Bug 461249
Summary: | Assertion failure in do_get_write_access() at fs/jbd/transaction.c:624: "jh->b_transaction == journal->j_committing_transaction" | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Bryn M. Reeves <bmr> | ||||
Component: | kernel | Assignee: | Josef Bacik <jbacik> | ||||
Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Martin Jenner <mjenner> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 4.6 | CC: | jbacik, tao | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2009-02-16 18:14:37 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Bryn M. Reeves
2008-09-05 10:21:08 UTC
Offending code: xffffffffa00953e4 <do_get_write_access+695>: callq 0xffffffff80138dbd <printk> 622 J_ASSERT_JH(jh, jh->b_next_transaction == NULL); 0xffffffffa00953e9 <do_get_write_access+700>: ud2a 0xffffffffa00953f5 <do_get_write_access+712>: mov 0x20(%rsp),%rax # load journal into %eax. %ebp has &jh 0xffffffffa00953fa <do_get_write_access+717>: mov 0x58(%rax),%rax # load journal->j_committing_transaction into %eax 0xffffffffa00953fe <do_get_write_access+721>: cmp %rax,0x20(%rbp) # compare j_committing_transaction jh->b_transaction 0xffffffffa0095402 <do_get_write_access+725>: je 0xffffffffa0095438 <do_get_write_access+779>-----+ 0xffffffffa0095404 <do_get_write_access+727>: mov $0xffffffffa009c56a,%r8 | &"jh->b_transaction == journal->j_committing_transaction" 0xffffffffa009540b <do_get_write_access+734>: mov $0x270,%ecx | 0xffffffffa0095410 <do_get_write_access+739>: mov $0xffffffffa009c354,%rdx | &"fs/jbd/transaction.c" 0xffffffffa0095417 <do_get_write_access+746>: mov $0xffffffffa009beb0,%rsi | &"do_get_write_access" 0xffffffffa009541e <do_get_write_access+753>: mov $0xffffffffa009c369,%rdi | &"<0>Assertion failure in %s() at %s:%d: "%s" 0xffffffffa0095425 <do_get_write_access+760>: xor %eax,%eax | 0xffffffffa0095427 <do_get_write_access+762>: callq 0xffffffff80138dbd <printk> | 623 J_ASSERT_JH(jh, jh->b_transaction == | 624 journal->j_committing_transaction); | 0xffffffffa009542c <do_get_write_access+767>: ud2a | BUG() 0xffffffffa0095438 <do_get_write_access+779>: mov 0xc(%rbp),%eaxi <--------------------------------+ include/linux/jbd.h:#define BJ_Shadow 5 /* Buffer contents being shadowed to the log */ 635 if (jh->b_jlist == BJ_Shadow) { 0xffffffffa009543b <do_get_write_access+782>: cmp $0x5,%eax 0xffffffffa009543e <do_get_write_access+785>: jne 0xffffffffa00954e4 <do_get_write_access+951> [exception RIP: do_get_write_access+767] RIP: ffffffffa009542c RSP: 0000010058de3d28 RFLAGS: 00010212 RAX: 0000000000000084 RBX: 0000000000000000 RCX: ffffffff803e95e8 RDX: ffffffff803e95e8 RSI: 0000000000000246 RDI: ffffffff803e95e0 RBP: 0000010069b9d5b0 R8: ffffffff803e95e8 R9: 0000000000000000 ^^^ &jh R10: 0000000100000000 R11: 000001007b981380 R12: 0000010064088500 R13: 0000010076d84680 R14: 000001005af47ee0 R15: 0000000000000000 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 We apparently got here with b_transaction = 0x0x100759485c0 but j_committing_transaction = 0x84. Hmmm... oh no: %eax got clobbered before the BUG.. jh: struct journal_head 0000010069b9d5b0 struct journal_head { b_bh = 0x10064088500, b_jcount = 1, b_jlist = 2, b_frozen_data = 0x0, b_committed_data = 0x0, b_transaction = 0x100759485c0, b_next_transaction = 0x0, b_tnext = 0x1006dc3cc90, b_tprev = 0x1006dc3c870, b_cp_transaction = 0x10075948bc0, b_cpnext = 0x1006dc3cc90, b_cpprev = 0x1006dc3c870 } journal: This should be in 0x20(%RSP) but looking at that in crash doesn't even appear to be a journal_s: RSP: 0000010058de3d28 struct journal_s 0x0000010058de3d48 struct journal_s { j_flags = 1100449314304, j_errno = 1678720936, j_sb_buffer = 0x0, j_superblock = 0x246, j_format_version = 1024, j_state_lock = { lock = 0, magic = 5243153 }, j_barrier_count = 0, j_barrier = { count = { counter = 582 }, sleepers = 0, wait = { lock = { lock = 1678370312, magic = 256 }, task_list = { next = 0x400, prev = 0xffffffff8017f26c } } }, j_running_transaction = 0x280, j_committing_transaction = 0x1, j_checkpoint_transactions = 0x1005af47ee0, j_wait_transaction_locked = { [...] } } Created attachment 315899 [details] crash output from comment #2 New bugzilla doesn't like long lines - disassembly from comment #2 as an attachment. |