On 9/30/16 5:07 PM, Rich Freeman wrote: > On Fri, Sep 30, 2016 at 4:55 PM, Jeff Mahoney <je...@suse.com> wrote: >> This looks like a use-after-free on one of the pages used for >> compression. Can you post the output of objdump -Dr >> /lib/modules/$(uname -r)/kernel/fs/btrfs/btrfs.ko somewhere? >> > > Sure: > https://drive.google.com/open?id=0BwUDImviY_gcR3JfT0Z1cUlRVEk > > I was impressed by just how large it was. > > I take it you're going to try to use the offsets in the oops to figure > out where it went wrong? I really need to get kernel core dumping > working on this box...
Yep. What I think is happening is that we have workspace getting freed while it's in use. The faulting address is in vmalloc space and it's also the first argument to memcpy, which makes it the destination. In lzo_decompress_biovec, that means it's the workspace->cbuf. Beyond that I'll have to dig a bit more. It's the same fault that your first photo showed as a secondary Oops, but that's not always the case. -- Jeff Mahoney SUSE Labs
signature.asc
Description: OpenPGP digital signature