Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: zfs-linux (Ubuntu Focal)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1900889
Title:
BUG: kernel NULL pointer dereference, address: 0000000000000000
Status in zfs-linux package in Ubuntu:
Fix Released
Status in zfs-linux source package in Focal:
Confirmed
Status in zfs-linux source package in Groovy:
Confirmed
Status in zfs-linux source package in Hirsute:
Fix Released
Bug description:
While zfs send'ing from Bionic to Focal, my send/recv hung midway and
I found this in the receiver's dmesg:
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] SMP PTI
CPU: 0 PID: 94310 Comm: receive_writer Tainted: P O
5.4.0-52-generic #57-Ubuntu
Hardware name: System manufacturer System Product Name/C60M1-I, BIOS 0502
05/22/2014
RIP: 0010:abd_verify+0xa/0x40 [zfs]
Code: ff 85 c0 74 12 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 5b 5d c3 e8
04 ff ff ff eb e7 c3 90 55 48 89 e5 41 54 53 48 89 fb <8b> 3f e8 0f ff ff ff 85
c0 75 22 44 8b 63 1c 48 8b 7b 20 4d 85 e4
RSP: 0018:ffffb797c555baa8 EFLAGS: 00010286
RAX: 0000000000004000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000004000 RSI: 0000000000004000 RDI: 0000000000000000
RBP: ffffb797c555bab8 R08: 0000000000000253 R09: 0000000000000000
R10: ffff953b56a17848 R11: 0000000000000000 R12: 0000000000004000
R13: ffff953ad201d280 R14: 0000000000004000 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff953b56a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 0000000151ab4000 CR4: 00000000000006f0
Call Trace:
abd_borrow_buf+0x19/0x60 [zfs]
abd_borrow_buf_copy+0x1a/0x50 [zfs]
zio_crypt_copy_dnode_bonus+0x30/0x130 [zfs]
arc_buf_untransform_in_place.isra.0+0x2b/0x40 [zfs]
arc_buf_fill+0x1f0/0x4a0 [zfs]
arc_untransform+0x22/0x90 [zfs]
dbuf_read_verify_dnode_crypt+0xed/0x160 [zfs]
? atomic_cmpxchg+0x16/0x30 [zfs]
dbuf_read_impl+0x3ea/0x610 [zfs]
dbuf_read+0xcb/0x5f0 [zfs]
? arc_space_consume+0x54/0xe0 [zfs]
? do_raw_spin_unlock+0x9/0x10 [zfs]
? __raw_spin_unlock+0x9/0x10 [zfs]
dmu_bonus_hold_by_dnode+0x92/0x190 [zfs]
receive_object+0x442/0xae0 [zfs]
? __list_del_entry.isra.0+0x22/0x30 [zfs]
? atomic_dec+0xd/0x20 [spl]
receive_process_record+0x170/0x1c0 [zfs]
receive_writer_thread+0x9a/0x150 [zfs]
? receive_process_record+0x1c0/0x1c0 [zfs]
thread_generic_wrapper+0x83/0xa0 [spl]
kthread+0x104/0x140
? clear_bit+0x20/0x20 [spl]
? kthread_park+0x90/0x90
ret_from_fork+0x22/0x40
Modules linked in: ip6table_filter ip6_tables xt_conntrack iptable_filter
bpfilter zfs(PO) zunicode(PO) zavl(PO) icp(PO) zcommon(PO) znvpair(PO) spl(O)
nls_iso8859_1 zlua(PO) eeepc_wmi asus_wmi sparse_keymap wmi_bmof video ccp
radeon kvm r8169 realtek k10temp ttm i2c_piix4 drm_kms_helper i2c_algo_bit
fb_sys_fops syscopyarea sysfillrect sysimgblt wmi sch_fq_codel nf_conntrack
nf_defrag_ipv6 nf_defrag_ipv4 veth bridge 8021q garp mrp stp llc xt_tcpudp
xt_owner xt_LOG nf_log_ipv6 nf_log_ipv4 nf_log_common drm ip_tables x_tables
autofs4 btrfs libcrc32c xor zstd_compress raid6_pq hid_generic usbhid hid ahci
libahci mac_hid
CR2: 0000000000000000
---[ end trace 374aa76997d6bc9b ]---
RIP: 0010:abd_verify+0xa/0x40 [zfs]
Code: ff 85 c0 74 12 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 5b 5d c3 e8
04 ff ff ff eb e7 c3 90 55 48 89 e5 41 54 53 48 89 fb <8b> 3f e8 0f ff ff ff 85
c0 75 22 44 8b 63 1c 48 8b 7b 20 4d 85 e4
RSP: 0018:ffffb797c555baa8 EFLAGS: 00010286
RAX: 0000000000004000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000004000 RSI: 0000000000004000 RDI: 0000000000000000
RBP: ffffb797c555bab8 R08: 0000000000000253 R09: 0000000000000000
R10: ffff953b56a17848 R11: 0000000000000000 R12: 0000000000004000
R13: ffff953ad201d280 R14: 0000000000004000 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff953b56a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 0000000151ab4000 CR4: 00000000000006f0
The receiving side uses ZFS native encryption and had the key manually
loaded before sending/receiving. The sending side is unencrypted. The
recv hung after 611MiB out of the 990.4 MB delta.
Additional information:
sending side is a laptop running Bionic:
$ uname -a
Linux simon-lemur 5.4.0-52-generic #57~18.04.1-Ubuntu SMP Thu Oct 15 14:04:49
UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ dpkg -l| grep zfs
ii libzfs2linux 0.7.5-1ubuntu16.10
amd64 OpenZFS filesystem library for Linux
ii zfsutils-linux 0.7.5-1ubuntu16.10
amd64 command-line tools to manage OpenZFS filesystems
receiving side is a small server running Focal:
$ uname -a
Linux ocelot 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020
x86_64 x86_64 x86_64 GNU/Linux
$ dpkg -l| grep zfs
ii libzfs2linux 0.8.3-1ubuntu12.4
amd64 OpenZFS filesystem library for Linux
ii zfs-zed 0.8.3-1ubuntu12.4
amd64 OpenZFS Event Daemon
ii zfsutils-linux 0.8.3-1ubuntu12.4
amd64 command-line tools to manage OpenZFS filesystems
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1900889/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
