From: Jeff Layton <jlayton@kernel.org>
To: Bastian Blank <bastian.blank@credativ.de>
Cc: Ilya Dryomov <idryomov@gmail.com>,
ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: PROBLEM: SLAB use-after-free with ceph(fs)
Date: Tue, 04 Jan 2022 07:29:05 -0500 [thread overview]
Message-ID: <21d74364d3006b350502067ab5a51f5dd1cd3f31.camel@kernel.org> (raw)
In-Reply-To: <YdQ7msXTCF5kKl4V@softhammer.credativ.lan>
On Tue, 2022-01-04 at 13:20 +0100, Bastian Blank wrote:
> Hi
>
> On Tue, Jan 04, 2022 at 07:00:31AM -0500, Jeff Layton wrote:
> > On Tue, 2022-01-04 at 10:49 +0100, Bastian Blank wrote:
> > > > [152791.777458] cache_from_obj: Wrong slab cache. jbd2_journal_handle but object is from kmalloc-256
>
> > At first blush, this looks like the same problem as:
> > https://tracker.ceph.com/issues/52283
> > ...but that should have been fixed in v5.14.
>
> Nope, does not make sense. This reported issue tried to free a
> "ceph_cap_flush", while mine tries to free "jbd2_journal_handle", which
> is far away.
>
There was some ambiguity in how those objects got freed. What you're
seeing could just be a different manifestation of the same problem, but
it could be something else as well.
> > You may also want to try v5.16-rc8 if you're able to build your own
> > kernels. There were some patches that went in to improve how the client
> > handles inodes that become inaccessible.
>
> I try to get them to install a 5.16-rc8 or newer, get a new crash dump
> and report that to https://tracker.ceph.com/.
>
Sounds good. I suspect you have more than one problem.
The crash is clearly a kernel bug, but it's occurring while the client
is removing caps due to receiving a session message. It may be that the
MDS blocklisted the client in this case. You may want to check the MDS
logs or see if the kernel logged anything to that effect.
v5.16 may help the client more sanely handle tearing down inodes in this
situation, but it may not do anything to help whatever is causing the
blocklisting in the first place.
--
Jeff Layton <jlayton@kernel.org>
prev parent reply other threads:[~2022-01-04 12:29 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-04 9:49 PROBLEM: SLAB use-after-free with ceph(fs) Bastian Blank
2022-01-04 12:00 ` Jeff Layton
2022-01-04 12:20 ` Bastian Blank
2022-01-04 12:29 ` Jeff Layton [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=21d74364d3006b350502067ab5a51f5dd1cd3f31.camel@kernel.org \
--to=jlayton@kernel.org \
--cc=bastian.blank@credativ.de \
--cc=ceph-devel@vger.kernel.org \
--cc=idryomov@gmail.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.