Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Wednesday 06 April 2011 19:15:41 Josef Bacik wrote: On Wed, Apr 06, 2011 at 01:10:38PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 23:57:53 Josef Bacik wrote: Now it hit Man I cannot catch a break. I hope this is the last one. Thanks, Ok I give up, I just cleaned it all up and don't mark the pages as dirty unless we're actually going to succeed at writing them. This should fix everything --- fs/btrfs/ctree.h|5 ++ fs/btrfs/file.c | 21 +++ fs/btrfs/free-space-cache.c | 117 --- 3 files changed, 69 insertions(+), 74 deletions(-) diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h index 3458b57..0d00a07 100644 --- a/fs/btrfs/ctree.h +++ b/fs/btrfs/ctree.h @@ -2576,6 +2576,11 @@ int btrfs_drop_extents(struct btrfs_trans_handle *trans, struct inode *inode, int btrfs_mark_extent_written(struct btrfs_trans_handle *trans, struct inode *inode, u64 start, u64 end); int btrfs_release_file(struct inode *inode, struct file *file); +void btrfs_drop_pages(struct page **pages, size_t num_pages); +int btrfs_dirty_pages(struct btrfs_root *root, struct inode *inode, + struct page **pages, size_t num_pages, + loff_t pos, size_t write_bytes, + struct extent_state **cached); /* tree-defrag.c */ int btrfs_defrag_leaves(struct btrfs_trans_handle *trans, diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c index e621ea5..75899a0 100644 --- a/fs/btrfs/file.c +++ b/fs/btrfs/file.c @@ -104,7 +104,7 @@ static noinline int btrfs_copy_from_user(loff_t pos, int num_pages, /* * unlocks pages after btrfs_file_write is done with them */ -static noinline void btrfs_drop_pages(struct page **pages, size_t num_pages) +void btrfs_drop_pages(struct page **pages, size_t num_pages) { size_t i; for (i = 0; i num_pages; i++) { @@ -127,16 +127,13 @@ static noinline void btrfs_drop_pages(struct page **pages, size_t num_pages) * this also makes the decision about creating an inline extent vs * doing real data extents, marking pages dirty and delalloc as required. */ -static noinline int dirty_and_release_pages(struct btrfs_root *root, - struct file *file, - struct page **pages, - size_t num_pages, - loff_t pos, - size_t write_bytes) +int btrfs_dirty_pages(struct btrfs_root *root, struct inode *inode, + struct page **pages, size_t num_pages, + loff_t pos, size_t write_bytes, + struct extent_state **cached) { int err = 0; int i; - struct inode *inode = fdentry(file)-d_inode; u64 num_bytes; u64 start_pos; u64 end_of_last_block; @@ -149,7 +146,7 @@ static noinline int dirty_and_release_pages(struct btrfs_root *root, end_of_last_block = start_pos + num_bytes - 1; err = btrfs_set_extent_delalloc(inode, start_pos, end_of_last_block, - NULL); + cached); if (err) return err; @@ -992,9 +989,9 @@ static noinline ssize_t __btrfs_buffered_write(struct file *file, } if (copied 0) { - ret = dirty_and_release_pages(root, file, pages, - dirty_pages, pos, - copied); + ret = btrfs_dirty_pages(root, inode, pages, + dirty_pages, pos, copied, + NULL); if (ret) { btrfs_delalloc_release_space(inode, dirty_pages PAGE_CACHE_SHIFT); diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index f561c95..a3f420d 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -508,6 +508,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct inode *inode; struct rb_node *node; struct list_head *pos, *n; + struct page **pages; struct page *page; struct extent_state *cached_state = NULL; struct btrfs_free_cluster *cluster = NULL; @@ -517,13 +518,13 @@ int btrfs_write_out_cache(struct btrfs_root *root, u64 start, end, len; u64 bytes = 0; u32 *crc, *checksums; - pgoff_t index = 0, last_index = 0; unsigned long first_page_offset; - int num_checksums; + int index = 0, num_pages = 0; int entries = 0; int bitmaps = 0; int ret = 0; bool next_page = false; + bool out_of_space = false; root = root-fs_info-tree_root;
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Wed, Apr 06, 2011 at 02:47:28PM -0600, Jordan Patterson wrote: Hi Josef: I tried your latest patch, since I had the same issue from the first email. With the patch applied, I am now hitting the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1246 as soon as I mount the filesystem, with or without -o clear_cache. It works fine in 2.6.38. I get the same error after mounting with clear_cache under 2.6.38 and rebooting into the current kernel with your patch. Do you have a backtrace so I can see how we're getting here? This is a seperate issue from the one this patch tries to solve, but now that it seems that's fixed I will work on this now :). Thanks, Josef -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Thu, Apr 7, 2011 at 9:44 AM, Jordan Patterson jord...@gmail.com wrote: On Thu, Apr 7, 2011 at 7:17 AM, Josef Bacik jo...@redhat.com wrote: On Wed, Apr 06, 2011 at 02:47:28PM -0600, Jordan Patterson wrote: Hi Josef: I tried your latest patch, since I had the same issue from the first email. With the patch applied, I am now hitting the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1246 as soon as I mount the filesystem, with or without -o clear_cache. It works fine in 2.6.38. I get the same error after mounting with clear_cache under 2.6.38 and rebooting into the current kernel with your patch. Do you have a backtrace so I can see how we're getting here? This is a seperate issue from the one this patch tries to solve, but now that it seems that's fixed I will work on this now :). Thanks, Josef I wasn't able to test until now, but Johannes' suggestion may have fixed the issue for me. I added clear_cache to my rootflags in grub, and it is now mounted fine with the current btrfs code with your last patch. I don't have the backtrace, but I'll send it to you it if I see it happen again. Thanks. Jordan -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Tuesday 05 April 2011 23:57:53 Josef Bacik wrote: Now it hit Man I cannot catch a break. I hope this is the last one. Thanks, Josef --- fs/btrfs/free-space-cache.c | 32 1 files changed, 32 insertions(+), 0 deletions(-) diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..b8052be 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -522,6 +522,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, int bitmaps = 0; int ret = 0; bool next_page = false; + bool out_of_space = false; root = root-fs_info-tree_root; @@ -629,6 +630,11 @@ int btrfs_write_out_cache(struct btrfs_root *root, offset = start_offset; } + if (index last_index) { + out_of_space = true; + break; + } + page = find_get_page(inode-i_mapping, index); addr = kmap(page); @@ -732,6 +738,10 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + if (index last_index) { + out_of_space = true; + break; + } page = find_get_page(inode-i_mapping, index); addr = kmap(page); @@ -754,6 +764,28 @@ int btrfs_write_out_cache(struct btrfs_root *root, index++; } + if (out_of_space) { + page = find_get_page(inode-i_mapping, 0); + + /* + * Have to do the normal stuff in case writeback gets started on + * this page before we invalidate it. + */ + ClearPageChecked(page); + set_page_extent_mapped(page); + SetPageUptodate(page); + set_page_dirty(page); + unlock_page(page); + page_cache_release(page); + page_cache_release(page); + + ret = 0; + unlock_extent_cached(BTRFS_I(inode)-io_tree, 0, + i_size_read(inode) - 1, cached_state, + GFP_NOFS); + goto out_free; + } + /* Zero out the rest of the pages just to make sure */ while (index = last_index) { void *addr; Sorry no, it still hits the BUG() in inode.c (line 1565). It takes longer to hit than before but is still reproducible. -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Wed, Apr 06, 2011 at 01:10:38PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 23:57:53 Josef Bacik wrote: Now it hit Man I cannot catch a break. I hope this is the last one. Thanks, Ok I give up, I just cleaned it all up and don't mark the pages as dirty unless we're actually going to succeed at writing them. This should fix everything --- fs/btrfs/ctree.h|5 ++ fs/btrfs/file.c | 21 +++ fs/btrfs/free-space-cache.c | 117 --- 3 files changed, 69 insertions(+), 74 deletions(-) diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h index 3458b57..0d00a07 100644 --- a/fs/btrfs/ctree.h +++ b/fs/btrfs/ctree.h @@ -2576,6 +2576,11 @@ int btrfs_drop_extents(struct btrfs_trans_handle *trans, struct inode *inode, int btrfs_mark_extent_written(struct btrfs_trans_handle *trans, struct inode *inode, u64 start, u64 end); int btrfs_release_file(struct inode *inode, struct file *file); +void btrfs_drop_pages(struct page **pages, size_t num_pages); +int btrfs_dirty_pages(struct btrfs_root *root, struct inode *inode, + struct page **pages, size_t num_pages, + loff_t pos, size_t write_bytes, + struct extent_state **cached); /* tree-defrag.c */ int btrfs_defrag_leaves(struct btrfs_trans_handle *trans, diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c index e621ea5..75899a0 100644 --- a/fs/btrfs/file.c +++ b/fs/btrfs/file.c @@ -104,7 +104,7 @@ static noinline int btrfs_copy_from_user(loff_t pos, int num_pages, /* * unlocks pages after btrfs_file_write is done with them */ -static noinline void btrfs_drop_pages(struct page **pages, size_t num_pages) +void btrfs_drop_pages(struct page **pages, size_t num_pages) { size_t i; for (i = 0; i num_pages; i++) { @@ -127,16 +127,13 @@ static noinline void btrfs_drop_pages(struct page **pages, size_t num_pages) * this also makes the decision about creating an inline extent vs * doing real data extents, marking pages dirty and delalloc as required. */ -static noinline int dirty_and_release_pages(struct btrfs_root *root, - struct file *file, - struct page **pages, - size_t num_pages, - loff_t pos, - size_t write_bytes) +int btrfs_dirty_pages(struct btrfs_root *root, struct inode *inode, + struct page **pages, size_t num_pages, + loff_t pos, size_t write_bytes, + struct extent_state **cached) { int err = 0; int i; - struct inode *inode = fdentry(file)-d_inode; u64 num_bytes; u64 start_pos; u64 end_of_last_block; @@ -149,7 +146,7 @@ static noinline int dirty_and_release_pages(struct btrfs_root *root, end_of_last_block = start_pos + num_bytes - 1; err = btrfs_set_extent_delalloc(inode, start_pos, end_of_last_block, - NULL); + cached); if (err) return err; @@ -992,9 +989,9 @@ static noinline ssize_t __btrfs_buffered_write(struct file *file, } if (copied 0) { - ret = dirty_and_release_pages(root, file, pages, - dirty_pages, pos, - copied); + ret = btrfs_dirty_pages(root, inode, pages, + dirty_pages, pos, copied, + NULL); if (ret) { btrfs_delalloc_release_space(inode, dirty_pages PAGE_CACHE_SHIFT); diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index f561c95..a3f420d 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -508,6 +508,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct inode *inode; struct rb_node *node; struct list_head *pos, *n; + struct page **pages; struct page *page; struct extent_state *cached_state = NULL; struct btrfs_free_cluster *cluster = NULL; @@ -517,13 +518,13 @@ int btrfs_write_out_cache(struct btrfs_root *root, u64 start, end, len; u64 bytes = 0; u32 *crc, *checksums; - pgoff_t index = 0, last_index = 0; unsigned long first_page_offset; - int num_checksums; + int index = 0, num_pages = 0; int entries = 0; int bitmaps = 0; int ret = 0; bool next_page = false; + bool out_of_space = false; root = root-fs_info-tree_root; @@ -551,24 +552,31 @@ int
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
Hi Josef: I tried your latest patch, since I had the same issue from the first email. With the patch applied, I am now hitting the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1246 as soon as I mount the filesystem, with or without -o clear_cache. It works fine in 2.6.38. I get the same error after mounting with clear_cache under 2.6.38 and rebooting into the current kernel with your patch. Jordan On Wed, Apr 6, 2011 at 11:15 AM, Josef Bacik jo...@redhat.com wrote: On Wed, Apr 06, 2011 at 01:10:38PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 23:57:53 Josef Bacik wrote: Now it hit Man I cannot catch a break. I hope this is the last one. Thanks, Ok I give up, I just cleaned it all up and don't mark the pages as dirty unless we're actually going to succeed at writing them. This should fix everything --- fs/btrfs/ctree.h | 5 ++ fs/btrfs/file.c | 21 +++ fs/btrfs/free-space-cache.c | 117 --- 3 files changed, 69 insertions(+), 74 deletions(-) diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h index 3458b57..0d00a07 100644 --- a/fs/btrfs/ctree.h +++ b/fs/btrfs/ctree.h @@ -2576,6 +2576,11 @@ int btrfs_drop_extents(struct btrfs_trans_handle *trans, struct inode *inode, int btrfs_mark_extent_written(struct btrfs_trans_handle *trans, struct inode *inode, u64 start, u64 end); int btrfs_release_file(struct inode *inode, struct file *file); +void btrfs_drop_pages(struct page **pages, size_t num_pages); +int btrfs_dirty_pages(struct btrfs_root *root, struct inode *inode, + struct page **pages, size_t num_pages, + loff_t pos, size_t write_bytes, + struct extent_state **cached); /* tree-defrag.c */ int btrfs_defrag_leaves(struct btrfs_trans_handle *trans, diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c index e621ea5..75899a0 100644 --- a/fs/btrfs/file.c +++ b/fs/btrfs/file.c @@ -104,7 +104,7 @@ static noinline int btrfs_copy_from_user(loff_t pos, int num_pages, /* * unlocks pages after btrfs_file_write is done with them */ -static noinline void btrfs_drop_pages(struct page **pages, size_t num_pages) +void btrfs_drop_pages(struct page **pages, size_t num_pages) { size_t i; for (i = 0; i num_pages; i++) { @@ -127,16 +127,13 @@ static noinline void btrfs_drop_pages(struct page **pages, size_t num_pages) * this also makes the decision about creating an inline extent vs * doing real data extents, marking pages dirty and delalloc as required. */ -static noinline int dirty_and_release_pages(struct btrfs_root *root, - struct file *file, - struct page **pages, - size_t num_pages, - loff_t pos, - size_t write_bytes) +int btrfs_dirty_pages(struct btrfs_root *root, struct inode *inode, + struct page **pages, size_t num_pages, + loff_t pos, size_t write_bytes, + struct extent_state **cached) { int err = 0; int i; - struct inode *inode = fdentry(file)-d_inode; u64 num_bytes; u64 start_pos; u64 end_of_last_block; @@ -149,7 +146,7 @@ static noinline int dirty_and_release_pages(struct btrfs_root *root, end_of_last_block = start_pos + num_bytes - 1; err = btrfs_set_extent_delalloc(inode, start_pos, end_of_last_block, - NULL); + cached); if (err) return err; @@ -992,9 +989,9 @@ static noinline ssize_t __btrfs_buffered_write(struct file *file, } if (copied 0) { - ret = dirty_and_release_pages(root, file, pages, - dirty_pages, pos, - copied); + ret = btrfs_dirty_pages(root, inode, pages, + dirty_pages, pos, copied, + NULL); if (ret) { btrfs_delalloc_release_space(inode, dirty_pages PAGE_CACHE_SHIFT); diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index f561c95..a3f420d 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -508,6 +508,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct inode *inode; struct rb_node *node; struct list_head *pos, *n; + struct page **pages; struct page *page; struct
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Wednesday 06 April 2011 22:47:28 Jordan Patterson wrote: Hi Josef: I tried your latest patch, since I had the same issue from the first email. With the patch applied, I am now hitting the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1246 as soon as I mount the filesystem, with or without -o clear_cache. It works fine in 2.6.38. I get the same error after mounting with clear_cache under 2.6.38 and rebooting into the current kernel with your patch. Jordan What filesystem is it and how did you mount it with -o clear_cache? If it is your rootfs did you applied clear_cache to /etc/fstab or your bootloader? If it was the latter it won't work. For the rootfs you need to add it to the boot options. For me this worked every time. Josef, is there any way to detect a wrong cache, saved by an pre-2.6.39 kernel and discard it? regards, Johannes -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Tue, Apr 05, 2011 at 07:38:13PM +0200, Johannes Hirte wrote: With the latest btrfs changes, I got this Oops when doing rm on a large directory: BUG: unable to handle kernel NULL pointer dereference at (null) IP: [c101c838] kunmap+0x46/0x46 *pdpt = 34a85001 *pde = Oops: [#1] PREEMPT SMP last sysfs file: /sys/devices/virtual/vtconsole/vtcon1/uevent Modules linked in: snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss fuse dm_crypt dm_mod usbhid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer sr_mod cdrom sg snd fschmd e1000 uhci_hcd snd_page_alloc i2c_i801 [last unloaded: microcode] Pid: 1156, comm: btrfs-transacti Tainted: GW 2.6.39-rc1-00262- gc53813f #20 FUJITSU SIEMENS SCENIC P / SCENICO P/D1561 EIP: 0060:[c101c838] EFLAGS: 00010296 CPU: 1 EIP is at kmap+0x0/0x38 EAX: EBX: ECX: EDX: 0010 ESI: f5bc6400 EDI: f3c75520 EBP: f3c755f0 ESP: f58f9e10 DS: 007b ES: 007b FS: 00d8 GS: SS: 0068 Process btrfs-transacti (pid: 1156, ti=f58f8000 task=f6516f40 task.ti=f58f8000) Stack: c1186d15 ffc22000 f58f9ec0 0010 f3c75610 f5885780 f52339e8 0009 f5bc6400 0001 f6415800 f3c75638 08bb f5bc63c0 f58857b4 f60b68a0 0040 f52338e8 ffc22000 0008 0010 Call Trace: [c1186d15] ? btrfs_write_out_cache+0x60c/0xa3c [c114a815] ? btrfs_write_dirty_block_groups+0x400/0x494 [c11566a7] ? commit_cowonly_roots+0xa9/0x180 [c1157799] ? btrfs_commit_transaction+0x2ee/0x59c [c1037c85] ? wake_up_bit+0x16/0x16 [c1152a83] ? transaction_kthread+0x149/0x1d6 [c101d1b9] ? complete+0x28/0x36 [c115293a] ? btrfs_congested_fn+0x5d/0x5d [c10379c4] ? kthread+0x63/0x68 [c1037961] ? kthread_worker_fn+0xeb/0xeb [c13cba36] ? kernel_thread_helper+0x6/0xd Code: 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 f9 00 08 00 00 74 11 81 f9 00 0c 00 00 75 0e 83 3d 10 2f 60 c1 02 75 05 e9 5e a3 04 00 c3 8b 10 c1 ea 1e c1 e2 0a 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 EIP: [c101c838] kmap+0x0/0x38 SS:ESP 0068:f58f9e10 CR2: ---[ end trace c8511126ee91dfdf ]--- This is the second Oops. On the first one I wasn't able to catch the backtrace, but IIRC the bug happend on kmap not kunmap the first time. Yeah I think I know what this is but I need somebody to verify it for me. Can you run with this patch and let me know what happens? Thanks, Josef diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..5e6f4b3 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -624,6 +624,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, next_page = false; + BUG_ON(index last_index); if (index == 0) { start_offset = first_page_offset; offset = start_offset; @@ -732,6 +733,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + BUG_ON(index last_index); page = find_get_page(inode-i_mapping, index); addr = kmap(page); -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Tuesday 05 April 2011 19:42:03 Josef Bacik wrote: On Tue, Apr 05, 2011 at 07:38:13PM +0200, Johannes Hirte wrote: With the latest btrfs changes, I got this Oops when doing rm on a large directory: BUG: unable to handle kernel NULL pointer dereference at (null) IP: [c101c838] kunmap+0x46/0x46 *pdpt = 34a85001 *pde = Oops: [#1] PREEMPT SMP last sysfs file: /sys/devices/virtual/vtconsole/vtcon1/uevent Modules linked in: snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss fuse dm_crypt dm_mod usbhid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer sr_mod cdrom sg snd fschmd e1000 uhci_hcd snd_page_alloc i2c_i801 [last unloaded: microcode] Pid: 1156, comm: btrfs-transacti Tainted: GW 2.6.39-rc1-00262- gc53813f #20 FUJITSU SIEMENS SCENIC P / SCENICO P/D1561 EIP: 0060:[c101c838] EFLAGS: 00010296 CPU: 1 EIP is at kmap+0x0/0x38 EAX: EBX: ECX: EDX: 0010 ESI: f5bc6400 EDI: f3c75520 EBP: f3c755f0 ESP: f58f9e10 DS: 007b ES: 007b FS: 00d8 GS: SS: 0068 Process btrfs-transacti (pid: 1156, ti=f58f8000 task=f6516f40 task.ti=f58f8000) Stack: c1186d15 ffc22000 f58f9ec0 0010 f3c75610 f5885780 f52339e8 0009 f5bc6400 0001 f6415800 f3c75638 08bb f5bc63c0 f58857b4 f60b68a0 0040 f52338e8 ffc22000 0008 0010 Call Trace: [c1186d15] ? btrfs_write_out_cache+0x60c/0xa3c [c114a815] ? btrfs_write_dirty_block_groups+0x400/0x494 [c11566a7] ? commit_cowonly_roots+0xa9/0x180 [c1157799] ? btrfs_commit_transaction+0x2ee/0x59c [c1037c85] ? wake_up_bit+0x16/0x16 [c1152a83] ? transaction_kthread+0x149/0x1d6 [c101d1b9] ? complete+0x28/0x36 [c115293a] ? btrfs_congested_fn+0x5d/0x5d [c10379c4] ? kthread+0x63/0x68 [c1037961] ? kthread_worker_fn+0xeb/0xeb [c13cba36] ? kernel_thread_helper+0x6/0xd Code: 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 f9 00 08 00 00 74 11 81 f9 00 0c 00 00 75 0e 83 3d 10 2f 60 c1 02 75 05 e9 5e a3 04 00 c3 8b 10 c1 ea 1e c1 e2 0a 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 EIP: [c101c838] kmap+0x0/0x38 SS:ESP 0068:f58f9e10 CR2: ---[ end trace c8511126ee91dfdf ]--- This is the second Oops. On the first one I wasn't able to catch the backtrace, but IIRC the bug happend on kmap not kunmap the first time. Yeah I think I know what this is but I need somebody to verify it for me. Can you run with this patch and let me know what happens? Thanks, Josef diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..5e6f4b3 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -624,6 +624,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, next_page = false; + BUG_ON(index last_index); if (index == 0) { start_offset = first_page_offset; offset = start_offset; @@ -732,6 +733,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + BUG_ON(index last_index); page = find_get_page(inode-i_mapping, index); addr = kmap(page); Hm, I tried but now I hit the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1255 when booting the system. -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Tue, Apr 05, 2011 at 08:52:21PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 19:42:03 Josef Bacik wrote: On Tue, Apr 05, 2011 at 07:38:13PM +0200, Johannes Hirte wrote: With the latest btrfs changes, I got this Oops when doing rm on a large directory: BUG: unable to handle kernel NULL pointer dereference at (null) IP: [c101c838] kunmap+0x46/0x46 *pdpt = 34a85001 *pde = Oops: [#1] PREEMPT SMP last sysfs file: /sys/devices/virtual/vtconsole/vtcon1/uevent Modules linked in: snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss fuse dm_crypt dm_mod usbhid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer sr_mod cdrom sg snd fschmd e1000 uhci_hcd snd_page_alloc i2c_i801 [last unloaded: microcode] Pid: 1156, comm: btrfs-transacti Tainted: GW 2.6.39-rc1-00262- gc53813f #20 FUJITSU SIEMENS SCENIC P / SCENICO P/D1561 EIP: 0060:[c101c838] EFLAGS: 00010296 CPU: 1 EIP is at kmap+0x0/0x38 EAX: EBX: ECX: EDX: 0010 ESI: f5bc6400 EDI: f3c75520 EBP: f3c755f0 ESP: f58f9e10 DS: 007b ES: 007b FS: 00d8 GS: SS: 0068 Process btrfs-transacti (pid: 1156, ti=f58f8000 task=f6516f40 task.ti=f58f8000) Stack: c1186d15 ffc22000 f58f9ec0 0010 f3c75610 f5885780 f52339e8 0009 f5bc6400 0001 f6415800 f3c75638 08bb f5bc63c0 f58857b4 f60b68a0 0040 f52338e8 ffc22000 0008 0010 Call Trace: [c1186d15] ? btrfs_write_out_cache+0x60c/0xa3c [c114a815] ? btrfs_write_dirty_block_groups+0x400/0x494 [c11566a7] ? commit_cowonly_roots+0xa9/0x180 [c1157799] ? btrfs_commit_transaction+0x2ee/0x59c [c1037c85] ? wake_up_bit+0x16/0x16 [c1152a83] ? transaction_kthread+0x149/0x1d6 [c101d1b9] ? complete+0x28/0x36 [c115293a] ? btrfs_congested_fn+0x5d/0x5d [c10379c4] ? kthread+0x63/0x68 [c1037961] ? kthread_worker_fn+0xeb/0xeb [c13cba36] ? kernel_thread_helper+0x6/0xd Code: 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 f9 00 08 00 00 74 11 81 f9 00 0c 00 00 75 0e 83 3d 10 2f 60 c1 02 75 05 e9 5e a3 04 00 c3 8b 10 c1 ea 1e c1 e2 0a 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 EIP: [c101c838] kmap+0x0/0x38 SS:ESP 0068:f58f9e10 CR2: ---[ end trace c8511126ee91dfdf ]--- This is the second Oops. On the first one I wasn't able to catch the backtrace, but IIRC the bug happend on kmap not kunmap the first time. Yeah I think I know what this is but I need somebody to verify it for me. Can you run with this patch and let me know what happens? Thanks, Josef diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..5e6f4b3 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -624,6 +624,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, next_page = false; + BUG_ON(index last_index); if (index == 0) { start_offset = first_page_offset; offset = start_offset; @@ -732,6 +733,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + BUG_ON(index last_index); page = find_get_page(inode-i_mapping, index); addr = kmap(page); Hm, I tried but now I hit the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1255 when booting the system. Can you mount -o clear_cache to make sure it's not the cache thats causing that? Thanks, Josef -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Tue, Apr 05, 2011 at 11:08:52PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 21:31:43 Josef Bacik wrote: On Tue, Apr 05, 2011 at 09:21:55PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 20:53:24 Josef Bacik wrote: On Tue, Apr 05, 2011 at 08:52:21PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 19:42:03 Josef Bacik wrote: On Tue, Apr 05, 2011 at 07:38:13PM +0200, Johannes Hirte wrote: With the latest btrfs changes, I got this Oops when doing rm on a large directory: BUG: unable to handle kernel NULL pointer dereference at (null) IP: [c101c838] kunmap+0x46/0x46 *pdpt = 34a85001 *pde = Oops: [#1] PREEMPT SMP last sysfs file: /sys/devices/virtual/vtconsole/vtcon1/uevent Modules linked in: snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss fuse dm_crypt dm_mod usbhid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer sr_mod cdrom sg snd fschmd e1000 uhci_hcd snd_page_alloc i2c_i801 [last unloaded: microcode] Pid: 1156, comm: btrfs-transacti Tainted: GW 2.6.39-rc1-00262- gc53813f #20 FUJITSU SIEMENS SCENIC P / SCENICO P/D1561 EIP: 0060:[c101c838] EFLAGS: 00010296 CPU: 1 EIP is at kmap+0x0/0x38 EAX: EBX: ECX: EDX: 0010 ESI: f5bc6400 EDI: f3c75520 EBP: f3c755f0 ESP: f58f9e10 DS: 007b ES: 007b FS: 00d8 GS: SS: 0068 Process btrfs-transacti (pid: 1156, ti=f58f8000 task=f6516f40 task.ti=f58f8000) Stack: c1186d15 ffc22000 f58f9ec0 0010 f3c75610 f5885780 f52339e8 0009 f5bc6400 0001 f6415800 f3c75638 08bb f5bc63c0 f58857b4 f60b68a0 0040 f52338e8 ffc22000 0008 0010 Call Trace: [c1186d15] ? btrfs_write_out_cache+0x60c/0xa3c [c114a815] ? btrfs_write_dirty_block_groups+0x400/0x494 [c11566a7] ? commit_cowonly_roots+0xa9/0x180 [c1157799] ? btrfs_commit_transaction+0x2ee/0x59c [c1037c85] ? wake_up_bit+0x16/0x16 [c1152a83] ? transaction_kthread+0x149/0x1d6 [c101d1b9] ? complete+0x28/0x36 [c115293a] ? btrfs_congested_fn+0x5d/0x5d [c10379c4] ? kthread+0x63/0x68 [c1037961] ? kthread_worker_fn+0xeb/0xeb [c13cba36] ? kernel_thread_helper+0x6/0xd Code: 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 f9 00 08 00 00 74 11 81 f9 00 0c 00 00 75 0e 83 3d 10 2f 60 c1 02 75 05 e9 5e a3 04 00 c3 8b 10 c1 ea 1e c1 e2 0a 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 EIP: [c101c838] kmap+0x0/0x38 SS:ESP 0068:f58f9e10 CR2: ---[ end trace c8511126ee91dfdf ]--- This is the second Oops. On the first one I wasn't able to catch the backtrace, but IIRC the bug happend on kmap not kunmap the first time. Yeah I think I know what this is but I need somebody to verify it for me. Can you run with this patch and let me know what happens? Thanks, Josef diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..5e6f4b3 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -624,6 +624,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, next_page = false; + BUG_ON(index last_index); if (index == 0) { start_offset = first_page_offset; offset = start_offset; @@ -732,6 +733,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + BUG_ON(index last_index); page = find_get_page(inode-i_mapping, index); addr = kmap(page); Hm, I tried but now I hit the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1255 when booting the system. Can you mount -o clear_cache to make sure it's not the cache thats causing that? Thanks, Josef Mounting with clear_cache under 2.6.38 helped. I was able to boot and test with your patch an hit the second BUG_ON on free-space-cache.c:738. Perfect can you try this and verify you don't panic anymore please? Thanks, Josef --- fs/btrfs/free-space-cache.c | 18 ++ 1 files changed, 18 insertions(+), 0 deletions(-) diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..33287e8 100644 --- a/fs/btrfs/free-space-cache.c +++
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
On Tuesday 05 April 2011 23:12:27 Josef Bacik wrote: On Tue, Apr 05, 2011 at 11:08:52PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 21:31:43 Josef Bacik wrote: On Tue, Apr 05, 2011 at 09:21:55PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 20:53:24 Josef Bacik wrote: On Tue, Apr 05, 2011 at 08:52:21PM +0200, Johannes Hirte wrote: On Tuesday 05 April 2011 19:42:03 Josef Bacik wrote: On Tue, Apr 05, 2011 at 07:38:13PM +0200, Johannes Hirte wrote: With the latest btrfs changes, I got this Oops when doing rm on a large directory: BUG: unable to handle kernel NULL pointer dereference at (null) IP: [c101c838] kunmap+0x46/0x46 *pdpt = 34a85001 *pde = Oops: [#1] PREEMPT SMP last sysfs file: /sys/devices/virtual/vtconsole/vtcon1/uevent Modules linked in: snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss fuse dm_crypt dm_mod usbhid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer sr_mod cdrom sg snd fschmd e1000 uhci_hcd snd_page_alloc i2c_i801 [last unloaded: microcode] Pid: 1156, comm: btrfs-transacti Tainted: GW 2.6.39-rc1-00262- gc53813f #20 FUJITSU SIEMENS SCENIC P / SCENICO P/D1561 EIP: 0060:[c101c838] EFLAGS: 00010296 CPU: 1 EIP is at kmap+0x0/0x38 EAX: EBX: ECX: EDX: 0010 ESI: f5bc6400 EDI: f3c75520 EBP: f3c755f0 ESP: f58f9e10 DS: 007b ES: 007b FS: 00d8 GS: SS: 0068 Process btrfs-transacti (pid: 1156, ti=f58f8000 task=f6516f40 task.ti=f58f8000) Stack: c1186d15 ffc22000 f58f9ec0 0010 f3c75610 f5885780 f52339e8 0009 f5bc6400 0001 f6415800 f3c75638 08bb f5bc63c0 f58857b4 f60b68a0 0040 f52338e8 ffc22000 0008 0010 Call Trace: [c1186d15] ? btrfs_write_out_cache+0x60c/0xa3c [c114a815] ? btrfs_write_dirty_block_groups+0x400/0x494 [c11566a7] ? commit_cowonly_roots+0xa9/0x180 [c1157799] ? btrfs_commit_transaction+0x2ee/0x59c [c1037c85] ? wake_up_bit+0x16/0x16 [c1152a83] ? transaction_kthread+0x149/0x1d6 [c101d1b9] ? complete+0x28/0x36 [c115293a] ? btrfs_congested_fn+0x5d/0x5d [c10379c4] ? kthread+0x63/0x68 [c1037961] ? kthread_worker_fn+0xeb/0xeb [c13cba36] ? kernel_thread_helper+0x6/0xd Code: 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 f9 00 08 00 00 74 11 81 f9 00 0c 00 00 75 0e 83 3d 10 2f 60 c1 02 75 05 e9 5e a3 04 00 c3 8b 10 c1 ea 1e c1 e2 0a 8d 8a 00 e4 54 c1 2b 8a 8c e7 54 c1 81 EIP: [c101c838] kmap+0x0/0x38 SS:ESP 0068:f58f9e10 CR2: ---[ end trace c8511126ee91dfdf ]--- This is the second Oops. On the first one I wasn't able to catch the backtrace, but IIRC the bug happend on kmap not kunmap the first time. Yeah I think I know what this is but I need somebody to verify it for me. Can you run with this patch and let me know what happens? Thanks, Josef diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..5e6f4b3 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -624,6 +624,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, next_page = false; + BUG_ON(index last_index); if (index == 0) { start_offset = first_page_offset; offset = start_offset; @@ -732,6 +733,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + BUG_ON(index last_index); page = find_get_page(inode-i_mapping, index); addr = kmap(page); Hm, I tried but now I hit the BUG_ON(block_group-total_bitmaps = max_bitmaps); in add_new_bitmap in fs/btrfs/free-space-cache.c:1255 when booting the system. Can you mount -o clear_cache to make sure it's not the cache thats causing that? Thanks, Josef Mounting with clear_cache under 2.6.38 helped. I was able to boot and test with your patch an hit the second BUG_ON on free-space-cache.c:738. Perfect can you try this and verify you don't panic anymore please? Thanks, Josef --- fs/btrfs/free-space-cache.c | 18 ++ 1 files changed, 18 insertions(+), 0
Re: BUG: unable to handle kernel NULL pointer dereference at (null)
Now it hit Man I cannot catch a break. I hope this is the last one. Thanks, Josef --- fs/btrfs/free-space-cache.c | 32 1 files changed, 32 insertions(+), 0 deletions(-) diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c index 74bc432..b8052be 100644 --- a/fs/btrfs/free-space-cache.c +++ b/fs/btrfs/free-space-cache.c @@ -522,6 +522,7 @@ int btrfs_write_out_cache(struct btrfs_root *root, int bitmaps = 0; int ret = 0; bool next_page = false; + bool out_of_space = false; root = root-fs_info-tree_root; @@ -629,6 +630,11 @@ int btrfs_write_out_cache(struct btrfs_root *root, offset = start_offset; } + if (index last_index) { + out_of_space = true; + break; + } + page = find_get_page(inode-i_mapping, index); addr = kmap(page); @@ -732,6 +738,10 @@ int btrfs_write_out_cache(struct btrfs_root *root, struct btrfs_free_space *entry = list_entry(pos, struct btrfs_free_space, list); + if (index last_index) { + out_of_space = true; + break; + } page = find_get_page(inode-i_mapping, index); addr = kmap(page); @@ -754,6 +764,28 @@ int btrfs_write_out_cache(struct btrfs_root *root, index++; } + if (out_of_space) { + page = find_get_page(inode-i_mapping, 0); + + /* +* Have to do the normal stuff in case writeback gets started on +* this page before we invalidate it. +*/ + ClearPageChecked(page); + set_page_extent_mapped(page); + SetPageUptodate(page); + set_page_dirty(page); + unlock_page(page); + page_cache_release(page); + page_cache_release(page); + + ret = 0; + unlock_extent_cached(BTRFS_I(inode)-io_tree, 0, +i_size_read(inode) - 1, cached_state, +GFP_NOFS); + goto out_free; + } + /* Zero out the rest of the pages just to make sure */ while (index = last_index) { void *addr; -- 1.7.2.3 -- To unsubscribe from this list: send the line unsubscribe linux-btrfs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html