xfs-masters
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[xfs-masters] [Bug 6249] New: mounting unclean fs from x86_64 on i386 ca

from [bugme-daemon] [Permanent Link][Original]
To: xfs-masters@xxxxxxxxxxx
Subject: [xfs-masters] [Bug 6249] New: mounting unclean fs from x86_64 on i386 causes oopses
From: bugme-daemon@xxxxxxxxxxxxxxxxxxx
Date: Sun, 19 Mar 2006 08:55:42 -0800
Reply-to: xfs-masters@xxxxxxxxxxx
Sender: xfs-masters-bounce@xxxxxxxxxxx 
http://bugzilla.kernel.org/show_bug.cgi?id=6249

           Summary: mounting unclean fs from x86_64 on i386 causes oopses
    Kernel Version: 2.6.16-rc6
            Status: NEW
          Severity: high
             Owner: xfs-masters@xxxxxxxxxxx
         Submitter: vsu@xxxxxxxxxxxx


When an XFS filesystem was not cleanly unmounted on an x86_64 kernel, attempting
to mount it on an i386 kernel fails (in many cases with a kernel oops). 
Mounting a dirty filesystem from i386 on x86_64 also fails in the same way.

Here is a simple test case:

# dd if=/dev/zero of=t1.img bs=1M count=100
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 0.337117 seconds, 311 MB/s
# mkfs.xfs t1.img 
meta-data=t1.img                 isize=256    agcount=6, agsize=4096 blks
         =                       sectsz=512  
data     =                       bsize=4096   blocks=24576, imaxpct=25
         =                       sunit=0      swidth=0 blks, unwritten=1
naming   =version 2              bsize=4096  
log      =internal log           bsize=4096   blocks=1200, version=1
         =                       sectsz=512   sunit=0 blks
realtime =none                   extsz=65536  blocks=0, rtextents=0
# mkdir mnt
# mount -o loop t1.img mnt/
# mkdir mnt/test
# sync
# cp t1.img t2.img
# umount mnt/
# bzip2 <t2.img >t2.img.bz2

This creates image of an unclean XFS filesystem in t2.img.

Creating the image on x86_64 and trying "mount -o loop t2.img mnt/" on a kernel
compiled for i586 produced this oops:

XFS mounting filesystem loop8
Starting XFS recovery on filesystem: loop8 (logdev: internal)
Unable to handle kernel NULL pointer dereference at virtual address 00000000
 printing eip:
c013f732
*pde = 338eb001
*pte = 00000000
Oops: 0000 [#1]
SMP 
Modules linked in: binfmt_misc af_packet lp autofs4 radeon drm thermal processor
ohci1394 ieee1394 amd64_agp agpgart snd_mpu401 analog ns558 parport_pc parport
floppy tsdev usblp usbhid usb_storage libusual uhci_hcd ehci_hcd usbcore
snd_via82xx gameport snd_ac97_codec snd_pcm_oss snd_seq_dummy snd_seq_oss
snd_seq_midi_event snd_seq snd_mixer_oss snd_ac97_bus snd_pcm snd_timer
snd_page_alloc snd_mpu401_uart snd_rawmidi snd_seq_device snd soundcore w83627hf
hwmon_vid hwmon eeprom i2c_isa i2c_viapro i2c_core 8139too mii sk98lin reiserfs
isofs zlib_inflate loop ntfs nls_koi8_r nls_cp866 vfat fat nls_base ext2 mbcache
raid0 dm_mod ppp_generic slhc ide_cd cdrom pcspkr psmouse button rtc xfs
exportfs sata_via libata sd_mod scsi_mod ide_disk ide_generic generic via82cxxx
ide_core
CPU:    0
EIP:    0060:[<c013f732>]    Not tainted VLI
EFLAGS: 00010256   (2.6.16-std26-smp-alt0.1.rc6.git10 #1) 
EIP is at page_address+0x6/0x82
eax: 00000000   ebx: 00000000   ecx: 00000000   edx: 00000000
esi: 00000000   edi: 00000000   ebp: f7bf3c6c   esp: f3d51b58
ds: 007b   es: 007b   ss: 0068
Process mount (pid: 8441, threadinfo=f3d50000 task=f7e8c560)
Stack: <0>00000010 00000000 00000000 f7bf3c6c f8979363 00004000 f896594b 
00000018 
       00000000 00000000 00000083 f7bf3e24 f38e2c00 f38eaec0 f3c21a40 00000000 
       00000040 00000000 f89657ff 00100000 f38e2c00 f3c21c60 f3c4da80 00000000 
Call Trace:
 [<f8979363>] xfs_buf_offset+0x2d/0x31 [xfs]
 [<f896594b>] xlog_recover_do_inode_trans+0x140/0x735 [xfs]
 [<f89657ff>] xlog_recover_do_buffer_trans+0x233/0x23f [xfs]
 [<f896628d>] xlog_recover_do_trans+0x84/0x111 [xfs]
 [<f89663a2>] xlog_recover_commit_trans+0x20/0x30 [xfs]
 [<f8966523>] xlog_recover_process_data+0x160/0x1dc [xfs]
 [<f89671af>] xlog_do_recovery_pass+0x2e0/0x7f5 [xfs]
 [<c011562b>] __wake_up+0x29/0x3c
 [<f8967732>] xlog_do_log_recovery+0x6e/0x94 [xfs]
 [<f896776a>] xlog_do_recover+0x12/0xf7 [xfs]
 [<f89678ca>] xlog_recover+0x7b/0x8c [xfs]
 [<f8960a90>] xfs_log_mount+0x8a/0xca [xfs]
 [<f8968ee4>] xfs_mountfs+0x983/0xbfa [xfs]
 [<c01155a5>] default_wake_function+0x0/0xc
 [<c019dd48>] _atomic_dec_and_lock+0x2c/0x48
 [<f8978c7b>] xfs_buf_rele+0x23/0x75 [xfs]
 [<f896ede8>] xfs_mount+0x2d1/0x342 [xfs]
 [<f897ebc2>] vfs_mount+0x1a/0x1d [xfs]
 [<f897ea88>] linvfs_fill_super+0x76/0x183 [xfs]
 [<c01a0c76>] snprintf+0x17/0x1a
 [<c017e95b>] disk_name+0x1f/0x60
 [<c0156740>] get_sb_bdev+0xc2/0x10a
 [<c013a3e7>] __alloc_pages+0x46/0x25c
 [<f897eba3>] linvfs_get_sb+0xe/0x13 [xfs]
 [<f897ea12>] linvfs_fill_super+0x0/0x183 [xfs]
 [<c0156922>] do_kern_mount+0x8a/0x131
 [<c016862d>] do_new_mount+0x61/0x90
 [<c0168bb3>] do_mount+0x199/0x1b1
 [<c013a3e7>] __alloc_pages+0x46/0x25c
 [<c0168e60>] sys_mount+0x6f/0xa8
 [<c0102659>] syscall_call+0x7/0xb
Code: 08 0f 0b e2 01 ce a2 27 c0 89 d8 5b e9 c4 fd ff ff 5b c3 69 c0 01 00 37 9e
c1 e8 19 c1 e0 07 05 00 b4 35 c0 c3 55 57 56 53 89 c3 <8b> 00 c1 e8 1e 8b 14 85
e0 77 2f c0 8b 82 0c 06 00 00 05 80 13 
 
Creating the image on i386 and mounting it on x86_64 did not give an oops, but
mount still failed with these kernel messages:

XFS mounting filesystem loop0
Starting XFS recovery on filesystem: loop0 (logdev: internal)
attempt to access beyond end of device
loop0: rw=0, want=68719476984, limit=204800
attempt to access beyond end of device
loop0: rw=0, want=68719477232, limit=204800
attempt to access beyond end of device
loop0: rw=0, want=68719477480, limit=204800
attempt to access beyond end of device
loop0: rw=0, want=68719477504, limit=204800
I/O error in filesystem ("loop0") meta-data dev loop0 block 0x1000000000      
("xlog_recover_do..(read#2)") error 5 buf count 393216
XFS: log mount/recovery failed: error 5
XFS: log mount failed

However, with another XFS filesystem a similar case (a dirty filesystem from
i386 mounted on x86_64) gave this oops:

XFS mounting filesystem sda11
Starting XFS recovery on filesystem: sda11 (logdev: internal)
Unable to handle kernel NULL pointer dereference at 0000000000000008 RIP: 
<ffffffff8011aa28>{page_to_pfn+0}
PGD 3ec54067 PUD 3e42e067 PMD 0 
Oops: 0000 [1] SMP 
CPU 0 
Modules linked in: xfs exportfs raid0 dm_mod rtc ext3 jbd mbcache sata_via
libata sd_mod scsi_mod ide_disk ide_generic generic via82cxxx ide_core
Pid: 699, comm: mount Not tainted 2.6.16-std26-smp-alt0.1.rc6 #1
RIP: 0010:[<ffffffff8011aa28>] <ffffffff8011aa28>{page_to_pfn+0}
RSP: 0000:ffff81003ce49750  EFLAGS: 00010212
RAX: ffff81003db31cc8 RBX: 0000000000000100 RCX: 0000001000000000
RDX: 0000000000000008 RSI: 0000000000008100 RDI: 0000000000000001
RBP: ffff81003cb26f80 R08: 0000000000000000 R09: ffff81003db31b48
R10: 0000000000000246 R11: ffffffff880602a4 R12: ffff81003db31b48
R13: 0000000000000000 R14: ffff81003ed39000 R15: 0000000000000000
FS:  000000000050dae0(0000) GS:ffffffff803c2000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000008 CR3: 000000003f2e5000 CR4: 00000000000006e0
Process mount (pid: 699, threadinfo ffff81003ce48000, task ffff81003f90e040)
Stack: ffffffff8811b6be ffff81003e73d400 ffffffff88108fc8 ffff810000000000 
       ffff81003e73da00 0000000000000246 ffffffff802a580b 0000000000000001 
       ffff81003f90e040 ffffffff80124146 
Call Trace: <ffffffff8811b6be>{:xfs:xfs_buf_offset+57}
       <ffffffff88108fc8>{:xfs:xlog_recover_process_data+2581}
       <ffffffff802a580b>{__down+237} 
<ffffffff80124146>{default_wake_function+0}
       <ffffffff801c7441>{kobject_release+0}
<ffffffff8810a3ee>{:xfs:xlog_do_recovery_pass+630}
       <ffffffff88121781>{:xfs:cmn_err+273}
<ffffffff8810a8c9>{:xfs:xlog_recover+203}
       <ffffffff881056d1>{:xfs:xfs_log_mount+1299}
<ffffffff88118853>{:xfs:kmem_alloc+91}
       <ffffffff8810c3c0>{:xfs:xfs_mountfs+2381}
<ffffffff8811bf9e>{:xfs:.text.lock.xfs_buf+5}
       <ffffffff801c6b95>{_atomic_dec_and_lock+57}
<ffffffff8811b88f>{:xfs:xfs_setsize_buftarg_flags+48}
       <ffffffff8811127b>{:xfs:xfs_mount+1913}
<ffffffff88120e54>{:xfs:linvfs_fill_super+150}
       <ffffffff802a5420>{__down_write+18} 
<ffffffff8013fb96>{debug_mutex_init+20}
       <ffffffff80185246>{get_filesystem+18} <ffffffff80172c66>{sget+927}
       <ffffffff80173353>{set_bdev_super+0}
<ffffffff88120dbe>{:xfs:linvfs_fill_super+0}
       <ffffffff8017348e>{get_sb_bdev+246} <ffffffff801736c5>{do_kern_mount+161}
       <ffffffff801872bc>{do_mount+1737} 
<ffffffff8017a3cc>{__link_path_walk+3624}
       <ffffffff80185c6c>{mntput_no_expire+23}
<ffffffff8017a49f>{link_path_walk+194}
       <ffffffff8013c5d9>{bit_waitqueue+53} <ffffffff8017c042>{do_unlinkat+233}
       <ffffffff8017a707>{do_path_lookup+602} 
<ffffffff8017aae9>{__user_walk_fd+65}
       <ffffffff8014fb38>{__alloc_pages+81} <ffffffff801875e6>{sys_mount+139}
       <ffffffff8010a91a>{system_call+126}

Code: 48 0f b6 47 07 48 8b 14 c5 00 ba 3c 80 48 b8 b7 6d db b6 6d 
RIP <ffffffff8011aa28>{page_to_pfn+0} RSP <ffff81003ce49750>
CR2: 0000000000000008

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [xfs-masters] [Bug 6249] New: mounting unclean fs from x86_64 on i386 causes oopses, bugme-daemon <=
Previous by Date:  [xfs-masters] (no subject), livecamaccess
Next by Date:  [xfs-masters] [Bug 6249] mounting unclean fs from x86_64 on i386 causes oopses, bugme-daemon
Previous by Thread:  [xfs-masters] (no subject), livecamaccess
Next by Thread:  [xfs-masters] [Bug 6249] mounting unclean fs from x86_64 on i386 causes oopses, bugme-daemon
Indexes:  [Date] [Thread] [Top] [All Lists]