shadow@clusterfs.com
2007-Jul-11 08:37 UTC
[Lustre-devel] [Bug 12975] New: wrong pointer in osc_brw_prep_request
Please don''t reply to lustre-devel. Instead, comment in Bugzilla by
using the following link:
https://bugzilla.lustre.org/show_bug.cgi?id=12975
while testing patchless client at kernel with DEBUG_PAGEALLOC enabled i got a
panic.
Unable to handle kernel paging request<1>Unable to handle kernel paging
request
at virtual address ce8cdffc
printing eip:
e0c4f24f
*pde = 00000000
Oops: 0000 [#1]
SMP DEBUG_PAGEALLOC
Modules linked in: loop(U) mgc(U) lustre(U) lov(U) osc(U) mdc(U) lquota(U)
ptlrpc(U) obdclass(U) lvfs(U) ksocklnd(U) lnet(U) libcfs(U) ipt_length(U)
ipt_ttl(U) ipt_tcpmss(U) i
pt_TCPMSS(U) iptable_mangle(U) iptable_filter(U) ipt_multiport(U) ipt_limit(U)
ipt_tos(U) ipt_REJECT(U) ip_tables(U) md5(U) ipv6(U) parport_pc(U) lp(U)
parport(U) autofs4(U) s
unrpc(U) dm_mod(U) button(U) battery(U) ac(U) ohci_hcd(U) e100(U) mii(U)
floppy(U) ext3(U) jbd(U)
CPU: 0
EIP: 0060:[<e0c4f24f>] Not tainted VLI
EFLAGS: 00010212 (2.6.9-rh-orig)
EIP is at osc_brw_prep_request+0x28f/0x1310 [osc]
eax: 00001a08 ebx: ce8ce000 ecx: cc9e82c0 edx: 00000100
esi: c29e82d0 edi: 00000000 ebp: d4bd7a08 esp: d4bd7970
ds: 007b es: 007b ss: 0068
Process random-reads (pid: 10317, threadinfo=d4bd6000 task=d3e7b950)
Stack: 00000008 d4bd79ec 00000000 cabbe600 c136a6e0 00000000 000005ff 00000000
c98cea68 df54694c 0200470e 0200470e c98ce9ac cc9e8240 c29e8200 00000002
000005f8 e10bcc1a c15d9060 cc9e82c0 cabbe600 00000004 00000000 00000000
Call Trace:
[<c0106e40>] show_stack+0x76/0x7e
[<c0106f4f>] show_registers+0xf0/0x158
[<c0107110>] die+0xee/0x17e
[<c011c535>] do_page_fault+0x408/0x606
[<c030554f>] error_code+0x2f/0x38
[<e0c571ff>] osc_build_req+0x5df/0x10d0 [osc]
[<e0c5807e>] osc_send_oap_rpc+0x38e/0xd60 [osc]
[<e0c59143>] osc_check_rpcs+0x133/0x430 [osc]
[<e0c5ae14>] osc_queue_async_io+0x874/0x13a0 [osc]
[<e0c9388f>] lov_queue_async_io+0x2ff/0x760 [lov]
[<e10bf60c>] queue_or_sync_write+0x42c/0x1c80 [lustre]
[<e10c1066>] ll_commit_write+0x206/0xc90 [lustre]
[<c01430c1>] generic_file_buffered_write+0x346/0x4ba
[<c0143572>] __generic_file_aio_write_nolock+0x33d/0x368
[<c0143691>] __generic_file_write_nolock+0x78/0x8e
[<c0143852>] generic_file_write+0x55/0xbe
[<e108f762>] ll_file_write+0x752/0x12f0 [lustre]
[<c015c518>] vfs_write+0xb7/0xe6
[<c015c5e2>] sys_write+0x3b/0x60
[<c0304a57>] syscall_call+0x7/0xb
----------------------------------------------------------
panic is result of bug introduced in osc_recuests.c
(gdb) l *(osc_brw_prep_request+0x28f)
0x924f is in osc_brw_prep_request
(/vservers/lustre/b1_6/lustre/osc/osc_request.c:967).
962 ioobj->ioo_bufcnt = niocount;
963
964 LASSERT (page_count > 0);
965 for (requested_nob = i = 0; i < page_count; i++, niobuf++) {
966 struct brw_page *pg = pga[i];
967 struct brw_page *pg_prev = pga[i - 1];
for first loop pg_prev is pga[-1] and can point to unmaped area.