All of lore.kernel.org
 help / color / mirror / Atom feed
From: kernel test robot <oliver.sang@intel.com>
To: David Howells <dhowells@redhat.com>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>,
	Steve French <sfrench@samba.org>,
	Shyam Prasad N <nspmangalore@gmail.com>,
	"Rohith Surabattula" <rohiths.msft@gmail.com>,
	Jeff Layton <jlayton@kernel.org>, <linux-cifs@vger.kernel.org>,
	<samba-technical@lists.samba.org>, <dhowells@redhat.com>,
	<linux-kernel@vger.kernel.org>, <oliver.sang@intel.com>
Subject: Re: [PATCH] cifs: Set the file size after doing copychunk_range
Date: Thu, 30 Nov 2023 09:39:53 +0800	[thread overview]
Message-ID: <202311292134.366c9c0b-oliver.sang@intel.com> (raw)
In-Reply-To: <1297339.1700862676@warthog.procyon.org.uk>



Hello,

kernel test robot noticed "kernel_BUG_at_include/linux/highmem.h" on:

commit: 7ea84f5cb7518fa39de48aadafa14f129e9463c5 ("[PATCH] cifs: Set the file size after doing copychunk_range")
url: https://github.com/intel-lab-lkp/linux/commits/David-Howells/cifs-Set-the-file-size-after-doing-copychunk_range/20231125-055345
base: git://git.samba.org/sfrench/cifs-2.6.git for-next
patch link: https://lore.kernel.org/all/1297339.1700862676@warthog.procyon.org.uk/
patch subject: [PATCH] cifs: Set the file size after doing copychunk_range

in testcase: xfstests
version: xfstests-x86_64-11914614-1_20231122
with following parameters:

	disk: 4HDD
	fs: ext4
	fs2: smbv2
	test: generic-group-11



compiler: gcc-12
test machine: 4 threads Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (Skylake) with 32G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202311292134.366c9c0b-oliver.sang@intel.com


[  207.421597][ T2704] ------------[ cut here ]------------
[  207.427162][ T2704] kernel BUG at include/linux/highmem.h:275!
[  207.433050][ T2704] invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  207.439375][ T2704] CPU: 3 PID: 2704 Comm: fsx Tainted: G S                 6.7.0-rc2-00006-g7ea84f5cb751 #1
[  207.449260][ T2704] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.8.1 12/05/2017
[ 207.457394][ T2704] RIP: 0010:zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284) 
[ 207.464138][ T2704] Code: 41 5e 41 5f c3 48 89 df 89 ea 31 f6 4c 29 f7 44 29 e2 48 c1 ff 06 48 c1 e7 0c 4c 01 ef 4c 01 e7 e8 4f 7e 08 02 e9 5a ff ff ff <0f> 0b 48 89 df e8 60 13 1a 00 eb 91 4c 89 ef e8 36 13 1a 00 eb ae
All code
========
   0:	41 5e                	pop    %r14
   2:	41 5f                	pop    %r15
   4:	c3                   	retq   
   5:	48 89 df             	mov    %rbx,%rdi
   8:	89 ea                	mov    %ebp,%edx
   a:	31 f6                	xor    %esi,%esi
   c:	4c 29 f7             	sub    %r14,%rdi
   f:	44 29 e2             	sub    %r12d,%edx
  12:	48 c1 ff 06          	sar    $0x6,%rdi
  16:	48 c1 e7 0c          	shl    $0xc,%rdi
  1a:	4c 01 ef             	add    %r13,%rdi
  1d:	4c 01 e7             	add    %r12,%rdi
  20:	e8 4f 7e 08 02       	callq  0x2087e74
  25:	e9 5a ff ff ff       	jmpq   0xffffffffffffff84
  2a:*	0f 0b                	ud2    		<-- trapping instruction
  2c:	48 89 df             	mov    %rbx,%rdi
  2f:	e8 60 13 1a 00       	callq  0x1a1394
  34:	eb 91                	jmp    0xffffffffffffffc7
  36:	4c 89 ef             	mov    %r13,%rdi
  39:	e8 36 13 1a 00       	callq  0x1a1374
  3e:	eb ae                	jmp    0xffffffffffffffee

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2    
   2:	48 89 df             	mov    %rbx,%rdi
   5:	e8 60 13 1a 00       	callq  0x1a136a
   a:	eb 91                	jmp    0xffffffffffffff9d
   c:	4c 89 ef             	mov    %r13,%rdi
   f:	e8 36 13 1a 00       	callq  0x1a134a
  14:	eb ae                	jmp    0xffffffffffffffc4
[  207.483716][ T2704] RSP: 0018:ffffc90008f6f9d0 EFLAGS: 00010297
[  207.489673][ T2704] RAX: 0000000000001000 RBX: ffffea0004b3fac0 RCX: ffffffff817f36f2
[  207.497547][ T2704] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffea0004b3fac0
[  207.505421][ T2704] RBP: 00000000fffe35b2 R08: 0000000000000000 R09: fffff94000967f58
[  207.513295][ T2704] R10: ffffea0004b3fac7 R11: 0000000000000230 R12: 00000000000007f6
[  207.521168][ T2704] R13: ffff888000000000 R14: ffffea0000000000 R15: 00000000fffe35b2
[  207.529042][ T2704] FS:  00007f21a955d740(0000) GS:ffff88879c380000(0000) knlGS:0000000000000000
[  207.537887][ T2704] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  207.544376][ T2704] CR2: 00007f21a94bf000 CR3: 000000012e1f2002 CR4: 00000000003706f0
[  207.552250][ T2704] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  207.560125][ T2704] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  207.568001][ T2704] Call Trace:
[  207.571162][ T2704]  <TASK>
[ 207.573971][ T2704] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) 
[ 207.577572][ T2704] ? do_trap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153) 
[ 207.581695][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284) 
[ 207.587832][ T2704] ? do_error_trap (arch/x86/include/asm/traps.h:59 arch/x86/kernel/traps.c:174) 
[ 207.592317][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284) 
[ 207.598445][ T2704] ? handle_invalid_op (arch/x86/kernel/traps.c:212) 
[ 207.603265][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284) 
[ 207.609394][ T2704] ? exc_invalid_op (arch/x86/kernel/traps.c:265) 
[ 207.613953][ T2704] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:568) 
[ 207.618875][ T2704] ? zero_user_segments (include/linux/instrumented.h:68 include/asm-generic/bitops/instrumented-non-atomic.h:141 include/linux/mm.h:1063 include/linux/mm.h:1300 include/linux/highmem.h:275) 
[ 207.624919][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284) 
[ 207.631050][ T2704] ? folio_wait_writeback (arch/x86/include/asm/bitops.h:206 arch/x86/include/asm/bitops.h:238 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/page-flags.h:513 mm/page-writeback.c:3063) 
[ 207.636219][ T2704] truncate_inode_partial_folio (include/linux/page-flags.h:1113 include/linux/page-flags.h:1118 mm/truncate.c:238) 
[ 207.642001][ T2704] truncate_inode_pages_range (mm/truncate.c:379) 
[ 207.647609][ T2704] ? truncate_inode_partial_folio (mm/truncate.c:331) 
[ 207.653570][ T2704] ? _raw_spin_lock (arch/x86/include/asm/atomic.h:115 include/linux/atomic/atomic-arch-fallback.h:2164 include/linux/atomic/atomic-instrumented.h:1296 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154) 
[ 207.658139][ T2704] ? filemap_check_errors (arch/x86/include/asm/bitops.h:206 (discriminator 6) arch/x86/include/asm/bitops.h:238 (discriminator 6) include/asm-generic/bitops/instrumented-non-atomic.h:142 (discriminator 6) mm/filemap.c:350 (discriminator 6)) 
[ 207.663229][ T2704] cifs_file_copychunk_range (fs/smb/client/cifsfs.c:1312) cifs
[ 207.669432][ T2704] cifs_copy_file_range (fs/smb/client/cifsfs.c:1365) cifs
[ 207.675110][ T2704] vfs_copy_file_range (fs/read_write.c:1509) 
[ 207.680199][ T2704] ? generic_file_rw_checks (fs/read_write.c:1478) 
[ 207.685630][ T2704] ? kernel_write (fs/read_write.c:565) 
[ 207.690186][ T2704] ? preempt_notifier_dec (kernel/sched/core.c:10106) 
[ 207.695268][ T2704] ? smb3_llseek (fs/smb/client/smb2ops.c:3770) cifs
[ 207.700419][ T2704] __do_sys_copy_file_range (fs/read_write.c:1595) 
[ 207.705863][ T2704] ? vfs_copy_file_range (fs/read_write.c:1561) 
[ 207.711206][ T2704] ? ksys_write (fs/read_write.c:637) 
[ 207.715499][ T2704] ? __ia32_sys_read (fs/read_write.c:627) 
[ 207.720145][ T2704] ? fpregs_restore_userregs (arch/x86/include/asm/bitops.h:75 include/asm-generic/bitops/instrumented-atomic.h:42 include/linux/thread_info.h:94 arch/x86/kernel/fpu/context.h:79) 
[ 207.725576][ T2704] do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82) 
[ 207.729885][ T2704] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129) 
[  207.735664][ T2704] RIP: 0033:0x7f21a9654f29
[ 207.739958][ T2704] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 37 8f 0d 00 f7 d8 64 89 01 48
All code
========
   0:	00 c3                	add    %al,%bl
   2:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
   9:	00 00 00 
   c:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  11:	48 89 f8             	mov    %rdi,%rax
  14:	48 89 f7             	mov    %rsi,%rdi
  17:	48 89 d6             	mov    %rdx,%rsi
  1a:	48 89 ca             	mov    %rcx,%rdx
  1d:	4d 89 c2             	mov    %r8,%r10
  20:	4d 89 c8             	mov    %r9,%r8
  23:	4c 8b 4c 24 08       	mov    0x8(%rsp),%r9
  28:	0f 05                	syscall 
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	retq   
  33:	48 8b 0d 37 8f 0d 00 	mov    0xd8f37(%rip),%rcx        # 0xd8f71
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	retq   
   9:	48 8b 0d 37 8f 0d 00 	mov    0xd8f37(%rip),%rcx        # 0xd8f47
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231129/202311292134.366c9c0b-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki


      parent reply	other threads:[~2023-11-30  1:40 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-24 21:51 [PATCH] cifs: Set the file size after doing copychunk_range David Howells
2023-11-24 23:27 ` David Howells
2023-11-24 23:27   ` David Howells
2023-11-25  3:22   ` Steve French
2023-11-25 13:20     ` Paulo Alcantara
2023-11-28 17:46     ` David Howells
2023-11-30  1:39 ` kernel test robot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202311292134.366c9c0b-oliver.sang@intel.com \
    --to=oliver.sang@intel.com \
    --cc=dhowells@redhat.com \
    --cc=jlayton@kernel.org \
    --cc=linux-cifs@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=nspmangalore@gmail.com \
    --cc=oe-lkp@lists.linux.dev \
    --cc=rohiths.msft@gmail.com \
    --cc=samba-technical@lists.samba.org \
    --cc=sfrench@samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.