759064] Unable to handle kernel NULL pointer dereference
[36456.833550] tsk->{mm,active_mm}->context = 00000000000011b2
[36456.906873] tsk->{mm,active_mm}->pgd = fffff8000012c000
[36456.975574]               \|/ ____ \|/
[36456.975574]               "@'/ .. \`@"
[36456.975574]               /_| \__/ |_\
[36456.975574]                  \__U_/
[36457.169011] zfs(189510): Oops [#1]
[36457.213699] CPU: 0 PID: 189510 Comm: zfs Tainted: P           O     4.15.0-2-sparc64 #1 Debian 4.15.11-1
[36457.338509] TSTATE: 0000004411001606 TPC: 00000000108fe1cc TNPC: 00000000108fe1d0 Y: 00000c80    Tainted: P           O
[36457.486036] TPC: <abd_verify+0xc/0xa0 [zfs]>
[36457.542182] g0: 0000000000000000 g1: 0000000000000000 g2: 0000000000000000 g3: fffff80035f7c000
[36457.656670] g4: fffff80005bf8000 g5: 0000000000b22c9c g6: fffff80035f7c000 g7: 0000000000000002
[36457.771163] o0: 0000000000000001 o1: fffff80034e32c4c o2: fffff8003c4bd000 o3: 0000000000000000
[36457.885693] o4: 000000000000260e o5: fffff8003c4bd038 sp: fffff80035f7e471 ret_pc: 000000000048cb84
[36458.004737] RPC: <finish_task_switch+0x44/0x1c0>
[36458.065437] l0: fffff80034b8f2b0 l1: fffff80034b8f2b0 l2: 0000000000000000 l3: 0000000000000001
[36458.179935] l4: 00000000000010fb l5: 0000000010a4dc50 l6: 0000000000000000 l7: 0000000000000008
[36458.294422] i0: 0000000000000000 i1: 0000000000bd9f10 i2: 0000000000000002 i3: fffff80005bf8000
[36458.408937] i4: fffff80034e32c00 i5: 0000000000bd9c00 i6: fffff80035f7e521 i7: 00000000108ff20c
[36458.523771] I7: <abd_borrow_buf+0xc/0x60 [zfs]>
[36458.583295] Call Trace:
[36458.615780]  [00000000108ff20c] abd_borrow_buf+0xc/0x60 [zfs]
[36458.691705]  [00000000108ff3b0] abd_borrow_buf_copy+0x10/0x40 [zfs]
[36458.774579]  [0000000010a2b310] zio_crypt_copy_dnode_bonus+0x10/0x140 [zfs]
[36458.866511]  [0000000010907aa8] arc_buf_fill+0x388/0x940 [zfs]
[36458.943564]  [0000000010908080] arc_untransform+0x20/0xa0 [zfs]
[36459.021767]  [00000000109169c4] dbuf_read_verify_dnode_crypt+0xc4/0x160 [zfs]
[36459.115984]  [000000001091a780] dbuf_read_impl.constprop.20+0x240/0x5a0 [zfs]
[36459.210195]  [000000001091ab78] dbuf_read+0x98/0x4c0 [zfs]
[36459.282770]  [0000000010922f10] dmu_buf_hold+0x50/0x80 [zfs]
[36459.357594]  [00000000109d67e0] zap_lockdir+0x20/0x80 [zfs]
[36459.431320]  [00000000109d6c18] zap_lookup_norm+0x38/0xa0 [zfs]
[36459.509644]  [00000000109d6cb0] zap_lookup+0x30/0x40 [zfs]
[36459.582222]  [0000000010a1c72c] zfs_get_zplprop+0x8c/0x1c0 [zfs]
[36459.661659]  [0000000010a1c888] zfsvfs_init+0x28/0x4e0 [zfs]
[36459.736549]  [0000000010a1cf34] zfsvfs_create_impl+0x1f4/0x2a0 [zfs]
[36459.820589]  [0000000010a1d054] zfsvfs_create+0x74/0xc0 [zfs]
[36459.896506] Caller[00000000108ff20c]: abd_borrow_buf+0xc/0x60 [zfs]
[36459.979277] Caller[00000000108ff3b0]: abd_borrow_buf_copy+0x10/0x40 [zfs]
[36460.068990] Caller[0000000010a2b310]: zio_crypt_copy_dnode_bonus+0x10/0x140 [zfs]
[36460.167813] Caller[0000000010907aa8]: arc_buf_fill+0x388/0x940 [zfs]
[36460.251725] Caller[0000000010908080]: arc_untransform+0x20/0xa0 [zfs]
[36460.336793] Caller[00000000109169c4]: dbuf_read_verify_dnode_crypt+0xc4/0x160 [zfs]
[36460.437875] Caller[000000001091a780]: dbuf_read_impl.constprop.20+0x240/0x5a0 [zfs]
[36460.539049] Caller[000000001091ab78]: dbuf_read+0x98/0x4c0 [zfs]
[36460.618393] Caller[0000000010922f10]: dmu_buf_hold+0x50/0x80 [zfs]
[36460.700079] Caller[00000000109d67e0]: zap_lockdir+0x20/0x80 [zfs]
[36460.780664] Caller[00000000109d6c18]: zap_lookup_norm+0x38/0xa0 [zfs]
[36460.865834] Caller[00000000109d6cb0]: zap_lookup+0x30/0x40 [zfs]
[36460.945280] Caller[0000000010a1c72c]: zfs_get_zplprop+0x8c/0x1c0 [zfs]
[36461.031599] Caller[0000000010a1c888]: zfsvfs_init+0x28/0x4e0 [zfs]
[36461.113333] Caller[0000000010a1cf34]: zfsvfs_create_impl+0x1f4/0x2a0 [zfs]
[36461.204219] Caller[0000000010a1d054]: zfsvfs_create+0x74/0xc0 [zfs]
[36461.287095] Caller[0000000010a1d0e0]: zfs_domount+0x40/0x4a0 [zfs]
[36461.368832] Caller[0000000010a2ff5c]: zpl_mount+0x11c/0x180 [zfs]
[36461.449000] Caller[00000000005f0984]: mount_fs+0x24/0x160
[36461.520023] Caller[000000000060fa58]: vfs_kern_mount.part.7+0x38/0x120
[36461.605907] Caller[0000000000612770]: do_mount+0x6b0/0xce0
[36461.678072] Caller[0000000000613144]: SyS_mount+0x44/0xc0
[36461.749101] Caller[0000000000406114]: linux_sparc_syscall+0x34/0x44
[36461.831554] Caller[fffff801001656ec]: 0xfffff801001656ec
[36461.901418] Instruction DUMP:
[36461.901427]  9de3bf50
[36461.940413]  01000000
[36461.971398]  01000000
[36462.002387] <c2060000>
[36462.033376]  80886001
[36462.064364]  12600019
[36462.095352]  80886040
[36462.126340]  02600019
[36462.157327]  01000000

rincebrain avatar May 18 '21 06:05 rincebrain

Just noticed this looks the same as #12257. "Great", one more bug that'll get closed whenever that gets fixed.

rincebrain avatar Jul 18 '21 04:07 rincebrain

This issue has been automatically marked as "stale" because it has not had any activity for a while. It will be closed in 90 days if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Jul 31 '22 03:07 stale[bot]