From: Zorro Lang <zlang@redhat.com>
To: Matthew Wilcox <willy@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org
Subject: Re: Fw: [Bug 216114] New: page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and kernel BUG at mm/truncate.c:669!
Date: Mon, 13 Jun 2022 09:08:50 +0800 [thread overview]
Message-ID: <20220613010850.6kmpenitmuct2osb@zlang-mailbox> (raw)
In-Reply-To: <YqY9ExMWlma2ej5J@casper.infradead.org>
On Sun, Jun 12, 2022 at 08:22:59PM +0100, Matthew Wilcox wrote:
> On Sun, Jun 12, 2022 at 12:37:22PM +0800, Zorro Lang wrote:
> > On Sat, Jun 11, 2022 at 09:33:39PM +0100, Matthew Wilcox wrote:
> > > On Sat, Jun 11, 2022 at 01:07:49PM -0700, Andrew Morton wrote:
> > > >
> > > > Hi. Do you recall if this is a new one?
> > >
> > > New to me. Does this happen reliably enough to do a bisect?
> > >
> > > Hmm.
> > >
> > > folio_lock(folio);
> > > VM_BUG_ON_FOLIO(!folio_contains(folio, index), folio);
> > > if (folio->mapping != mapping) {
> > > folio_unlock(folio);
> > > continue;
> > > }
> > >
> > > so we found a truncated folio (below dump shows folio->mapping == NULL).
> > > We should be able to solve this by simply moving the VM_BUG_ON_FOLIO
> > > down four lines.
> > >
> > > I'm a little confused that this can happen; the page cache is littered
> > > with comments saying:
> > >
> > > /* Leave page->index set: truncation lookup relies upon it */
> > >
> > > so the VM_BUG_ON_FOLIO shouldn't need to be moved and hints at a problem
> > > that I don't understand. I also don't understand that PG_head is set,
> > > and yet dump_page() did not print:
> > > pr_warn("head:%p order:%u compound_mapcount:%d compound_pincount:%d\n",
> > > (is it possible it was inadvertently omitted from the bug report?)
> >
> > Hi Matthew,
> >
> > I just checked the full console log, didn't find above warning, it just printed:
> >
> > [ 8590.600151] page:0000000027772b07 refcount:2 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x2a7a00
> >
> > As the current code logic(mm/debug.c::):
> >
> > pr_warn("page:%p refcount:%d mapcount:%d mapping:%p index:%#lx pfn:%#lx\n",
> > page, page_ref_count(head), mapcount, mapping,
> > page_to_pgoff(page), page_to_pfn(page));
> > if (compound) {
> > pr_warn("head:%p order:%u compound_mapcount:%d compound_pincount:%d\n",
> > head, compound_order(head),
> > folio_entire_mapcount(folio),
> > head_compound_pincount(head));
> > }
> >
> > The 1st warn as above, but didn't get the 2nd warn. Might due to the compound==false?
>
> Right. So that _shouldn't_ happen.
>
> bool compound = PageCompound(page);
>
> ... if PG_head is set, then compound would be true.
>
> It must be that something else is setting PG_head while dump_page() is
> running. It observes PG_head clear at the top of the function, then
> observes PG_head set later on.
>
> The only place that sets PG_head is the page allocator. If that's what's
> going on, some other aspects of this start to make sense. For example
> page->index might well be in use as set_pcppage_migratetype().
>
> But we shouldn't get to that point. filemap_remove_folio() does:
>
> __filemap_remove_folio(folio, NULL)
> page_cache_delete(mapping, folio, NULL)
> xas_store(&xas, NULL)
> filemap_free_folio(mapping, folio)
> folio_put_refs(folio, refs)
>
> While invalidate_inode_pages2_range() does:
>
> find_get_entries()
> find_get_entry()
> folio = xas_find()
> folio_try_get_rcu(folio)
> if (unlikely(folio != xas_reload(xas))) {
> folio_put(folio)
> goto reset
> }
> folio_lock(folio)
> VM_BUG_ON_FOLIO(!folio_contains(folio, index), folio)
>
> I don't see what the route is for us to be able to get out of
> find_get_entry() with a pointer to a folio that is in the middle of
> being allocated by the page allocator. If the refcount is still
> 0, folio_try_get_rcu() fails. If the refcount has returned to 1,
> xas_reload() should not be able to see the same folio pointer.
>
> If this were ARM, I'd be questioning whether the CPU was really obeying
> the memory model (in terms of observability / ordering). But it's x86 and
> both AMD and Intel are pretty good about not breaking that kind of thing.
Hi Matthew,
I just reproduced this bug twice on different x86_64 machines, with latest
v5.19-rc1+ kernel, by loop running xfs/132 and xfs/133 on 64k directory size
(-n size=65536) XFS.
One doesn't have this warning [1]:
pr_warn("head:%p order:%u compound_mapcount:%d compound_pincount:%d\n"
But another one has that warning [2] ... That's really weird.
Thanks,
Zorro
[1]
[ 8573.888318] XFS (sda5): Unmounting Filesystem
[ 8575.293213] XFS (sda5): Mounting V5 Filesystem
[ 8575.545576] XFS (sda5): Ending clean mount
[ 8575.883979] run fstests generic/133 at 2022-06-10 17:59:23
[ 8590.600151] page:0000000027772b07 refcount:2 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x2a7a00
[ 8590.601327] flags: 0x57ffffc0050000(head|reclaim|node=1|zone=2|lastcpupid=0x1fffff)
[ 8590.601341] raw: 0057ffffc0050000 0000000000000000 dead000000000122 0000000000000000
[ 8590.601345] raw: 0000000000007300 0000000000000000 00000001ffffffff 0000000000000000
[ 8590.601348] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index))
[ 8590.601416] ------------[ cut here ]------------
[ 8590.601417] kernel BUG at mm/truncate.c:669!
[ 8590.601431] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 8590.606435] CPU: 13 PID: 768777 Comm: xfs_io Kdump: loaded Not tainted 5.19.0-rc1+ #1
[ 8590.606841] Hardware name: HP ProLiant DL385p Gen8, BIOS A28 02/06/2014
[ 8590.607178] RIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[ 8590.607924] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 37 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[ 8590.609335] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
[ 8590.609697] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[ 8590.610771] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520017b2eca
[ 8590.611576] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff8888367efd0b
[ 8590.612349] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12: ffff88825a578418
[ 8590.613117] R13: 0000000000007340 R14: 000000000000733f R15: ffffea000a9e8000
[ 8590.613902] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000) knlGS:0000000000000000
[ 8590.614346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 8590.615008] CR2: 00007f0576919150 CR3: 0000000649990000 CR4: 00000000000406e0
[ 8590.615761] Call Trace:
[ 8590.615914] <TASK>
[ 8590.616425] ? mapping_evict_folio.part.0+0x1e0/0x1e0
[ 8590.616718] ? pagevec_lookup_range_tag+0x28/0x60
[ 8590.617492] ? __filemap_fdatawait_range+0xbb/0x250
[ 8590.618140] ? xas_reload+0x2d0/0x2d0
[ 8590.618357] ? filemap_fdatawrite_wbc+0x38/0x170
[ 8590.619013] ? filemap_range_has_page+0xf0/0x200
[ 8590.619866] ? delete_from_page_cache_batch+0x8e0/0x8e0
[ 8590.620201] ? rcu_read_lock_sched_held+0x3f/0x70
[ 8590.620864] ? filemap_check_errors+0x56/0xe0
[ 8590.621542] __iomap_dio_rw+0x789/0x1150
[ 8590.621768] ? iomap_dio_bio_iter+0x12f0/0x12f0
[ 8590.622436] ? trace_xfs_setattr+0x230/0x230 [xfs]
[ 8590.623386] ? iu[ 8590.708322] iomap_dio_rw+0xe/0x30
[ 8590.724063] xfs_file_dio_write_aligned+0x14c/0x1f0 [xfs]
[ 8590.724539] ? xfs_file_dio_write_unaligned+0x740/0x740 [xfs]
[ 8590.725586] xfs_file_write_iter+0x450/0x6a0 [xfs]
[ 8590.726382] new_sync_write+0x2ef/0x530
[ 8590.726593] ? new_sync_read+0x530/0x530
[ 8590.726801] ? lock_acquire+0x1d8/0x620
[ 8590.727040] ? rcu_read_unlock+0x40/0x40
[ 8590.727267] vfs_write+0x626/0x910
[ 8590.727815] __x64_sys_pwrite64+0x19c/0x1f0
[ 8590.728051] ? vfs_write+0x910/0x910
[ 8590.728263] ? ktime_get_coarse_real_ts64+0x128/0x160
[ 8590.728546] do_syscall_64+0x5c/0x80
[ 8590.728756] ? do_syscall_64+0x69/0x80
[ 8590.728983] ? lockdep_hardirqs_on+0x79/0x100
[ 8590.729600] ? do_syscall_64+0x69/0x80
[ 8590.729833] ? do_syscall_64+0x69/[ 8591.130203] ? lockdep_hardirqs_on+0x79/0x100
[ 8591.130866] ? do_syscall_64+0x69/0x80
[ 8591.131115] ? do_syscall_64+0x69/0x80
[ 8591.131331] ? do_syscall_64+0x69/0x80
[ 8591.131576] ? lockdep_hardirqs_on+0x79/0x100
[ 8591.132207] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 8591.132501] RIP: 0033:0x7f93f6d3cddf
[ 8591.132737] Code: 08 89 3c 24 48 89 4c 24 18 e8 6d fe f5 ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 bd fe f5 ff 48 8b
[ 8591.134056] RSP: 002b:00007ffd8aac5a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 8591.134828] RAX: ffffffffffffffda RBX: 0000000007340000 RCX: 00007f93f6d3cddf
[ 8591.135648] RDX: 0000000000010000 RSI: 0000000000b63000 RDI: 0000000000000003
[ 8591.136425] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000079
[ 8591.137179] R10: 0000000007340000 R11: 0000000000000293 R12: 0000000007340000
[ 8591.138020] R13: 0000000000000000 R14: 0000000000000734 R15: 0000000018cc0000
[ 8591.138804] </TASK>
[ 8591.138985] Modules limi sysimgblt fb_sys_fops hpilo ipmi_si ipmi_devintf ipmi_msghandler sunrpc acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 sr_mod cdrom sg crct10dif_pclmul crc32_pclmul crc32c_intel ahci ata_generic libahci ghash_clmulni_intel serio_raw libata hpsa tg3 scsi_transport_sas hpwdt [last unloaded: scsi_debug]
[ 8591.641707] ---[ end trace 0000000000000000 ]---
[ 8591.644539] amd_iommu_report_page_fault: 501 callbacks suppressed
[ 8591.644554] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.650728] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.655235] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.661240] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.666237] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.670741] hpilo 0000:02:00.2: AMD-ViIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[ 8591.676251] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 37 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[ 8591.676261] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
[ 8591.676273] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[ 8591.676279] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520017b2eca
[ 8591.676287] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff8888367efd0b
[ 8591.676293] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12: ffff88825a578418
[ 8591.676327] R13: 0000000000007340 R14: 000000000000733f R15: ffffea000a9e8000
[ 8591.676336] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000) knlGS:0000000000000000
[ 8591.676344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 8591.676350] CR2: 00007f0576919150 CR3: 0000000649990000 CR4: 00000000000406e0
[2]
[13395.160194] watchdog: BUG: soft lockup - CPU#14 stuck for 11523s! [migration/14:87]
[13395.167856] Modules linked in: tls rfkill intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common isst_if_common skx_edac nfit x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass sunrpc rapl intel_cstate irdma ice ast drm_vram_helper drm_ttm_helper ttm iTCO_wdt drm_kms_helper iTCO_vendor_support ib_uverbs syscopyarea sysfillrect mei_me ipmi_ssif mei i2c_i801 intel_uncore sysimgblt pcspkr ib_core fb_sys_fops intel_pch_thermal acpi_ipmi joydev ioatdma i2c_smbus ipmi_si lpc_ich ipmi_devintf ipmi_msghandler acpi_pad acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 sg crct10dif_pclmul igb crc32_pclmul crc32c_intel i2c_algo_bit ghash_clmulni_intel megaraid_sas dca ahci libahci i40e libata wmi
[13395.237154] irq event stamp: 3140
[13395.240473] hardirqs last enabled at (3139): [<ffffffffaabea7c5>] _raw_spin_unlock_irqrestore+0x55/0x70
[13395.249945] hardirqs last disabled at (3140): [<ffffffffaabd4b2c>] __schedule+0x98c/0x1510
[13395.258204] softirqs last enabled at (2698): [<ffffffffaae00621>] __do_softirq+0x621/0x9a4
[13395.266552] softirqs last disabled at (2689): [<ffffffffa8a14404>] __irq_exit_rcu+0x1f4/0x2a0
[13395.275072] CPU: 14 PID: 87 Comm: migration/14 Kdump: loaded Tainted: G W L 5.19.0-rc1+ #1
[13395.284466] Hardware name: Supermicro SYS-1029P-WTRT/X11DDW-NT, BIOS 2.1 09/14/2018
[13395.292117] Stopper: multi_cpu_stop+0x0/0x370 <- migrate_swap+0x2db/0x520
[13395.298905] RIP: 0010:rcu_dynticks_inc+0x21/0x30
[13395.303532] Code: c0 0f b6 c0 c3 cc cc cc cc 55 48 c7 c5 58 3f 20 00 53 89 fb e8 10 0b 00 00 89 c0 48 03 2c c5 20 5b 89 ab 89 d8 f0 0f c1 45 00 <01> d8 5b 5d 48 98 c3 0f 1f 84 00 00 00 00 00 bf 01 00 00 00 eb c9
[13395.322279] RSP: 0000:ffffc9000d00fde0 EFLAGS: 00000286
[13395.327512] RAX: 00000000ebb562d9 RBX: 0000000000000002 RCX: ffffffffa8d00c8c
[13395.334648] RDX: 0000000000000000 RSI: ffffffffab2b7520 RDI: ffffffffab2b7560
[13395.341786] RBP: ffff889794e03f58 R08: 0000000000000001 R09: ffffc90025dd7747
[13395.348922] R10: fffff52004bbaee8 R11: 0000000000000001 R12: fffff52004bbaee8
[13395.356053] R13: ffffffffab07f2c0 R14: 0000000000000001 R15: 0000000000000001
[13395.363186] FS: 0000000000000000(0000) GS:ffff889794c00000(0000) knlGS:0000000000000000
[13395.371272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[13395.377019] CR2: 000055c054158fd0 CR3: 0000001b36836004 CR4: 00000000007706e0
[13395.384152] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[13395.391283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[13395.398414] PKRU: 55555554
[13395.401129] Call Trace:
[13395.403582] <TASK>
[13395.405690] rcu_momentary_dyntick_idle+0x12/0x30
[13395.410403] multi_cpu_stop+0x1b0/0x370
[13395.414246] ? stop_machine_yield+0x10/0x10
[13395.418439] cpu_stopper_thread+0x1f6/0x400
[13395.422623] ? cpu_stop_queue_two_works+0x640/0x640
[13395.427504] ? smpboot_thread_fn+0x6b/0x910
[13395.431699] smpboot_thread_fn+0x559/0x910
[13395.435805] ? sort_range+0x20/0x20
[13395.439299] kthread+0x2a7/0x350
[13395.442539] ? kthread_complete_and_exit+0x20/0x20
[13395.447335] ret_from_fork+0x22/0x30
[13395.450925] </TASK>
[13403.186393] page:00000000c65d53f8 refcount:18 mapcount:0 mapping:000000007dc028c9 index:0x70 pfn:0x19c0c80
[13403.186400] head:00000000c65d53f8 order:4 compound_mapcount:0 compound_pincount:0
[13403.186404] memcg:ffff889b9c6d0000
[13403.186406] aops:xfs_address_space_operations [xfs] ino:7c05 dentry name:"9f94abbf9c6f899582e8dc0c13f6f0c8935651c3429794cebcdf6efca72fb6f8-primary.xml.gz"
[13403.186556] flags: 0x57ffffc0012015(locked|uptodate|lru|private|head|node=1|zone=2|lastcpupid=0x1fffff)
[13403.186564] raw: 0057ffffc0012015 ffffea006d072c08 ffffea0067032408 ffff8899ea6cdc18
[13403.186567] raw: 0000000000000070 ffff88998c546180 00000012ffffffff ffff889b9c6d0000
[13403.186568] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index))
[13403.186581] ------------[ cut here ]------------
[13403.186582] kernel BUG at mm/truncate.c:669!
[13403.186590] invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[13403.267576] CPU: 30 PID: 118131 Comm: xfs_io Kdump: loaded Tainted: G W L 5.19.0-rc1+ #1
[13403.276795] Hardware name: Supermicro SYS-1029P-WTRT/X11DDW-NT, BIOS 2.1 09/14/2018
[13403.284448] RIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[13403.290378] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 20 3c 15 ab 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 07 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[13403.309130] RSP: 0018:ffffc90039c5f748 EFLAGS: 00010286
[13403.314364] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[13403.321499] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff5200738bed9
[13403.328637] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff88afdb7efd0b
[13403.335772] R10: ffffed15fb6fdfa1 R11: 0000000000000001 R12: ffff889a1c2f0418
[13403.342902] R13: 0000000000005741 R14: 00000000000056d1 R15: ffffea0067032000
[13403.350038] FS: 00007f3133ce9740(0000) GS:ffff88afdb600000(0000) knlGS:0000000000000000
[13403.358124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[13403.363878] CR2: 00007f1db82ebc38 CR3: 0000001aa2b16005 CR4: 00000000007706e0
[13403.371009] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[13403.378144] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[13403.385276] PKRU: 55555554
[13403.387987] Call Trace:
[13403.390441] <TASK>
[13403.392552] ? mapping_evict_folio.part.0+0x1e0/0x1e0
[13403.397609] ? pagevec_lookup_range_tag+0x28/0x60
[13403.402317] ? __filemap_fdatawait_range+0xbb/0x250
[13403.407204] ? xas_reload+0x2d0/0x2d0
[13403.410867] ? filemap_fdatawrite_wbc+0x38/0x170
[13403.415492] ? trace_event_raw_event_mm_filemap_op_page_cache+0x270/0x500
[13403.422284] ? delete_from_page_cache_batch+0x8e0/0x8e0
[13403.427521] ? rcu_read_lock_sched_held+0x3f/0x70
[13403.432235] ? filemap_check_errors+0x56/0xe0
[13403.436605] __iomap_dio_rw+0x789/0x1150
[13403.440551] ? iomap_dio_bio_iter+0x12f0/0x12f0
[13403.445086] ? current_time+0x72/0x210
[13403.448848] ? file_remove_privs+0x490/0x490
[13403.453122] ? iunique+0x2c0/0x2c0
[13403.456546] iomap_dio_rw+0xe/0x30
[13403.459960] xfs_file_dio_write_aligned+0x14c/0x1f0 [xfs]
[13403.465636] ? xfs_file_dio_write_unaligned+0x740/0x740 [xfs]
[13403.471637] xfs_file_write_iter+0x450/0x6a0 [xfs]
[13403.476550] new_sync_write+0x2ef/0x530
[13403.480397] ? new_sync_read+0x530/0x530
[13403.484321] ? lock_acquire+0x1d8/0x620
[13403.488170] ? rcu_read_unlock+0x40/0x40
[13403.492100] vfs_write+0x626/0x910
[13403.495512] __x64_sys_pwrite64+0x19c/0x1f0
[13403.499705] ? vfs_write+0x910/0x910
[13403.503283] ? ktime_get_coarse_real_ts64+0x128/0x160
[13403.508349] do_syscall_64+0x5c/0x80
[13403.511930] ? do_syscall_64+0x69/0x80
[13403.515686] ? do_syscall_64+0x69/0x80
[13403.519446] ? lockdep_hardirqs_on+0x79/0x100
[13403.523805] ? do_syscall_64+0x69/0x80
[13403.527559] ? do_syscall_64+0x69/0x80
[13403.531309] ? do_syscall_64+0x69/0x80
[13403.535063] ? lockdep_hardirqs_on+0x79/0x100
[13403.539425] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[13403.544484] RIP: 0033:0x7f3133b3cddf
[13403.548063] Code: 08 89 3c 24 48 89 4c 24 18 e8 6d fe f5 ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 bd fe f5 ff 48 8b
[13403.566810] RSP: 002b:00007ffcad9bae70 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[13403.574377] RAX: ffffffffffffffda RBX: 0000000005740000 RCX: 00007f3133b3cddf
[13403.581510] RDX: 0000000000010000 RSI: 0000000000cc5000 RDI: 0000000000000003
[13403.588641] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000079
[13403.595773] R10: 0000000005740000 R11: 0000000000000293 R12: 0000000005740000
[13403.602908] R13: 0000000000000000 R14: 0000000000000574 R15: 000000001a8c0000
[13403.610046] </TASK>
[13403.612242] Modules linked in: tls rfkill intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common isst_if_common skx_edac nfit x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass sunrpc rapl intel_cstate irdma ice ast drm_vram_helper drm_ttm_helper ttm iTCO_wdt drm_kms_helper iTCO_vendor_support ib_uverbs syscopyarea sysfillrect mei_me ipmi_ssif mei i2c_i801 intel_uncore sysimgblt pcspkr ib_core fb_sys_fops intel_pch_thermal acpi_ipmi joydev ioatdma i2c_smbus ipmi_si lpc_ich ipmi_devintf ipmi_msghandler acpi_pad acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 sg crct10dif_pclmul igb crc32_pclmul crc32c_intel i2c_algo_bit ghash_clmulni_intel megaraid_sas dca ahci libahci i40e libata wmi
[13403.681589] ---[ end trace 0000000000000000 ]---
[13403.798015] RIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[13403.798028] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 20 3c 15 ab 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 07 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[13403.798031] RSP: 0018:ffffc90039c5f748 EFLAGS: 00010286
[13403.798035] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[13403.798038] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff5200738bed9
[13403.798040] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff88afdb7efd0b
[13403.798042] R10: ffffed15fb6fdfa1 R11: 0000000000000001 R12: ffff889a1c2f0418
[13403.798044] R13: 0000000000005741 R14: 00000000000056d1 R15: ffffea0067032000
[13403.798046] FS: 00007f3133ce9740(0000) GS:ffff88afdb600000(0000) knlGS:0000000000000000
[13403.798049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[13403.798051] CR2: 00007f1db82ebc38 CR3: 0000001aa2b16005 CR4: 00000000007706e0
[13403.798053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[13403.798055] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[13403.798056] PKRU: 55555554
>
> > This bug isn't easy to reproduce, I just hit it once on x86_64, I'm still
> > trying to reproduce it. JFYI, another [mm] bug [1] is 100% reproducible
> > for me.
> >
> > Thanks,
> > Zorro
> >
> > [1]
> > kernel BUG at mm/usercopy.c:101!
> > https://bugzilla.kernel.org/show_bug.cgi?id=216073
>
> I don't know why you file bugs in bugzilla. It's a great way to have
> good bug reports get ignored.
Due to I might report bugs to many different components, likes mm, block, io_uring,
someone fs, someone arch and so on. So I thought bugzilla might help to track all
bugs I report to each mail list. And I can upload some files onto bugzilla easily.
I mail list, people generally don't like emails with attachments.
I don't know bugzilla is easy to ignored. I think I can record a bug report on
bugzilla, then send an email to mail list to ask :)
Thanks,
Zorro
>
> > > Also a head page should not be able to have an odd index. So there's a
> > > lot here that doesn't make sense to me right now.
> > >
> > > > Begin forwarded message:
> > > >
> > > > Date: Sat, 11 Jun 2022 10:50:53 +0000
> > > > From: bugzilla-daemon@kernel.org
> > > > To: akpm@linux-foundation.org
> > > > Subject: [Bug 216114] New: page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and kernel BUG at mm/truncate.c:669!
> > > >
> > > >
> > > > https://bugzilla.kernel.org/show_bug.cgi?id=216114
> > > >
> > > > Bug ID: 216114
> > > > Summary: page dumped because:
> > > > VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and
> > > > kernel BUG at mm/truncate.c:669!
> > > > Product: Memory Management
> > > > Version: 2.5
> > > > Kernel Version: 5.19-rc1
> > > > Hardware: All
> > > > OS: Linux
> > > > Tree: Mainline
> > > > Status: NEW
> > > > Severity: normal
> > > > Priority: P1
> > > > Component: Other
> > > > Assignee: akpm@linux-foundation.org
> > > > Reporter: zlang@redhat.com
> > > > Regression: No
> > > >
> > > > xfstests on x86_64 with 64k directory size (mkfs.xfs -n size=65536) XFS[1] hit
> > > > panic[2]. The kernel HEAD which I used is
> > > >
> > > > commit 874c8ca1e60b2c564a48f7e7acc40d328d5c8733
> > > > Author: David Howells <dhowells@redhat.com>
> > > > Date: Thu Jun 9 21:46:04 2022 +0100
> > > >
> > > > netfs: Fix gcc-12 warning by embedding vfs inode in netfs_i_context
> > > >
> > > >
> > > > [1]
> > > > meta-data=/dev/sda4 isize=512 agcount=16, agsize=245696 blks
> > > > = sectsz=512 attr=2, projid32bit=1
> > > > = crc=1 finobt=1, sparse=1, rmapbt=0
> > > > = reflink=1 bigtime=1 inobtcount=1
> > > > data = bsize=4096 blocks=3931136, imaxpct=25
> > > > = sunit=64 swidth=192 blks
> > > > naming =version 2 bsize=65536 ascii-ci=0, ftype=1
> > > > log =internal log bsize=4096 blocks=16384, version=2
> > > > = sectsz=512 sunit=64 blks, lazy-count=1
> > > > realtime =none extsz=4096 blocks=0, rtextents=0
> > > >
> > > > [2]
> > > > # ./scripts/decode_stacktrace.sh vmlinux < crash.log
> > > > [ 8525.364621] run fstests generic/132 at 2022-06-10 17:58:32
> > > > [ 8529.173644] XFS (sda4): Mounting V5 Filesystem
> > > > [ 8529.338529] XFS (sda4): Ending clean mount
> > > > [ 8531.015050] restraintd[1356]: *** Current Time: Fri Jun 10 17:58:44 2022
> > > > Localwatchdog at: Sun Jun 12 15:40:44 2022
> > > > [ 8560.723674] XFS (sda5): Unmounting Filesystem
> > > > [ 8560.984233] XFS (sda4): EXPERIMENTAL online scrub feature in use. Use at
> > > > your own risk!
> > > > [ 8561.787448] XFS (sda4): Unmounting Filesystem
> > > > [ 8562.925361] XFS (sda4): Mounting V5 Filesystem
> > > > [ 8563.101997] XFS (sda4): Ending clean mount
> > > > [ 8563.163581] XFS (sda4): Unmounting Filesystem
> > > > [ 8563.890637] XFS (sda5): Mounting V5 Filesystem
> > > > [ 8564.087515] XFS (sda5): Ending clean mount
> > > > [ 8567.049332] XFS (sda4): Mounting V5 Filesystem
> > > > [ 8567.176278] XFS (sda4): Ending clean mount
> > > > [ 8567.213659] XFS (sda4): Unmounting Filesystem
> > > > [ 8567.476953] XFS (sda5): EXPERIMENTAL online scrub feature in use. Use at
> > > > your own risk!
> > > > [ 8573.888318] XFS (sda5): Unmounting Filesystem
> > > > [ 8575.293213] XFS (sda5): Mounting V5 Filesystem
> > > > [ 8575.545576] XFS (sda5): Ending clean mount
> > > > [ 8575.883979] run fstests generic/133 at 2022-06-10 17:59:23
> > > > [ 8590.600151] page:0000000027772b07 refcount:2 mapcount:0
> > > > mapping:0000000000000000 index:0x1 pfn:0x2a7a00
> > > > [ 8590.601327] flags:
> > > > 0x57ffffc0050000(head|reclaim|node=1|zone=2|lastcpupid=0x1fffff)
> > > > [ 8590.601341] raw: 0057ffffc0050000 0000000000000000 dead000000000122
> > > > 0000000000000000
> > > > [ 8590.601345] raw: 0000000000007300 0000000000000000 00000001ffffffff
> > > > 0000000000000000
> > > > [ 8590.601348] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio,
> > > > index))
> > > > [ 8590.601416] ------------[ cut here ]------------
> > > > [ 8590.601417] kernel BUG at mm/truncate.c:669!
> > > > [ 8590.601431] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
> > > > [ 8590.606841] Hardware name: HP ProLiant DL385p Gen8, BIOS A28 02/06/2014
> > > > [ 8590.607178] RIP: 0010:invalidate_inode_pages2_range (mm/truncate.c:669
> > > > (discriminator 1))
> > > > [ 8590.607924] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49
> > > > 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8
> > > > 37 ec fd ff 4c 89 ff e8 9f c3 03
> > > > 00 84 c0 0f 85 2d 02 00
> > > > All code
> > > > ========
> > > > 0: c0 03 38 rolb $0x38,(%rbx)
> > > > 3: d0 7c 08 84 sarb -0x7c(%rax,%rcx,1)
> > > > 7: d2 0f rorb %cl,(%rdi)
> > > > 9: 85 aa 06 00 00 41 test %ebp,0x41000006(%rdx)
> > > > f: 8b 47 5c mov 0x5c(%rdi),%eax
> > > > 12: 49 39 c6 cmp %rax,%r14
> > > > 15: 0f 82 80 fe ff ff jb 0xfffffffffffffe9b
> > > > 1b: 48 c7 c6 a0 3b 55 99 mov $0xffffffff99553ba0,%rsi
> > > > 22: 4c 89 ff mov %r15,%rdi
> > > > 25: e8 7e 9f 07 00 callq 0x79fa8
> > > > 2a:* 0f 0b ud2 <-- trapping instruction
> > > > 2c: e8 37 ec fd ff callq 0xfffffffffffdec68
> > > > 31: 4c 89 ff mov %r15,%rdi
> > > > 34: e8 9f c3 03 00 callq 0x3c3d8
> > > > 39: 84 c0 test %al,%al
> > > > 3b: 0f .byte 0xf
> > > > 3c: 85 .byte 0x85
> > > > 3d: 2d .byte 0x2d
> > > > 3e: 02 00 add (%rax),%al
> > > >
> > > > Code starting with the faulting instruction
> > > > ===========================================
> > > > 0: 0f 0b ud2
> > > > 2: e8 37 ec fd ff callq 0xfffffffffffdec3e
> > > > 7: 4c 89 ff mov %r15,%rdi
> > > > a: e8 9f c3 03 00 callq 0x3c3ae
> > > > f: 84 c0 test %al,%al
> > > > 11: 0f .byte 0xf
> > > > 12: 85 .byte 0x85
> > > > 13: 2d .byte 0x2d
> > > > 14: 02 00 add (%rax),%al
> > > > [ 8590.609335] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
> > > > [ 8590.609697] RAX: 0000000000000043 RBX: dffffc0000000000 RCX:
> > > > 0000000000000000
> > > > [ 8590.610771] RDX: 0000000000000001 RSI: 0000000000000004 RDI:
> > > > fffff520017b2eca
> > > > [ 8590.611576] RBP: 0000000000000000 R08: 0000000000000043 R09:
> > > > ffff8888367efd0b
> > > > [ 8590.612349] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12:
> > > > ffff88825a578418
> > > > [ 8590.613117] R13: 0000000000007340 R14: 000000000000733f R15:
> > > > ffffea000a9e8000
> > > > [ 8590.613902] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000)
> > > > knlGS:0000000000000000
> > > > [ 8590.614346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > > > [ 8590.615008] CR2: 00007f0576919150 CR3: 0000000649990000 CR4:
> > > > 00000000000406e0
> > > > [ 8590.615761] Call Trace:
> > > > [ 8590.615914] <TASK>
> > > > [ 8590.616425] ? mapping_evict_folio.part.0 (mm/truncate.c:630)
> > > >
> > > > [86/196]
> > > > [ 8590.616718] ? pagevec_lookup_range_tag (mm/swap.c:1122)
> > > > [ 8590.617492] ? __filemap_fdatawait_range (mm/filemap.c:518)
> > > > [ 8590.618140] ? xas_reload (mm/filemap.c:503)
> > > > [ 8590.618357] ? filemap_fdatawrite_wbc (./include/linux/backing-dev.h:138
> > > > mm/filemap.c:383)
> > > > [ 8590.619013] ? filemap_range_has_page (mm/filemap.c:498)
> > > > [ 8590.619866] ? delete_from_page_cache_batch (mm/filemap.c:413)
> > > > [ 8590.620201] ? rcu_read_lock_sched_held (kernel/rcu/update.c:125)
> > > > [ 8590.620864] ? filemap_check_errors (./arch/x86/include/asm/bitops.h:207
> > > > ./include/asm-generic/bitops/instrumented-non-atomic.h:135 mm/filemap.c:351)
> > > > [ 8590.621542] __iomap_dio_rw (fs/iomap/direct-io.c:582)
> > > > [ 8590.621768] ? iomap_dio_bio_iter (fs/iomap/direct-io.c:487)
> > > > [ 8590.622436] ? trace_xfs_setattr (fs/xfs/xfs_iops.c:1020) xfs
> > > > [ 8590.623386] ? iu[ 8590.708322] iomap_dio_rw (fs/iomap/direct-io.c:689)
> > > > [ 8590.724063] xfs_file_dio_write_aligned (fs/xfs/xfs_file.c:536) xfs
> > > > [ 8590.724539] ? xfs_file_dio_write_unaligned (fs/xfs/xfs_file.c:515) xfs
> > > > [ 8590.725586] xfs_file_write_iter (fs/xfs/xfs_file.c:792) xfs
> > > > [ 8590.726382] new_sync_write (fs/read_write.c:505 (discriminator 1))
> > > > [ 8590.726593] ? new_sync_read (fs/read_write.c:494)
> > > > [ 8590.726801] ? lock_acquire (kernel/locking/lockdep.c:466
> > > > kernel/locking/lockdep.c:5667 kernel/locking/lockdep.c:5630)
> > > > [ 8590.727040] ? rcu_read_unlock (./include/linux/rcupdate.h:724 (discriminator
> > > > 5))
> > > > [ 8590.727267] vfs_write (fs/read_write.c:591)
> > > > [ 8590.727815] __x64_sys_pwrite64 (fs/read_write.c:706 fs/read_write.c:716
> > > > fs/read_write.c:713 fs/read_write.c:713)
> > > > [ 8590.728051] ? vfs_write (fs/read_write.c:713)
> > > > [ 8590.728263] ? ktime_get_coarse_real_ts64 (./include/linux/seqlock.h:104
> > > > kernel/time/timekeeping.c:2258)
> > > > [ 8590.728546] do_syscall_64 (arch/x86/entry/common.c:50
> > > > arch/x86/entry/common.c:80)
> > > > [ 8590.728756] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8590.728983] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4383)
> > > > [ 8590.729600] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8590.729833] ? do_syscall_64+0x69/[ 8591.130203] ? lockdep_hardirqs_on
> > > > (kernel/locking/lockdep.c:4383)
> > > > [ 8591.130866] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8591.131115] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8591.131331] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8591.131576] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4383)
> > > > [ 8591.132207] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115)
> > > > [ 8591.132501] RIP: 0033:0x7f93f6d3cddf
> > > > [ 8591.132737] Code: 08 89 3c 24 48 89 4c 24 18 e8 6d fe f5 ff 4c 8b 54 24 18
> > > > 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00
> > > > f0 ff ff 77 31 44 89 c7 48 89 04
> > > > 24 e8 bd fe f5 ff 48 8b
> > > > All code
> > > > ========
> > > > 0: 08 89 3c 24 48 89 or %cl,-0x76b7dbc4(%rcx)
> > > > 6: 4c 24 18 rex.WR and $0x18,%al
> > > > 9: e8 6d fe f5 ff callq 0xfffffffffff5fe7b
> > > > e: 4c 8b 54 24 18 mov 0x18(%rsp),%r10
> > > > 13: 48 8b 54 24 10 mov 0x10(%rsp),%rdx
> > > > 18: 41 89 c0 mov %eax,%r8d
> > > > 1b: 48 8b 74 24 08 mov 0x8(%rsp),%rsi
> > > > 20: 8b 3c 24 mov (%rsp),%edi
> > > > 23: b8 12 00 00 00 mov $0x12,%eax
> > > > 28: 0f 05 syscall
> > > > 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <--
> > > > trapping instruction
> > > > 30: 77 31 ja 0x63
> > > > 32: 44 89 c7 mov %r8d,%edi
> > > > 35: 48 89 04 24 mov %rax,(%rsp)
> > > > 39: e8 bd fe f5 ff callq 0xfffffffffff5fefb
> > > > 3e: 48 rex.W
> > > > 3f: 8b .byte 0x8b
> > > >
> > > > Code starting with the faulting instruction
> > > > ===========================================
> > > > 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
> > > > 6: 77 31 ja 0x39
> > > > 8: 44 89 c7 mov %r8d,%edi
> > > > b: 48 89 04 24 mov %rax,(%rsp)
> > > > f: e8 bd fe f5 ff callq 0xfffffffffff5fed1
> > > > 14: 48 rex.W
> > > > 15: 8b .byte 0x8b
> > > > [ 8591.134056] RSP: 002b:00007ffd8aac5a20 EFLAGS: 00000293 ORIG_RAX:
> > > > 0000000000000012
> > > > [ 8591.134828] RAX: ffffffffffffffda RBX: 0000000007340000 RCX:
> > > > 00007f93f6d3cddf
> > > > [ 8591.135648] RDX: 0000000000010000 RSI: 0000000000b63000 RDI:
> > > > 0000000000000003
> > > > [ 8591.136425] RBP: 00000000ffffffff R08: 0000000000000000 R09:
> > > > 0000000000000079
> > > > [ 8591.137179] R10: 0000000007340000 R11: 0000000000000293 R12:
> > > > 0000000007340000
> > > > [ 8591.138020] R13: 0000000000000000 R14: 0000000000000734 R15:
> > > > 0000000018cc0000
> > > > [ 8591.138804] </TASK>
> > > > [ 8591.138985] Modules limi sysimgblt fb_sys_fops hpilo ipmi_si ipmi_devintf
> > > > ipmi_msghandler sunrpc acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi
> > > > crc64_rocksoft_generic crc64_rocksoft
> > > > crc64 sr_mod cdrom sg crct10dif_pclmul crc32_pclmul crc32c_intel ahci
> > > > ata_generic libahci ghash_clmulni_intel serio_raw libata hpsa tg3
> > > > scsi_transport_sas hpwdt [last unloaded: scsi_debug]
> > > > [ 8591.641707] ---[ end trace 0000000000000000 ]---
> > > > [ 8591.644539] amd_iommu_report_page_fault: 501 callbacks suppressed
> > > > [ 8591.644554] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.650728] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.655235] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.661240] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.666237] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.670741] hpilo 0000:02:00.2: AMD-ViIP: 0010:invalidate_inode_pages2_range
> > > > (mm/truncate.c:669 (discriminator 1))
> > > > [ 8591.676251] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49
> > > > 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8
> > > > 37 ec fd ff 4c 89 ff e8 9f c3 03
> > > > 00 84 c0 0f 85 2d 02 00
> > > > All code
> > > > ========
> > > > 0: c0 03 38 rolb $0x38,(%rbx)
> > > > 3: d0 7c 08 84 sarb -0x7c(%rax,%rcx,1)
> > > > 7: d2 0f rorb %cl,(%rdi)
> > > > 9: 85 aa 06 00 00 41 test %ebp,0x41000006(%rdx)
> > > > f: 8b 47 5c mov 0x5c(%rdi),%eax
> > > > 12: 49 39 c6 cmp %rax,%r14
> > > > 15: 0f 82 80 fe ff ff jb 0xfffffffffffffe9b
> > > > 1b: 48 c7 c6 a0 3b 55 99 mov $0xffffffff99553ba0,%rsi
> > > > 22: 4c 89 ff mov %r15,%rdi
> > > > 25: e8 7e 9f 07 00 callq 0x79fa8
> > > > 2a:* 0f 0b ud2 <-- trapping instruction
> > > > 2c: e8 37 ec fd ff callq 0xfffffffffffdec68
> > > > 31: 4c 89 ff mov %r15,%rdi
> > > > 34: e8 9f c3 03 00 callq 0x3c3d8
> > > > 39: 84 c0 test %al,%al
> > > > 3b: 0f .byte 0xf
> > > > 3c: 85 .byte 0x85
> > > > 3d: 2d .byte 0x2d
> > > > 3e: 02 00 add (%rax),%al
> > > >
> > > > Code starting with the faulting instruction
> > > > ===========================================
> > > > 0: 0f 0b ud2
> > > > 2: e8 37 ec fd ff callq 0xfffffffffffdec3e
> > > > 7: 4c 89 ff mov %r15,%rdi
> > > > a: e8 9f c3 03 00 callq 0x3c3ae
> > > > f: 84 c0 test %al,%al
> > > > 11: 0f .byte 0xf
> > > > 12: 85 .byte 0x85
> > > > 13: 2d .byte 0x2d
> > > > 14: 02 00 add (%rax),%al
> > > > [ 8591.676261] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
> > > > [ 8591.676273] RAX: 0000000000000043 RBX: dffffc0000000000 RCX:
> > > > 0000000000000000
> > > > [ 8591.676279] RDX: 0000000000000001 RSI: 0000000000000004 RDI:
> > > > fffff520017b2eca
> > > > [ 8591.676287] RBP: 0000000000000000 R08: 0000000000000043 R09:
> > > > ffff8888367efd0b
> > > > [ 8591.676293] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12:
> > > > ffff88825a578418
> > > > [ 8591.676327] R13: 0000000000007340 R14: 000000000000733f R15:
> > > > ffffea000a9e8000
> > > > [ 8591.676336] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000)
> > > > knlGS:0000000000000000
> > > > [ 8591.676344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > > > [ 8591.676350] CR2: 00007f0576919150 CR3: 0000000649990000 CR4:
> > > > 00000000000406e0
> > > > [ 8591.013708] restraintd[1356]: *** Current Time: Fri Jun 10 17:59:44 2022
> > > > Localwatchdog at: Sun Jun 12 15:40:44 2022
> > > > [-- MARK -- Fri Jun 10 22:00:00 2022]
> > > >
> > > > --
> > > > You may reply to this email to add a comment.
> > > >
> > > > You are receiving this mail because:
> > > > You are the assignee for the bug.
> > >
> >
>
prev parent reply other threads:[~2022-06-13 1:09 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20220611130749.907103f24560c05e28499a5d@linux-foundation.org>
2022-06-11 20:33 ` Fw: [Bug 216114] New: page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and kernel BUG at mm/truncate.c:669! Matthew Wilcox
2022-06-12 4:37 ` Zorro Lang
2022-06-12 19:22 ` Matthew Wilcox
2022-06-13 1:08 ` Zorro Lang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220613010850.6kmpenitmuct2osb@zlang-mailbox \
--to=zlang@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=linux-mm@kvack.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.