7245 2023-11-14 14:55:12 +0000 [Upstream][6.7.0-rc1] Host crash when run a container with nydus rafs v6 image 2023-11-24 11:27:07 +0000 1 1 1 Unclassified Upstream fs unspecified x86_64 Linux CLOSED FIXED P3-Medium S2-major --- 1 lenggou.lyq jefflexu jefflexu oldest_to_newest 23725 0 lenggou.lyq 2023-11-14 14:55:12 +0000 Description of problem: Host crash when run a container with nydus rafs v6 image Version-Release number of selected component (if applicable): Host kernel version: 6.7.0-rc1 Nydusd version: Version: v2.3.0-alpha.0-48-g767adcf0 Git Commit: 767adcf03a722b9c730efaa37e528600a1bbeba8 Build Time: 2023-11-14T00:36:10.366246342Z Profile: release Rustc: rustc 1.68.2 (9eb3afe9e 2023-03-27) How reproducible: Steps to Reproduce: Run the command and then host crash: ctr run --rm --snapshotter=nydus docker.io/hsiangkao/ubuntu:20.04-rafs-v6 test_container tar cvf /tmp/foo.tar --exclude=/sys --exclude=/proc --exclude=/dev / Actual results: Host crash Expected results: Succeed to run a container with nydus rafs v6 image and execute tar command in container. Additional info: Host dmesg: [ 3570.547840] erofs: (device erofs): EXPERIMENTAL fscache-based on-demand read feature in use. Use at your own risk! [ 3570.548498] erofs: (device erofs): mounted with root inode @ nid 128. [ 3570.553926] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 3570.554333] #PF: supervisor read access in kernel mode [ 3570.554587] #PF: error_code(0x0000) - not-present page [ 3570.554844] PGD 0 P4D 0 [ 3570.554976] Oops: 0000 [#1] PREEMPT SMP PTI [ 3570.555182] CPU: 8 PID: 29119 Comm: ctr Kdump: loaded Tainted: G E 6.7.0-rc1 #1 [ 3570.555594] Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 449e491 04/01/2014 [ 3570.555967] RIP: 0010:erofs_map_dev+0xb6/0x1c0 [ 3570.556192] Code: 00 8b 43 28 4c 89 ef 8d 70 ff e8 75 bc 6d 00 48 85 c0 0f 84 06 01 00 00 41 80 7d 44 00 0f 85 a9 00 00 00 48 8b 50 10 4c 89 e7 <48> 8b 12 48 89 53 08 48 8b 50 18 48 89 53 10 48 8b 50 20 48 89 53 [ 3570.557076] RSP: 0018:ffff980a00833a20 EFLAGS: 00010246 [ 3570.557327] RAX: ffff8ba7c17ea640 RBX: ffff980a00833a78 RCX: 0000000000000000 [ 3570.557665] RDX: 0000000000000000 RSI: ffff8ba8d9c75268 RDI: ffff8ba7cd47f138 [ 3570.558009] RBP: ffff8ba800238000 R08: ffff8ba7c17ea640 R09: ffff8ba7cd47f120 [ 3570.558348] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8ba7cd47f138 [ 3570.558688] R13: ffff8ba7cd47f120 R14: ffff8ba8dbe1f178 R15: 0000000000001000 [ 3570.559037] FS: 00007f71effff640(0000) GS:ffff8bb680c00000(0000) knlGS:0000000000000000 [ 3570.559422] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3570.559700] CR2: 0000000000000000 CR3: 0000000131016006 CR4: 00000000003706f0 [ 3570.560048] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3570.560405] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3570.560745] Call Trace: [ 3570.560890] <TASK> [ 3570.561002] ? __die+0x20/0x70 [ 3570.561162] ? page_fault_oops+0x66/0x150 [ 3570.561359] ? do_user_addr_fault+0x61/0x680 [ 3570.561571] ? exc_page_fault+0x65/0x140 [ 3570.561765] ? asm_exc_page_fault+0x22/0x30 [ 3570.561979] ? erofs_map_dev+0xb6/0x1c0 [ 3570.562170] erofs_fscache_data_read_slice+0xd4/0x360 [ 3570.562418] ? erofs_fscache_readahead+0x45/0x110 [ 3570.562660] ? xas_load+0xa/0x50 [ 3570.562834] erofs_fscache_readahead+0xdc/0x110 [ 3570.563057] read_pages+0x4a/0x1f0 [ 3570.563232] ? folio_add_lru+0x6b/0xa0 [ 3570.563420] page_cache_ra_order+0x1d5/0x2b0 [ 3570.563632] filemap_get_pages+0xdf/0x290 [ 3570.563839] filemap_read+0xb4/0x2d0 [ 3570.564018] ? ima_file_check+0x43/0x50 [ 3570.564210] ? mntput_no_expire+0x3a/0x220 [ 3570.564412] do_iter_readv_writev+0x104/0x120 [ 3570.564629] do_iter_read+0xf2/0x180 [ 3570.564815] ovl_read_iter+0x16b/0x1a0 [overlay] [ 3570.565054] vfs_read+0x197/0x2b0 [ 3570.565420] ksys_read+0x4f/0xd0 [ 3570.565747] do_syscall_64+0x41/0xf0 [ 3570.566093] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ 3570.566496] RIP: 0033:0x55ad3f604ebb [ 3570.566838] Code: e8 aa b6 f9 ff eb 88 cc cc cc cc cc cc cc cc e8 db fc f9 ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 3570.568028] RSP: 002b:000000c00061df78 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 3570.568554] RAX: ffffffffffffffda RBX: 000000c000048800 RCX: 000055ad3f604ebb [ 3570.569067] RDX: 0000000000001000 RSI: 000000c000558000 RDI: 0000000000000009 [ 3570.569570] RBP: 000000c00061dfc8 R08: 0000000000000001 R09: 000000c00068e300 [ 3570.570078] R10: 000000c0005b0268 R11: 0000000000000212 R12: 000000c000558000 [ 3570.570591] R13: 0000000000000000 R14: 000000c0000001a0 R15: 0000000000000040 [ 3570.571095] </TASK> [ 3570.571362] Modules linked in: xt_conntrack(E) xt_MASQUERADE(E) xt_comment(E) nft_compat(E) nft_chain_nat(E) nf_nat(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) nf_tables(E) nfnetlink(E) veth(E) bridge(E) stp(E) llc(E) binfmt_misc(E) tcp_diag(E) inet_diag(E) overlay(E) rfkill(E) intel_rapl_msr(E) intel_rapl_common(E) isst_if_common(E) nfit(E) intel_powerclamp(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) rapl(E) joydev(E) mousedev(E) nfsd(E) psmouse(E) pcspkr(E) i2c_piix4(E) virtio_balloon(E) auth_rpcgss(E) nfs_acl(E) lockd(E) grace(E) sunrpc(E) cirrus(E) ata_generic(E) drm_shmem_helper(E) drm_kms_helper(E) ata_piix(E) crc32c_intel(E) drm(E) virtio_net(E) serio_raw(E) net_failover(E) failover(E) virtio_console(E) libata(E) i2c_core(E) fuse(E) [ 3570.575621] CR2: 0000000000000000 24191 1 jefflexu 2023-11-23 16:36:06 +0000 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6b65522316489ff0b2be65d00fbcecbc781017c9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8bd90b6ae785 merged into 6.7-rc3 24216 2 lenggou.lyq 2023-11-24 11:27:07 +0000 verified and closed