xfs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: xfs_vm_releasepage() causing BUG at free_buffer_head()

from [Alex Lyakas] [Permanent Link][Original]
To: <xfs@xxxxxxxxxxx>, Holger HoffstÃtte <holger@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: xfs_vm_releasepage() causing BUG at free_buffer_head()
From: "Alex Lyakas" <alex@xxxxxxxxxxxxxxxxx>
Date: Tue, 19 Jul 2016 11:43:52 +0300
Delivered-to: xfs@xxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zadarastorage-com.20150623.gappssmtp.com; s=20150623; h=message-id:from:to:references:in-reply-to:subject:date:mime-version :content-transfer-encoding:importance; bh=PwDeVEuRjvb2wrd9835cCXnWXBZfoiHqi8YhD2ExV30=; b=hZCisgLk4caVsuWcxJk7/MFa8NuTVgeN/s8K6TV/2y5A+lzeQKicPiBSqHYRYF/KjL xjdZKwGCMsQlw87jhxNXQSQvGwUzsOPE1zPf7f7v1YXzfGX2iEe3qF1JO6jAMogVr4Tu P34DWswKE9ml5jWDRAa30s1V9AqbTP30cRSpY4w72fiMdxvZqo5Q20aNO8l1ZX0XZa31 Omu3eLGZylErD0aVyZXpdGStlo25NNkVuV+9UClO/i6tIt8tQ3S1ju0sn3eVdBLjnpNn ZUq2B28oEOEBfv9Xo/KPHaHWtvoigmHMZbzn0eNxHi9AemONBVEJSCa+ikRgI5R/Uwrf xEoQ==
Importance: Normal
In-reply-to: <578D399C.1010006@xxxxxxxxxxxxxxxxxxxxxx>
References: <143E2E5E912B4C348E8C62AA987F0506@alyakaslap> <578D399C.1010006@xxxxxxxxxxxxxxxxxxxxxx> 
Hello Holger,
Thank you for your response. I see that xfs_finish_page_writeback() has been added very recently and is called from xfs_destroy_ioend(). In my kernel (3.18.19), the xfs_destroy_ioend() is [1]. I think it doesn't suffer from the problem of xfs_finish_page_writeback(). Looking at other usage of "b_this_page" in my kernel, they all seem valid, and similar to what Linus's tree has.
Looking at b_private usage to link buffer heads, the only suspicious code is in xfs_submit_ioend(): 

       for (bh = ioend->io_buffer_head; bh; bh = bh->b_private) {

           if (!bio) {
retry:
               bio = xfs_alloc_ioend_bio(bh);
           } else if (bh->b_blocknr != lastblock + 1) {
               xfs_submit_ioend_bio(wbc, ioend, bio);
               goto retry;
           }

           if (xfs_bio_add_buffer(bio, bh) != bh->b_size) {
               xfs_submit_ioend_bio(wbc, ioend, bio);
               goto retry;
           }

           lastblock = bh->b_blocknr;
       }
Can it happen that when the for loop does "bh = bh->b_private", the bh has already been completed and freed? With this in mind, the "goto retry" also seem suspicious for the same reason. 

What do you think?

Thanks,
Alex.

[1]
STATIC void
xfs_destroy_ioend(
   xfs_ioend_t        *ioend)
{
   struct buffer_head    *bh, *next;

   for (bh = ioend->io_buffer_head; bh; bh = next) {
       next = bh->b_private;
       bh->b_end_io(bh, !ioend->io_error);
   }

   mempool_free(ioend, xfs_ioend_pool);
}
-----Original Message----- From: Holger HoffstÃtte 
Sent: Monday, July 18, 2016 11:18 PM
To: Alex Lyakas ; xfs@xxxxxxxxxxx
Subject: Re: xfs_vm_releasepage() causing BUG at free_buffer_head()

On 07/18/16 20:00, Alex Lyakas wrote:

Greetings XFS community,

We have hit the following BUG [1].

This is in free_buffer_head():
BUG_ON(!list_empty(&bh->b_assoc_buffers));

This is happening in a long-term mainline kernel 3.18.19.

Some googling revealed a possibly-related discussion at:
http://comments.gmane.org/gmane.linux.file-systems/105093
https://lkml.org/lkml/2016/5/30/1007
except that in our case I don't see the "WARN_ON_ONCE(delalloc)" triggered. 

Since you make it past the WARN_ONs that makes it look like this
very recent report from Friday:

http://oss.sgi.com/pipermail/xfs/2016-July/050199.html

Dave posted a patch in that thread which seems ot work fine and so
far hasn't set anything on fire, at least for me on 4.4.x.

cheers,
Holger
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [PATCH 2/1 V2] xfs: remove extraneous buffer flag changes, Carlos Maiolino
Next by Date:  bpm--防范用工风险和化解劳动争议?, Zijk
Previous by Thread:  Re: xfs_vm_releasepage() causing BUG at free_buffer_head(), Holger HoffstÃtte
Next by Thread:  Re: xfs_vm_releasepage() causing BUG at free_buffer_head(), Holger HoffstÃtte
Indexes:  [Date] [Thread] [Top] [All Lists]