Bug 1168841 - kernel bug in fscache for 5.6.0-1
kernel bug in fscache for 5.6.0-1
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel
Current
x86-64 openSUSE Factory
: P5 - None : Critical (vote)
: ---
Assigned To: Neil Brown
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-04-07 10:00 UTC by Arjen Runsink
Modified: 2020-04-20 07:30 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arjen Runsink 2020-04-07 10:00:53 UTC
System crashes with following error in dmesg:

kernel BUG at fs/nfs/fscache.c:471!
invalid opcode: 0000 [#1] SMP PTI

This is on two systems after a few minutes of sustained read access to an nfs server when mounted with the fsc option. There is enough disk space free for fscache.

Both systems run Tumbleweed MicroOs

The issue is repeatable.

5.6.0-1-default #1 SMP Mon Mar 30 08:00:44 UTC 2020 (4de1111) x86_64 x86_64 x86_64 GNU/Linux



------------[ cut here ]------------
[  951.620912] kernel BUG at fs/nfs/fscache.c:471!
[  951.620956] invalid opcode: 0000 [#1] SMP PTI
[  951.620982] CPU: 3 PID: 5688 Comm: tar Kdump: loaded Not tainted 5.6.0-1-default #1 openSUSE Tumbleweed (unreleased)
[  951.621026] Hardware name: Hewlett-Packard HP Pavilion dv3 Notebook PC     /1600, BIOS F.27 12/21/2011
[  951.621091] RIP: 0010:__nfs_readpages_from_fscache+0x157/0x160 [nfs]
[  951.621121] Code: 0f 84 44 ff ff ff 48 8b 55 28 48 8b 92 c8 03 00 00 48 8b 52 40 65 48 01 42 48 e9 2b ff ff ff 41 bc 97 ff ff ff e9 0d
ff ff ff <0f> 0b 0f 0b 0f 1f 44 00 00 66 66 66 66 90 41 54 55 48 89 f5 53 48
[  951.621196] RSP: 0018:ffffa8bc41b77ab0 EFLAGS: 00010287
[  951.621222] RAX: ffffe3cc44167ac8 RBX: ffffa8bc41b77aec RCX: 0000000000036c2b
[  951.621254] RDX: 00003db467c154c0 RSI: f3f04034667cf9e9 RDI: 0000000000034100
[  951.621286] RBP: ffff8b068295b5a8 R08: 0000000000000000 R09: ffffffff83dab780
[  951.620956] invalid opcode: 0000 [#1] SMP PTI
[  951.620982] CPU: 3 PID: 5688 Comm: tar Kdump: loaded Not tainted 5.6.0-1-default #1 openSUSE Tumbleweed (unreleased)
[  951.621026] Hardware name: Hewlett-Packard HP Pavilion dv3 Notebook PC     /1600, BIOS F.27 12/21/2011
[  951.621091] RIP: 0010:__nfs_readpages_from_fscache+0x157/0x160 [nfs]
[  951.621121] Code: 0f 84 44 ff ff ff 48 8b 55 28 48 8b 92 c8 03 00 00 48 8b 52 40 65 48 01 42 48 e9 2b ff ff ff 41 bc 97 ff ff ff e9 0d ff ff ff <0f> 0b 0f 0b 0f 1f 44 00 00 66 66 66 66 90 41 54 55 48 89 f5 53 48
[  951.621196] RSP: 0018:ffffa8bc41b77ab0 EFLAGS: 00010287
[  951.621222] RAX: ffffe3cc44167ac8 RBX: ffffa8bc41b77aec RCX: 0000000000036c2b
[  951.621254] RDX: 00003db467c154c0 RSI: f3f04034667cf9e9 RDI: 0000000000034100
[  951.621286] RBP: ffff8b068295b5a8 R08: 0000000000000000 R09: ffffffff83dab780
[  951.621318] R10: 0000000000000000 R11: ffff8b07d7cee064 R12: 0000000000000000
[  951.621350] R13: ffffa8bc41b77c88 R14: 0000000000000080 R15: 0000000000000080
[  951.621381] FS:  00007fb3152e4f80(0000) GS:ffff8b07d7cc0000(0000) knlGS:0000000000000000
[  951.621418] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  951.621445] CR2: 00005619b7bd3000 CR3: 0000000039082004 CR4: 00000000000206e0
[  951.621477] Call Trace:
[  951.621507]  nfs_readpages+0xb5/0x1a0 [nfs]
[  951.621533]  ? cpumask_next_wrap+0x24/0x70
[  951.621558]  read_pages+0x72/0x1a0
[  951.621578]  __do_page_cache_readahead+0x191/0x1b0
[  951.621604]  ondemand_readahead+0x17e/0x2a0
[  951.621627]  ? page_cache_async_readahead+0x6c/0xe0
[  951.621654]  generic_file_buffered_read+0x792/0xb70
[  951.621682]  ? current_time+0x43/0x80
[  951.623010]  ? nfs4_do_check_delegation+0x18/0x40 [nfsv4]
[  951.624336]  ? nfs_check_cache_invalid+0x33/0x90 [nfs]
[  951.625633]  nfs_file_read+0x6d/0xa0 [nfs]
[  951.626913]  new_sync_read+0x12a/0x1c0
[  951.628280]  vfs_read+0x9d/0x150
[  951.629543]  ksys_read+0x5f/0xe0
[  951.630784]  do_syscall_64+0x64/0x240
[  951.632018]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  951.633265] RIP: 0033:0x7fb3154a94be
[  951.634497] Code: c0 e9 c6 fe ff ff 50 48 8d 3d 2e 12 0a 00 e8 69 e9 01 00 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 48 83 ec 28
[  951.637332] RSP: 002b:00007ffc63fe0648 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  951.638827] RAX: ffffffffffffffda RBX: 0000000000002800 RCX: 00007fb3154a94be
[  951.640345] RDX: 0000000000002800 RSI: 0000562ae8002000 RDI: 0000000000000008
[  951.641855] RBP: 0000562ae8002000 R08: 0000562ae8003894 R09: 0000000000000001
[  951.643356] R10: 00007ffc63fe0810 R11: 0000000000000246 R12: 0000000000002800
[  951.644875] R13: 0000000000000008 R14: 0000000000002800 R15: 000000000802c8ed
[  951.646413] Modules linked in: ip6table_nat ip6_tables rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace sunrpc xt_state xt_REDIRECT ip_vs_rr xt_ipvs ip_vs vxlan ip6_udp_tunnel udp_tunnel xt_policy iptable_mangle xt_mark xt_u32 xt_nat xt_tcpudp veth xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_tables x_tables bpfilter dm_mod af_packet iscsi_ibft iscsi_boot_sysfs cachefiles fscache btusb btrtl btbcm uvcvideo btintel bluetooth videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common videodev ecdh_generic mc ecc brcmsmac brcmutil b43 cordic mac80211 cfg80211 ssb intel_powerclamp mmc_core kvm_intel snd_hda_codec_idt pcmcia snd_hda_codec_generic ledtrig_audio iTCO_wdt pcmcia_core libarc4 snd_hda_codec_hdmi iTCO_vendor_support snd_hda_intel snd_intel_dspcfg kvm snd_hda_codec snd_hda_core snd_hwdep snd_pcm hp_wmi sparse_keymap irqbypass pcspkr
[  951.646455]  snd_timer joydev r8169 mei_me rfkill wmi_bmof intel_ips i2c_i801 snd bcma mei realtek lpc_ich libphy soundcore thermal fan ac hp_accel lis3lv02d acpi_cpufreq button btrfs blake2b_generic libcrc32c xor i915 raid6_pq i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt ttm fb_sys_fops cec rc_core drm ehci_pci ehci_hcd crc32c_intel sr_mod usbcore serio_raw cdrom wmi battery video overlay coretemp msr sg br_netfilter bridge stp llc
Comment 1 Neil Brown 2020-04-09 00:47:36 UTC
Thanks for the report.
This was caused by a fairly simple error in a recent patch to cachefiles.

Commit 10d83e11a582 ("cachefiles: drop direct usage of ->bmap method.")

(it uses a variable - ret - while it was still live).

I've reported upstream and queued a simple fix which will hopefully be in the next kernel update.
Comment 2 Neil Brown 2020-04-20 03:16:18 UTC
Patch is definitely in the queue for the next release, so closing.
Comment 3 Arjen Runsink 2020-04-20 07:30:54 UTC
Great thx!