【标题描述】能够简要描述问题:说明什么场景下,做了什么操作,出现什么问题(尽量使用正向表达方式)
【环境信息】
硬件信息:
1) 裸机场景提供出问题的硬件信息;
2) 虚机场景提供虚机XML文件或者配置信息
软件信息:
1) OS版本及分支
2) 内核信息
3) 发现问题的组件版本信息
如果有特殊组网,请提供网络拓扑图
【问题复现步骤】
具体操作步骤
出现概率(是否必现,概率性错误)
【预期结果】
描述预期结果,可以通过对比新老版本获取
【实际结果】
描述出问题的结果
【附件信息】
比如系统message日志/组件日志、dump信息、图片等
Hi yang-erkun, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers: @YangYingliang , @成坚 (CHENG Jian) , @jiaoff , @刘勇强 , @wangxiongfeng , @朱科潜 , @WangShaoBo , @lujialin , @Xu Kuohai , @冷嘲啊 , @Lingmingqiang , @yuzenghui , @juntian , @OSSIM , @陈结松 , @whoisxxx , @koulihong , @刘恺 , @hanjun-guo , @woqidaideshi , @Chiqijun , @Kefeng , @ThunderTown , @AlexGuo , @kylin-mayukun , @Zheng Zucheng , @柳歆 , @Jackie Liu , @zhujianwei001 , @郑振鹏 , @SuperSix173 , @colyli , @Zhang Yi , @htforge , @Qiuuuuu , @Yuehaibing , @xiehaocheng , @guzitao , @CTC-Xibo.Wang , @zhanghongchen , @chen wei , @Jason Zeng , @苟浩 , @DuanqiangWen , @georgeguo , @毛泓博 , @AllenShi , @zhangjialin , @Wei Li , @tcc@hello , @谭小飞 , @Fred Kimmy , @LiYihang , @young1c , @hucz , @WangBoe2022 , @chenke , @李力军 , @Yang Shen , @wsoydl , @sanglipeng , @zhangchangzhong , @jimmy_hero , @YGN-NDWD-Official , @Xie XiuQi , @zhengzengkai
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
[515647.099877] ==================================================================
[515647.125027] BUG: KASAN: use-after-free in __wake_up_common+0x622/0x6e0
[515647.125053] Read of size 8 at addr ffff8880220dcda0 by task kworker/2:1H/108
[515647.125071]
[515647.125144] CPU: 2 PID: 108 Comm: kworker/2:1H Not tainted 5.10.0-g25d42c5b82d4 #1
[515647.125165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[515647.125224] Workqueue: xfs-log/vda1 xlog_ioend_work
[515647.125246] Call Trace:
[515647.125320] ? dump_stack+0x10d/0x163
[515647.125342] ? __wake_up_common+0x622/0x6e0
[515647.125378] ? print_address_description.constprop.2+0x2c/0x390
[515647.125419] ? kthread+0x415/0x4f0
[515647.125446] ? vprintk_func+0x97/0x1d0
[515647.125531] ? irq_work_claim+0x26/0x110
[515647.125555] ? __wake_up_common+0x622/0x6e0
[515647.125572] ? __wake_up_common+0x622/0x6e0
[515647.125609] ? kasan_report.cold.5+0x56/0xba
[515647.125626] ? __wake_up_common+0x622/0x6e0
[515647.125645] ? __asan_report_load8_noabort+0x20/0x30
[515647.125675] ? __wake_up_common+0x622/0x6e0
[515647.125705] ? __wake_up_common_lock+0xe2/0x150
[515647.125726] ? __wake_up_locked+0x30/0x30
[515647.125817] ? __wake_up+0x17/0x20
[515647.125861] ? xfs_buf_item_unpin+0x5d9/0xad0
[515647.125879] ? xfs_buf_item_done+0xd0/0xd0
[515647.125919] ? xfs_trans_committed_bulk+0x813/0xc50
[515647.125940] ? xlog_state_do_callback+0x78b/0xe80
[515647.125961] ? __xfs_trans_commit+0x1300/0x1300
[515647.126002] ? __kasan_check_write+0x20/0x30
[515647.126023] ? rcu_segcblist_inc_len+0x1f/0x40
[515647.126066] ? __remove_object+0x160/0x160
[515647.126182] ? blk_mq_dispatch_rq_list+0x11df/0x2790
[515647.126222] ? sbitmap_any_bit_set+0x17a/0x1c0
[515647.126265] ? __kasan_slab_free+0x14b/0x220
[515647.126287] ? blk_mq_do_dispatch_ctx+0x150/0x720
[515647.126302] ? xlog_cil_committed+0x265/0x1140
[515647.126333] ? _raw_spin_lock_irq+0x120/0x120
[515647.126353] ? _raw_spin_lock_irqsave+0xa8/0x130
[515647.126373] ? __blk_mq_sched_dispatch_requests+0x4d2/0x6a0
[515647.126396] ? xlog_discard_endio_work+0xd0/0xd0
[515647.126468] ? _raw_read_unlock_irqrestore+0x50/0x50
[515647.126521] ? blk_mq_sched_dispatch_requests+0x127/0x1e0
[515647.126542] ? __kasan_check_read+0x1d/0x30
[515647.126557] ? xlog_cil_process_committed+0x15b/0x280
[515647.126583] ? xlog_state_done_syncing+0x21c/0x400
[515647.126616] ? xlog_state_do_callback+0x78b/0xe80
[515647.126638] ? xlog_grant_push_ail+0x100/0x100
[515647.126657] ? _raw_spin_lock_irq+0x120/0x120
[515647.126685] ? xlog_ioend_work+0x16c/0x2a0
[515647.126706] ? xlog_state_done_syncing+0x21c/0x400
[515647.126737] ? xlog_ioend_work+0x16c/0x2a0
[515647.126754] ? process_one_work+0x7e0/0x1560
[515647.126771] ? wq_worker_running+0x156/0x1a0
[515647.126813] ? worker_thread+0x5e9/0x1170
[515647.126943] ? __kasan_check_read+0x1d/0x30
[515647.206175] ? __kthread_parkme+0x108/0x180
[515647.207075] ? rescuer_thread+0xe90/0xe90
[515647.207962] ? kthread+0x415/0x4f0
[515647.208724] ? __kthread_parkme+0x180/0x180
[515647.211027] ? ret_from_fork+0x1f/0x30
[515647.211918]
[515647.212277] Allocated by task 28970:
[515647.213203] kasan_save_stack+0x21/0x60
[515647.218391] __kasan_kmalloc.constprop.0+0x10a/0x120
[515647.221299] kasan_slab_alloc+0x15/0x20
[515647.222266] kmem_cache_alloc+0x26e/0xb20
[515647.223244] _xfs_buf_alloc+0x7d/0x1000
[515647.224222] xfs_buf_get_map+0x166/0x8c0
[515647.225418] xfs_buf_read_map+0xda/0xa20
[515647.226373] xfs_trans_read_buf_map+0xf84/0x1080
[515647.227461] xfs_read_agf+0x24d/0x550
[515647.228354] xfs_alloc_read_agf+0x8b/0xff0
[515647.229313] xfs_alloc_fix_freelist+0x7d4/0x11f0
[515647.230356] xfs_free_extent_fix_freelist+0x12c/0x250
[515647.231583] __xfs_free_extent+0x1ad/0x550
[515647.232675] xfs_trans_free_extent+0x10c/0x530
[515647.233745] xfs_extent_free_finish_item+0xd7/0x180
[515647.234902] xfs_defer_finish_noroll+0xc4b/0x2180
[515647.277598] xfs_defer_finish+0x23/0x2f0
[515647.278577] xfs_itruncate_extents_flags+0x48e/0xe80
[515647.279753] xfs_inactive_truncate+0x1cf/0x350
[515647.280839] xfs_inactive+0x89b/0xa70
[515647.281803] xfs_inodegc_worker+0x24d/0x550
[515647.282788] process_one_work+0x7e0/0x1560
[515647.283778] worker_thread+0x5e9/0x1170
[515647.284727] kthread+0x415/0x4f0
[515647.285461] ret_from_fork+0x1f/0x30
[515647.286225]
[515647.286580] Freed by task 30263:
[515647.290269] kasan_save_stack+0x21/0x60
[515647.291336] kasan_set_track+0x24/0x40
[515647.292262] kasan_set_free_info+0x2b/0x50
[515647.293371] __kasan_slab_free+0x131/0x220
[515647.294378] kasan_slab_free+0x12/0x20
[515647.295346] kmem_cache_free+0x12b/0xa00
[515647.296442] xfs_buf_free+0x434/0x710
[515647.297463] xfs_buf_rele+0x9ef/0x15e0
[515647.298547] xfs_buftarg_shrink_scan+0x1f4/0x330
[515647.299980] do_shrink_slab+0x3ca/0xc40
[515647.303495] shrink_slab+0x1c1/0x880
[515647.308513] drop_slab_node+0xb0/0x180
[515647.309451] drop_slab+0x5a/0xa0
[515647.310188] drop_caches_sysctl_handler+0x127/0x1e0
[515647.311209] proc_sys_call_handler+0x489/0x5e0
[515647.312120] proc_sys_write+0x2a/0x40
[515647.312898] new_sync_write+0x515/0x750
[515647.313696] vfs_write+0x69b/0x970
[515647.314708] ksys_write+0x118/0x2b0
[515647.315434] __x64_sys_write+0x94/0xe0
[515647.316214] do_syscall_64+0x45/0x70
[515647.316977] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[515647.318054]
[515647.318414] The buggy address belongs to the object at ffff8880220dcd40
[515647.318414] which belongs to the cache xfs_buf of size 392
[515647.320932] The buggy address is located 96 bytes inside of
[515647.320932] 392-byte region [ffff8880220dcd40, ffff8880220dcec8)
[515647.323356] The buggy address belongs to the page:
[515647.324382] page:ffffea0000883700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x220dc
[515647.326458] head:ffffea0000883700 order:2 compound_mapcount:0 compound_pincount:0
[515647.347232] flags: 0x1fffff80010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)
[515647.348763] raw: 001fffff80010200 ffffea00007f1c08 ffff88801500aa70 ffff8880150010c0
[515647.350398] raw: 0000000000000000 0000000000130013 00000001ffffffff 0000000000000000
[515647.352157] page dumped because: kasan: bad access detected
[515647.353567]
[515647.353965] Memory state around the buggy address:
[515647.359486] ffff8880220dcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[515647.361004] ffff8880220dcd00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[515647.362525] >ffff8880220dcd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[515647.364054] ^
[515647.364994] ffff8880220dce00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[515647.366250] ffff8880220dce80: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc
[515647.367570] ==================================================================
[515647.369086] Disabling lock debugging due to kernel taint
[515647.370217] ------------[ cut here ]------------
[515647.387646] kernel BUG at mm/kasan/report.c:110!
[515647.389047] invalid opcode: 0000 [#1] SMP KASAN
[515647.390187] CPU: 2 PID: 108 Comm: kworker/2:1H Tainted: G B 5.10.0-g25d42c5b82d4 #1
[515647.392215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[515647.394766] Workqueue: xfs-log/vda1 xlog_ioend_work
[515647.395826] RIP: 0010:end_report.cold.3+0x20/0x58
[515647.396828] Code: 5d 41 5c 41 5d 41 5e 41 5f c3 48 83 05 d9 71 19 0d 01 e9 65 94 bb fd 48 8b 05 ad 77 19 0d 48 83 05 0d 72 19 0d 01 a8 02 74 1a <0f> 0b 48 83 05 0f 72 19 0d 01 48 83 05 0f 72 19 0d 01 48 83 05 0f
[515647.400730] RSP: 0000:ffff8881065d7690 EFLAGS: 00010046
登录 后才可以发表评论