From: Adrian Huang12 <ahuang12@lenovo.com>
To: Jan Kara <jack@suse.cz>
Cc: Adrian Huang <adrianhuang0701@gmail.com>,
"linux-nvdimm@lists.01.org" <linux-nvdimm@lists.01.org>,
Coly Li <colyli@suse.de>, Mikulas Patocka <mpatocka@redhat.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>
Subject: RE: [External] Re: [PATCH 1/1] dax: Fix stack overflow when mounting fsdax pmem device
Date: Wed, 16 Sep 2020 14:02:19 +0000 [thread overview]
Message-ID: <HK2PR0302MB2594F6503ECF4BAEDF76E9F4B3210@HK2PR0302MB2594.apcprd03.prod.outlook.com> (raw)
In-Reply-To: <20200916111904.GD3607@quack2.suse.cz>
> -----Original Message-----
> From: Jan Kara <jack@suse.cz>
> Sent: Wednesday, September 16, 2020 7:19 PM
> >
> > dm-3: error: dax access failed (-95)
> > dm-3: error: dax access failed (-95)
> > dm-3: error: dax access failed (-95)
>
> Right, and that's result of the problem I also describe above. Attached patch
> should fix these errors.
The patch introduces the following panic during boot. Apparently, the dax_dev is NULL in dax_supported(). So, the address 0x00000000000002d0 is offset of the member 'flags' in struct dax_device (the member 'flags' is referenced in dax_alive()):
crash> struct dax_device -xo
struct dax_device {
[0x0] struct hlist_node list;
[0x10] struct inode inode;
[0x258] struct cdev cdev;
[0x2c0] const char *host;
[0x2c8] void *private;
[0x2d0] unsigned long flags;
[0x2d8] const struct dax_operations *ops;
}
[ 30.551352] BUG: kernel NULL pointer dereference, address: 00000000000002d0
[ 30.568869] #PF: supervisor read access in kernel mode
[ 30.588569] #PF: error_code(0x0000) - not-present page
[ 30.602591] PGD 0 P4D 0
[ 30.612924] Oops: 0000 [#1] SMP NOPTI
[ 30.627707] CPU: 198 PID: 2133 Comm: lvm Not tainted 5.9.0-rc5+ #21
[ 30.645862] Hardware name: Lenovo ThinkSystem SR665 MB/7D2WRCZ000, BIOS D8E105P-1.00 05/08/2020
[ 30.666245] RIP: 0010:dax_supported+0x5/0x30
[ 30.690943] Code: c7 50 49 7f 83 4c 0f 44 f0 4c 89 f2 e8 b4 ec e6 ff 48 c7 c2 ea ff ff ff e9 e8 fd ff ff e8 53 e2 2e 00 0f 1f 00 0f 1f 44 00 00 <48> 8b 87 d0 02 00 00 a8 01 74 10 48 8b 87 d8 02 00 00 48 8b 40 08
[ 30.737769] RSP: 0018:ffffaf660803bc98 EFLAGS: 00010246
[ 30.757840] RAX: ffffaf660803bcd8 RBX: 0000000000000000 RCX: 00000000157f6800
[ 30.776039] RDX: 0000000000001000 RSI: ffff8b862f677840 RDI: 0000000000000000
[ 30.800314] RBP: ffffffffc009c740 R08: 0000000006400000 R09: ffffffffc009c740
[ 30.818598] R10: ffffaf660471e0a0 R11: ffff8b8714d376ef R12: ffffaf660803bcd8
[ 30.835971] R13: ffff8b8ae0cb6800 R14: ffff8b8ad9a3c000 R15: 0000000000000001
[ 30.856943] FS: 00007f17e3c4c980(0000) GS:ffff8b8afeb80000(0000) knlGS:0000000000000000
[ 30.875594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.894763] CR2: 00000000000002d0 CR3: 00000008142dc000 CR4: 0000000000350ee0
[ 30.919656] Call Trace:
[ 30.933808] device_supports_dax+0x1c/0x20 [dm_mod]
[ 30.950784] dm_table_supports_dax+0x8d/0xb0 [dm_mod]
[ 30.968326] dm_table_complete+0x309/0x670 [dm_mod]
[ 30.984310] table_load+0x15b/0x2e0 [dm_mod]
[ 31.001171] ? dev_status+0x40/0x40 [dm_mod]
[ 31.018840] ctl_ioctl+0x1af/0x420 [dm_mod]
[ 31.043825] dm_ctl_ioctl+0xa/0x10 [dm_mod]
[ 31.059381] __x64_sys_ioctl+0x84/0xb1
[ 31.074755] do_syscall_64+0x33/0x40
[ 31.091368] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 31.111434] RIP: 0033:0x7f17e1e2987b
[ 31.125175] Code: 0f 1e fa 48 8b 05 0d 96 2c 00 64 c7 00 26 00 00 00 48 c7
c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d dd 95 2c 00 f7 d8 64 89 01 48
[ 31.170194] RSP: 002b:00007ffca2dbcf88 EFLAGS: 00000206 ORIG_RAX: 0000000000000010
[ 31.193668] RAX: ffffffffffffffda RBX: 0000563b00467260 RCX: 00007f17e1e2987b
[ 31.214773] RDX: 0000563b01b17290 RSI: 00000000c138fd09 RDI: 0000000000000003
[ 31.236570] RBP: 0000563b005154fe R08: 0000000000000000 R09: 00007ffca2dbcdf0
[ 31.259426] R10: 0000563b00581ea3 R11: 0000000000000206 R12: 0000000000000000
[ 31.277578] R13: 0000563b01b172c0 R14: 0000563b01b17290 R15: 0000563b01311970
[ 31.302167] Modules linked in: sd_mod t10_pi sg crc32c_intel igb ahci libahci i2c_algo_bit libata dca pinctrl_amd dm_mirror dm_region_hash dm_log dm_mod
[ 31.347549] CR2: 00000000000002d0
The following patch solves the panic. Feel free to add it to your patch.
BTW, feel free to add my tested-by to your patch after including the following patch to your patch (I don't see any dax error messages when running lvm2-testsuite).
Tested-by: Adrian Huang <ahuang12@lenovo.com>
Thanks for looking into the issue triggered by lvm2-testsuite.
diff --git a/drivers/dax/super.c b/drivers/dax/super.c
index 0d2dcbb1e549..e84070b55463 100644
--- a/drivers/dax/super.c
+++ b/drivers/dax/super.c
@@ -325,6 +325,9 @@ EXPORT_SYMBOL_GPL(dax_direct_access);
bool dax_supported(struct dax_device *dax_dev, struct block_device *bdev,
int blocksize, sector_t start, sector_t len)
{
+ if (!dax_dev)
+ return false;
+
if (!dax_alive(dax_dev))
return false;
BTW, I just submitted the v2 version: https://lore.kernel.org/linux-nvdimm/20200916133923.31-1-adrianhuang0701@gmail.com/T/#u
Hopefully/ideally, your patch and mine can be merged at the same rc release.
-- Adrian
_______________________________________________
Linux-nvdimm mailing list -- linux-nvdimm@lists.01.org
To unsubscribe send an email to linux-nvdimm-leave@lists.01.org
next prev parent reply other threads:[~2020-09-16 14:03 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-15 7:57 [PATCH 1/1] dax: Fix stack overflow when mounting fsdax pmem device Adrian Huang
2020-09-15 8:37 ` Jan Kara
2020-09-16 7:02 ` [External] " Adrian Huang12
2020-09-16 11:19 ` Jan Kara
2020-09-16 14:02 ` Adrian Huang12 [this message]
2020-09-16 15:08 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=HK2PR0302MB2594F6503ECF4BAEDF76E9F4B3210@HK2PR0302MB2594.apcprd03.prod.outlook.com \
--to=ahuang12@lenovo.com \
--cc=adrianhuang0701@gmail.com \
--cc=agk@redhat.com \
--cc=colyli@suse.de \
--cc=jack@suse.cz \
--cc=linux-nvdimm@lists.01.org \
--cc=mpatocka@redhat.com \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).