From: Coly Li <colyli@suse.de>
To: Marco Rebhan <me@dblsaiko.net>
Cc: linux-bcache@vger.kernel.org, victor@westerhu.is
Subject: Re: Kernel Oops: kernel BUG at block/bio.c:52
Date: Thu, 6 May 2021 10:50:06 +0800 [thread overview]
Message-ID: <104da4a6-61be-63f9-8670-6243e9625e5a@suse.de> (raw)
In-Reply-To: <5607192.MhkbZ0Pkbq@invader>
[-- Attachment #1: Type: text/plain, Size: 558 bytes --]
On 4/28/21 2:57 AM, Marco Rebhan wrote:
> Hi,
>
> I'm getting the same issue on kernel 5.12.0 after upgrading from
> 5.11.16. For me, so far the error always occurs a short while after
> boot.
>
>> Could you please help to apply a debug patch and gather some debug
>> information when it reproduces ?
>
> I could do that as well, which patch should I apply?
Could you please try the attached patch ? If a suspicious bio
allocation happens, this patch will print out a warning kernel message
and avoid the BUG() panic.
Thank you in advance.
Coly Li
[-- Attachment #2: 0001-bcache-avoid-oversized-bio_alloc_bioset-call-in-cach.patch --]
[-- Type: text/plain, Size: 2265 bytes --]
From 6f2edee7100efabf2ccccb84e4a92ccbfbddd8c5 Mon Sep 17 00:00:00 2001
From: Coly Li <colyli@suse.de>
Date: Thu, 6 May 2021 10:38:41 +0800
Subject: [PATCH] bcache: avoid oversized bio_alloc_bioset() call in
cached_dev_cache_miss()
Since Linux v5.12, calling bio_alloc_bioset() with oversized bio vectors
number will cause a BUG() panic in biovec_slab(). There are 2 locations
in bcache code calling bio_alloc_bioset(), and only the location in
cached_dev_cache_miss() has such potential oversized risk.
In cached_dev_cache_miss() the bio vectors number is calculated by
DIV_ROUND_UP(s->insert_bio_sectors, PAGE_SECTORS), this patch checks the
calculated result, if it is larger than BIO_MAX_VECS, then give up the
allocation of cache_bio and sending request to backing device directly.
By this restriction, the potential BUG() panic can be avoided from the
cache missing code path.
Signed-off-by: Coly Li <colyli@suse.de>
---
drivers/md/bcache/request.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/drivers/md/bcache/request.c b/drivers/md/bcache/request.c
index 29c231758293..a657d3a2b624 100644
--- a/drivers/md/bcache/request.c
+++ b/drivers/md/bcache/request.c
@@ -879,7 +879,7 @@ static void cached_dev_read_done_bh(struct closure *cl)
static int cached_dev_cache_miss(struct btree *b, struct search *s,
struct bio *bio, unsigned int sectors)
{
- int ret = MAP_CONTINUE;
+ int ret = MAP_CONTINUE, nr_iovecs = 0;
unsigned int reada = 0;
struct cached_dev *dc = container_of(s->d, struct cached_dev, disk);
struct bio *miss, *cache_bio;
@@ -916,9 +916,14 @@ static int cached_dev_cache_miss(struct btree *b, struct search *s,
/* btree_search_recurse()'s btree iterator is no good anymore */
ret = miss == bio ? MAP_DONE : -EINTR;
- cache_bio = bio_alloc_bioset(GFP_NOWAIT,
- DIV_ROUND_UP(s->insert_bio_sectors, PAGE_SECTORS),
- &dc->disk.bio_split);
+ nr_iovecs = DIV_ROUND_UP(s->insert_bio_sectors, PAGE_SECTORS);
+ if (nr_iovecs > BIO_MAX_VECS) {
+ pr_warn("inserting bio is too large: %d iovecs, not intsert.\n",
+ nr_iovecs);
+ goto out_submit;
+ }
+ cache_bio = bio_alloc_bioset(GFP_NOWAIT, nr_iovecs,
+ &dc->disk.bio_split);
if (!cache_bio)
goto out_submit;
--
2.26.2
next prev parent reply other threads:[~2021-05-06 2:50 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-20 14:54 Kernel Oops: kernel BUG at block/bio.c:52 Victor Westerhuis
2021-04-20 16:14 ` Coly Li
2021-04-27 18:57 ` Marco Rebhan
2021-05-06 2:50 ` Coly Li [this message]
2021-05-06 7:36 ` Marco Rebhan
2021-05-06 10:04 ` Coly Li
2021-05-06 15:46 ` Marco Rebhan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=104da4a6-61be-63f9-8670-6243e9625e5a@suse.de \
--to=colyli@suse.de \
--cc=linux-bcache@vger.kernel.org \
--cc=me@dblsaiko.net \
--cc=victor@westerhu.is \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).