* f2fs get_dnode_of_data oops
@ 2014-09-07 19:14 Tommi Rantala
2014-09-07 19:20 ` Tommi Rantala
0 siblings, 1 reply; 14+ messages in thread
From: Tommi Rantala @ 2014-09-07 19:14 UTC (permalink / raw)
To: linux-f2fs-devel, Jaegeuk Kim, Changman Lee; +Cc: LKML, trinity, Dave Jones
Hello,
Hit this oops while fuzzing v3.17-rc3-176-g2b12164 with Trinity.
Tommi
BUG: unable to handle kernel paging request at ffff8804338717a8
IP: [<ffffffff81779039>] get_dnode_of_data+0x3a9/0x440
PGD 4594067 PUD 0
Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
CPU: 0 PID: 4719 Comm: trinity-c3 Not tainted 3.17.0-rc3+ #33
Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
task: ffff880015630000 ti: ffff88000724c000 task.ti: ffff88000724c000
RIP: 0010:[<ffffffff81779039>] [<ffffffff81779039>]
get_dnode_of_data+0x3a9/0x440
RSP: 0018:ffff88000724fe08 EFLAGS: 00010246
RAX: ffff880033874000 RBX: 00000000000000f8 RCX: 00000000fffff590
RDX: ffff880033874168 RSI: ffff88000724fd98 RDI: ffff88000724fef0
RBP: ffff88000724feb8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000001 R11: ffffffff83b33f90 R12: fffffffffffff590
R13: 0000000000000000 R14: ffffea0000ce1d00 R15: ffff8800209f8000
FS: 00007f2bd22dc700(0000) GS:ffff88003fa00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: ffff8804338717a8 CR3: 00000000346c0000 CR4: 00000000000006f0
DR0: 000000000185d000 DR1: 000000000185d000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 00000000000b0602
Stack:
ffff88000724fef0 ffff88000724fe30 ffff880036c18000 0000000000000004
ffff8800209f80f0 00000002fffff590 ffffffff81189f1d ffff8800fffff590
0000000000000246 ffffffff00000000 ffffffff81189ce0 ffffffff000000f8
Call Trace:
[<ffffffff81189f1d>] ? trace_hardirqs_on+0xd/0x10
[<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
[<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[<ffffffff81763417>] f2fs_llseek+0xf7/0x420
[<ffffffff8127e4d5>] SyS_lseek+0x65/0xa0
[<ffffffff8259b229>] system_call_fastpath+0x16/0x1b
Code: ba 00 00 00 00 00 88 ff ff 48 c1 f8 06 48 c1 e0 0c 48 01 d0 8b
98 ec 0f 00 00 39 98 e8 0f 00 00 48 8d 90 68 01 00 00 48 0f 45 d0 <8b>
04 8a 89 47 24 31 c0 eb 75 41 bc e4 ff ff ff 4d 85 f6 74 19
RIP [<ffffffff81779039>] get_dnode_of_data+0x3a9/0x440
RSP <ffff88000724fe08>
CR2: ffff8804338717a8
---[ end trace bed7b35d1c48e9c3 ]---
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
2014-09-07 19:14 f2fs get_dnode_of_data oops Tommi Rantala
@ 2014-09-07 19:20 ` Tommi Rantala
2014-09-08 4:20 ` Jaegeuk Kim
0 siblings, 1 reply; 14+ messages in thread
From: Tommi Rantala @ 2014-09-07 19:20 UTC (permalink / raw)
To: linux-f2fs-devel, Jaegeuk Kim, Changman Lee; +Cc: LKML, trinity, Dave Jones
2014-09-07 22:14 GMT+03:00 Tommi Rantala <tt.rantala@gmail.com>:
> Hello,
>
> Hit this oops while fuzzing v3.17-rc3-176-g2b12164 with Trinity.
>
> Tommi
>
>
> BUG: unable to handle kernel paging request at ffff8804338717a8
> IP: [<ffffffff81779039>] get_dnode_of_data+0x3a9/0x440
> PGD 4594067 PUD 0
> Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
> CPU: 0 PID: 4719 Comm: trinity-c3 Not tainted 3.17.0-rc3+ #33
> Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> task: ffff880015630000 ti: ffff88000724c000 task.ti: ffff88000724c000
> RIP: 0010:[<ffffffff81779039>] [<ffffffff81779039>]
> get_dnode_of_data+0x3a9/0x440
> RSP: 0018:ffff88000724fe08 EFLAGS: 00010246
> RAX: ffff880033874000 RBX: 00000000000000f8 RCX: 00000000fffff590
> RDX: ffff880033874168 RSI: ffff88000724fd98 RDI: ffff88000724fef0
> RBP: ffff88000724feb8 R08: 0000000000000000 R09: 0000000000000000
> R10: 0000000000000001 R11: ffffffff83b33f90 R12: fffffffffffff590
> R13: 0000000000000000 R14: ffffea0000ce1d00 R15: ffff8800209f8000
> FS: 00007f2bd22dc700(0000) GS:ffff88003fa00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> CR2: ffff8804338717a8 CR3: 00000000346c0000 CR4: 00000000000006f0
> DR0: 000000000185d000 DR1: 000000000185d000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 00000000000b0602
> Stack:
> ffff88000724fef0 ffff88000724fe30 ffff880036c18000 0000000000000004
> ffff8800209f80f0 00000002fffff590 ffffffff81189f1d ffff8800fffff590
> 0000000000000246 ffffffff00000000 ffffffff81189ce0 ffffffff000000f8
> Call Trace:
> [<ffffffff81189f1d>] ? trace_hardirqs_on+0xd/0x10
> [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
> [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
> [<ffffffff81763417>] f2fs_llseek+0xf7/0x420
> [<ffffffff8127e4d5>] SyS_lseek+0x65/0xa0
> [<ffffffff8259b229>] system_call_fastpath+0x16/0x1b
> Code: ba 00 00 00 00 00 88 ff ff 48 c1 f8 06 48 c1 e0 0c 48 01 d0 8b
> 98 ec 0f 00 00 39 98 e8 0f 00 00 48 8d 90 68 01 00 00 48 0f 45 d0 <8b>
> 04 8a 89 47 24 31 c0 eb 75 41 bc e4 ff ff ff 4d 85 f6 74 19
> RIP [<ffffffff81779039>] get_dnode_of_data+0x3a9/0x440
> RSP <ffff88000724fe08>
> CR2: ffff8804338717a8
> ---[ end trace bed7b35d1c48e9c3 ]---
If it helps, here is the location of the crash:
(gdb) list *0xffffffff81779039
0xffffffff81779039 is in get_dnode_of_data (fs/f2fs/f2fs.h:950).
945 {
946 struct f2fs_node *raw_node;
947 __le32 *addr_array;
948 raw_node = F2FS_NODE(node_page);
949 addr_array = blkaddr_in_node(raw_node);
950 return le32_to_cpu(addr_array[offset]);
951 }
952
953 static inline int f2fs_test_bit(unsigned int nr, char *addr)
954 {
(gdb)
Tommi
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
2014-09-07 19:20 ` Tommi Rantala
@ 2014-09-08 4:20 ` Jaegeuk Kim
2014-09-08 15:39 ` Tommi Rantala
0 siblings, 1 reply; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-08 4:20 UTC (permalink / raw)
To: Tommi Rantala; +Cc: linux-f2fs-devel, Changman Lee, LKML, trinity, Dave Jones
Hi,
Thank you for the report.
Could you share a little bit more information about the file accessing
f2fs_llseek?
E.g., file size, file offset, file allocation information, or dump of that file.
Thanks,
On Sun, Sep 07, 2014 at 10:20:44PM +0300, Tommi Rantala wrote:
> 2014-09-07 22:14 GMT+03:00 Tommi Rantala <tt.rantala@gmail.com>:
> > Hello,
> >
> > Hit this oops while fuzzing v3.17-rc3-176-g2b12164 with Trinity.
> >
> > Tommi
> >
> >
> > BUG: unable to handle kernel paging request at ffff8804338717a8
> > IP: [<ffffffff81779039>] get_dnode_of_data+0x3a9/0x440
> > PGD 4594067 PUD 0
> > Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
> > CPU: 0 PID: 4719 Comm: trinity-c3 Not tainted 3.17.0-rc3+ #33
> > Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> > task: ffff880015630000 ti: ffff88000724c000 task.ti: ffff88000724c000
> > RIP: 0010:[<ffffffff81779039>] [<ffffffff81779039>]
> > get_dnode_of_data+0x3a9/0x440
> > RSP: 0018:ffff88000724fe08 EFLAGS: 00010246
> > RAX: ffff880033874000 RBX: 00000000000000f8 RCX: 00000000fffff590
> > RDX: ffff880033874168 RSI: ffff88000724fd98 RDI: ffff88000724fef0
> > RBP: ffff88000724feb8 R08: 0000000000000000 R09: 0000000000000000
> > R10: 0000000000000001 R11: ffffffff83b33f90 R12: fffffffffffff590
> > R13: 0000000000000000 R14: ffffea0000ce1d00 R15: ffff8800209f8000
> > FS: 00007f2bd22dc700(0000) GS:ffff88003fa00000(0000) knlGS:0000000000000000
> > CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> > CR2: ffff8804338717a8 CR3: 00000000346c0000 CR4: 00000000000006f0
> > DR0: 000000000185d000 DR1: 000000000185d000 DR2: 0000000000000000
> > DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 00000000000b0602
> > Stack:
> > ffff88000724fef0 ffff88000724fe30 ffff880036c18000 0000000000000004
> > ffff8800209f80f0 00000002fffff590 ffffffff81189f1d ffff8800fffff590
> > 0000000000000246 ffffffff00000000 ffffffff81189ce0 ffffffff000000f8
> > Call Trace:
> > [<ffffffff81189f1d>] ? trace_hardirqs_on+0xd/0x10
> > [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
> > [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
> > [<ffffffff81763417>] f2fs_llseek+0xf7/0x420
> > [<ffffffff8127e4d5>] SyS_lseek+0x65/0xa0
> > [<ffffffff8259b229>] system_call_fastpath+0x16/0x1b
> > Code: ba 00 00 00 00 00 88 ff ff 48 c1 f8 06 48 c1 e0 0c 48 01 d0 8b
> > 98 ec 0f 00 00 39 98 e8 0f 00 00 48 8d 90 68 01 00 00 48 0f 45 d0 <8b>
> > 04 8a 89 47 24 31 c0 eb 75 41 bc e4 ff ff ff 4d 85 f6 74 19
> > RIP [<ffffffff81779039>] get_dnode_of_data+0x3a9/0x440
> > RSP <ffff88000724fe08>
> > CR2: ffff8804338717a8
> > ---[ end trace bed7b35d1c48e9c3 ]---
>
> If it helps, here is the location of the crash:
>
> (gdb) list *0xffffffff81779039
> 0xffffffff81779039 is in get_dnode_of_data (fs/f2fs/f2fs.h:950).
> 945 {
> 946 struct f2fs_node *raw_node;
> 947 __le32 *addr_array;
> 948 raw_node = F2FS_NODE(node_page);
> 949 addr_array = blkaddr_in_node(raw_node);
> 950 return le32_to_cpu(addr_array[offset]);
> 951 }
> 952
> 953 static inline int f2fs_test_bit(unsigned int nr, char *addr)
> 954 {
> (gdb)
>
> Tommi
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
2014-09-08 4:20 ` Jaegeuk Kim
@ 2014-09-08 15:39 ` Tommi Rantala
0 siblings, 0 replies; 14+ messages in thread
From: Tommi Rantala @ 2014-09-08 15:39 UTC (permalink / raw)
To: Jaegeuk Kim; +Cc: linux-f2fs-devel, Changman Lee, LKML, trinity, Dave Jones
2014-09-08 7:20 GMT+03:00 Jaegeuk Kim <jaegeuk@kernel.org>:
> Hi,
>
> Thank you for the report.
> Could you share a little bit more information about the file accessing
> f2fs_llseek?
> E.g., file size, file offset, file allocation information, or dump of that file.
Hi,
I can reproduce the bug with the following.
-17595150933902 is just something I saw trinity passing to lseek().
#define _GNU_SOURCE
#include <fcntl.h>
#include <stdio.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
int main(int argc, char **argv)
{
int fd;
if (argc < 2) {
printf("give filename\n");
return 1;
}
fd = open(argv[1], O_RDONLY);
if (fd < 0) {
perror("open");
return 1;
}
lseek(fd, -17595150933902LL, SEEK_DATA);
return 0;
}
{ttrantal@arkki ~}> touch /f2fs/x ; ./a.out /f2fs/x
[ 73.437182] BUG: unable to handle kernel paging request at ffff88043368e340
[ 73.438035] IP: [<ffffffff817792d9>] get_dnode_of_data+0x3a9/0x440
[ 73.438035] PGD 4595067 PUD 0
[ 73.438035] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
[ 73.438035] CPU: 0 PID: 2933 Comm: a.out Not tainted 3.17.0-rc4+ #37
[ 73.438035] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 73.438035] task: ffff88003755cac0 ti: ffff880022734000 task.ti:
ffff880022734000
[ 73.438035] RIP: 0010:[<ffffffff817792d9>] [<ffffffff817792d9>]
get_dnode_of_data+0x3a9/0x440
[ 73.438035] RSP: 0018:ffff880022737e08 EFLAGS: 00010246
[ 73.438035] RAX: ffff880033951000 RBX: 000000000000010b RCX: 00000000fff4f476
[ 73.438035] RDX: ffff880033951168 RSI: 000000111932488f RDI: ffff880022737ef0
[ 73.438035] RBP: ffff880022737eb8 R08: 0000000000000148 R09: 0000000000000000
[ 73.438035] R10: 0000000000008b86 R11: 0000000000000001 R12: fffffffefff4f476
[ 73.438035] R13: 0000000000000000 R14: ffffea0000ce5440 R15: ffff880021c28000
[ 73.438035] FS: 00007fefc2f08700(0000) GS:ffff88003fa00000(0000)
knlGS:0000000000000000
[ 73.438035] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 73.438035] CR2: ffff88043368e340 CR3: 0000000032d6b000 CR4: 00000000000006f0
[ 73.438035] Stack:
[ 73.438035] ffff880022737ef0 ffffffff81228d7c ffff88003d9fe7b0
ffff880022737eb8
[ 73.438035] ffffffff81763164 00000002ffffffff 0000000000000000
00000000fff4f476
[ 73.438035] 0000000000000246 ffffffff00000000 ffffffff8259bd47
ffffffff0000010b
[ 73.438035] Call Trace:
[ 73.438035] [<ffffffff81228d7c>] ? pagevec_lookup_tag+0x1c/0x30
[ 73.438035] [<ffffffff81763164>] ? __get_first_dirty_index+0x44/0x90
[ 73.438035] [<ffffffff8259bd47>] ? _raw_spin_unlock_irq+0x27/0x40
[ 73.438035] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 73.438035] [<ffffffff817636b7>] f2fs_llseek+0xf7/0x420
[ 73.438035] [<ffffffff8127e735>] SyS_lseek+0x65/0xa0
[ 73.438035] [<ffffffff8259caa9>] system_call_fastpath+0x16/0x1b
[ 73.438035] Code: ba 00 00 00 00 00 88 ff ff 48 c1 f8 06 48 c1 e0
0c 48 01 d0 8b 98 ec 0f 00 00 39 98 e8 0f 00 00 48 8d 90 68 01 00 00
48 0f 45 d0 <8b> 04 8a 89 47 24 31 c0 eb 75 41 bc e4 ff ff ff 4d 85 f6
74 19
[ 73.438035] RIP [<ffffffff817792d9>] get_dnode_of_data+0x3a9/0x440
[ 73.438035] RSP <ffff880022737e08>
[ 73.438035] CR2: ffff88043368e340
[ 73.438035] ---[ end trace e94f7065a7961f54 ]---
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
@ 2014-09-08 15:39 ` Tommi Rantala
0 siblings, 0 replies; 14+ messages in thread
From: Tommi Rantala @ 2014-09-08 15:39 UTC (permalink / raw)
To: Jaegeuk Kim; +Cc: Dave Jones, trinity, LKML, linux-f2fs-devel
2014-09-08 7:20 GMT+03:00 Jaegeuk Kim <jaegeuk@kernel.org>:
> Hi,
>
> Thank you for the report.
> Could you share a little bit more information about the file accessing
> f2fs_llseek?
> E.g., file size, file offset, file allocation information, or dump of that file.
Hi,
I can reproduce the bug with the following.
-17595150933902 is just something I saw trinity passing to lseek().
#define _GNU_SOURCE
#include <fcntl.h>
#include <stdio.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
int main(int argc, char **argv)
{
int fd;
if (argc < 2) {
printf("give filename\n");
return 1;
}
fd = open(argv[1], O_RDONLY);
if (fd < 0) {
perror("open");
return 1;
}
lseek(fd, -17595150933902LL, SEEK_DATA);
return 0;
}
{ttrantal@arkki ~}> touch /f2fs/x ; ./a.out /f2fs/x
[ 73.437182] BUG: unable to handle kernel paging request at ffff88043368e340
[ 73.438035] IP: [<ffffffff817792d9>] get_dnode_of_data+0x3a9/0x440
[ 73.438035] PGD 4595067 PUD 0
[ 73.438035] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
[ 73.438035] CPU: 0 PID: 2933 Comm: a.out Not tainted 3.17.0-rc4+ #37
[ 73.438035] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 73.438035] task: ffff88003755cac0 ti: ffff880022734000 task.ti:
ffff880022734000
[ 73.438035] RIP: 0010:[<ffffffff817792d9>] [<ffffffff817792d9>]
get_dnode_of_data+0x3a9/0x440
[ 73.438035] RSP: 0018:ffff880022737e08 EFLAGS: 00010246
[ 73.438035] RAX: ffff880033951000 RBX: 000000000000010b RCX: 00000000fff4f476
[ 73.438035] RDX: ffff880033951168 RSI: 000000111932488f RDI: ffff880022737ef0
[ 73.438035] RBP: ffff880022737eb8 R08: 0000000000000148 R09: 0000000000000000
[ 73.438035] R10: 0000000000008b86 R11: 0000000000000001 R12: fffffffefff4f476
[ 73.438035] R13: 0000000000000000 R14: ffffea0000ce5440 R15: ffff880021c28000
[ 73.438035] FS: 00007fefc2f08700(0000) GS:ffff88003fa00000(0000)
knlGS:0000000000000000
[ 73.438035] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 73.438035] CR2: ffff88043368e340 CR3: 0000000032d6b000 CR4: 00000000000006f0
[ 73.438035] Stack:
[ 73.438035] ffff880022737ef0 ffffffff81228d7c ffff88003d9fe7b0
ffff880022737eb8
[ 73.438035] ffffffff81763164 00000002ffffffff 0000000000000000
00000000fff4f476
[ 73.438035] 0000000000000246 ffffffff00000000 ffffffff8259bd47
ffffffff0000010b
[ 73.438035] Call Trace:
[ 73.438035] [<ffffffff81228d7c>] ? pagevec_lookup_tag+0x1c/0x30
[ 73.438035] [<ffffffff81763164>] ? __get_first_dirty_index+0x44/0x90
[ 73.438035] [<ffffffff8259bd47>] ? _raw_spin_unlock_irq+0x27/0x40
[ 73.438035] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 73.438035] [<ffffffff817636b7>] f2fs_llseek+0xf7/0x420
[ 73.438035] [<ffffffff8127e735>] SyS_lseek+0x65/0xa0
[ 73.438035] [<ffffffff8259caa9>] system_call_fastpath+0x16/0x1b
[ 73.438035] Code: ba 00 00 00 00 00 88 ff ff 48 c1 f8 06 48 c1 e0
0c 48 01 d0 8b 98 ec 0f 00 00 39 98 e8 0f 00 00 48 8d 90 68 01 00 00
48 0f 45 d0 <8b> 04 8a 89 47 24 31 c0 eb 75 41 bc e4 ff ff ff 4d 85 f6
74 19
[ 73.438035] RIP [<ffffffff817792d9>] get_dnode_of_data+0x3a9/0x440
[ 73.438035] RSP <ffff880022737e08>
[ 73.438035] CR2: ffff88043368e340
[ 73.438035] ---[ end trace e94f7065a7961f54 ]---
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
2014-09-08 15:39 ` Tommi Rantala
(?)
@ 2014-09-09 4:41 ` Jaegeuk Kim
-1 siblings, 0 replies; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-09 4:41 UTC (permalink / raw)
To: Tommi Rantala; +Cc: linux-f2fs-devel, Changman Lee, LKML, trinity, Dave Jones
Hi Tommi,
This patch should resolve this bug.
Thanks a lot. :)
>From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@kernel.org>
Date: Mon, 8 Sep 2014 10:59:43 -0700
Subject: [PATCH] f2fs: fix negative value for lseek offset
If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
by Tommi Rantala.
He could make a simple code to detect this having:
lseek(fd, -17595150933902LL, SEEK_DATA);
This patch should resolve that bug.
Reported-by: Tommi Rentala <tt.rantala@gmail.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 9f0ea3d..c9a1295 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -281,7 +281,7 @@ static loff_t f2fs_seek_block(struct file *file, loff_t offset, int whence)
mutex_lock(&inode->i_mutex);
isize = i_size_read(inode);
- if (offset >= isize)
+ if (offset >= isize || offset < 0)
goto fail;
/* handle inline data case */
--
1.8.5.2 (Apple Git-48)
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
@ 2014-09-09 4:41 ` Jaegeuk Kim
0 siblings, 0 replies; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-09 4:41 UTC (permalink / raw)
To: Tommi Rantala; +Cc: Dave Jones, trinity, LKML, linux-f2fs-devel
Hi Tommi,
This patch should resolve this bug.
Thanks a lot. :)
>From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@kernel.org>
Date: Mon, 8 Sep 2014 10:59:43 -0700
Subject: [PATCH] f2fs: fix negative value for lseek offset
If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
by Tommi Rantala.
He could make a simple code to detect this having:
lseek(fd, -17595150933902LL, SEEK_DATA);
This patch should resolve that bug.
Reported-by: Tommi Rentala <tt.rantala@gmail.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 9f0ea3d..c9a1295 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -281,7 +281,7 @@ static loff_t f2fs_seek_block(struct file *file, loff_t offset, int whence)
mutex_lock(&inode->i_mutex);
isize = i_size_read(inode);
- if (offset >= isize)
+ if (offset >= isize || offset < 0)
goto fail;
/* handle inline data case */
--
1.8.5.2 (Apple Git-48)
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
@ 2014-09-09 4:41 ` Jaegeuk Kim
0 siblings, 0 replies; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-09 4:41 UTC (permalink / raw)
To: Tommi Rantala; +Cc: Dave Jones, trinity, LKML, linux-f2fs-devel
Hi Tommi,
This patch should resolve this bug.
Thanks a lot. :)
From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@kernel.org>
Date: Mon, 8 Sep 2014 10:59:43 -0700
Subject: [PATCH] f2fs: fix negative value for lseek offset
If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
by Tommi Rantala.
He could make a simple code to detect this having:
lseek(fd, -17595150933902LL, SEEK_DATA);
This patch should resolve that bug.
Reported-by: Tommi Rentala <tt.rantala@gmail.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 9f0ea3d..c9a1295 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -281,7 +281,7 @@ static loff_t f2fs_seek_block(struct file *file, loff_t offset, int whence)
mutex_lock(&inode->i_mutex);
isize = i_size_read(inode);
- if (offset >= isize)
+ if (offset >= isize || offset < 0)
goto fail;
/* handle inline data case */
--
1.8.5.2 (Apple Git-48)
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
^ permalink raw reply related [flat|nested] 14+ messages in thread
* RE: [f2fs-dev] f2fs get_dnode_of_data oops
2014-09-09 4:41 ` Jaegeuk Kim
(?)
(?)
@ 2014-09-09 8:10 ` Chao Yu
2014-09-10 7:23 ` Jaegeuk Kim
-1 siblings, 1 reply; 14+ messages in thread
From: Chao Yu @ 2014-09-09 8:10 UTC (permalink / raw)
To: 'Jaegeuk Kim', 'Tommi Rantala'
Cc: 'Dave Jones', trinity, 'LKML', linux-f2fs-devel
Hi Jaegeuk,
Looks good to me!
One nitpick, how about judging this condition before we lock ->i_mutex to
avoid unneeded lock contention and invoking of i_size_read()?
Thanks,
Yu
> -----Original Message-----
> From: Jaegeuk Kim [mailto:jaegeuk@kernel.org]
> Sent: Tuesday, September 09, 2014 12:42 PM
> To: Tommi Rantala
> Cc: Dave Jones; trinity@vger.kernel.org; LKML; linux-f2fs-devel@lists.sourceforge.net
> Subject: Re: [f2fs-dev] f2fs get_dnode_of_data oops
>
> Hi Tommi,
>
> This patch should resolve this bug.
> Thanks a lot. :)
>
> >From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
> From: Jaegeuk Kim <jaegeuk@kernel.org>
> Date: Mon, 8 Sep 2014 10:59:43 -0700
> Subject: [PATCH] f2fs: fix negative value for lseek offset
>
> If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
> previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
> by Tommi Rantala.
>
> He could make a simple code to detect this having:
> lseek(fd, -17595150933902LL, SEEK_DATA);
>
> This patch should resolve that bug.
>
> Reported-by: Tommi Rentala <tt.rantala@gmail.com>
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> ---
> fs/f2fs/file.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index 9f0ea3d..c9a1295 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -281,7 +281,7 @@ static loff_t f2fs_seek_block(struct file *file, loff_t offset, int whence)
> mutex_lock(&inode->i_mutex);
>
> isize = i_size_read(inode);
> - if (offset >= isize)
> + if (offset >= isize || offset < 0)
> goto fail;
>
> /* handle inline data case */
> --
> 1.8.5.2 (Apple Git-48)
>
>
> ------------------------------------------------------------------------------
> Want excitement?
> Manually upgrade your production database.
> When you want reliability, choose Perforce.
> Perforce version control. Predictably reliable.
> http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
2014-09-09 4:41 ` Jaegeuk Kim
@ 2014-09-09 18:24 ` Tommi Rantala
-1 siblings, 0 replies; 14+ messages in thread
From: Tommi Rantala @ 2014-09-09 18:24 UTC (permalink / raw)
To: Jaegeuk Kim; +Cc: linux-f2fs-devel, Changman Lee, LKML, trinity, Dave Jones
2014-09-09 7:41 GMT+03:00 Jaegeuk Kim <jaegeuk@kernel.org>:
> Hi Tommi,
>
> This patch should resolve this bug.
> Thanks a lot. :)
>
> From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
> From: Jaegeuk Kim <jaegeuk@kernel.org>
> Date: Mon, 8 Sep 2014 10:59:43 -0700
> Subject: [PATCH] f2fs: fix negative value for lseek offset
>
Thanks, with this patch applied, I could not reproduce the lseek oops,
but now I hit the following:
[ 720.673788] ------------[ cut here ]------------
[ 720.674011] kernel BUG at fs/f2fs/node.c:1229!
[ 720.674011] invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC
[ 720.674011] CPU: 0 PID: 5298 Comm: trinity-c15 Not tainted 3.17.0-rc4+ #38
[ 720.674011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 720.674011] task: ffff88002c468000 ti: ffff88002c470000 task.ti:
ffff88002c470000
[ 720.674011] RIP: 0010:[<ffffffff81776681>] [<ffffffff81776681>]
f2fs_write_node_page+0x171/0x290
[ 720.674011] RSP: 0018:ffff88002c473cb0 EFLAGS: 00010206
[ 720.674011] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00006173c0
[ 720.674011] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffffea00006173c0
[ 720.674011] RBP: ffff88002c473cf8 R08: 0000000000000000 R09: 0000000000000000
[ 720.674011] R10: 0000000000000001 R11: ffff8800185cf000 R12: ffffea00006173c0
[ 720.674011] R13: ffff8800399d4520 R14: ffff88002c473e68 R15: ffff8800185cf000
[ 720.674011] FS: 00007fb4b61d4700(0000) GS:ffff88003fa00000(0000)
knlGS:0000000000000000
[ 720.674011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 720.674011] CR2: 0000000000000008 CR3: 000000002c450000 CR4: 00000000000006f0
[ 720.674011] DR0: 0000000001ee3000 DR1: 00000000019d3000 DR2: 0000000000000000
[ 720.674011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 720.674011] Stack:
[ 720.674011] ffffffff81189e75 0000041100000001 ffff880037cb10a8
ffff88002c473cd8
[ 720.674011] ffff880000000000 0000160000000000 ffff88002c473d58
0000000000000000
[ 720.674011] 0000000000000001 ffff88002c473df0 ffffffff81778745
0000000000000000
[ 720.674011] Call Trace:
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff81778745>] sync_node_pages+0x415/0x5f0
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff8176f52d>] write_checkpoint+0x21d/0xeb0
[ 720.674011] [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
[ 720.674011] [<ffffffff82597685>] ? mutex_lock_nested+0x435/0x4b0
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff81769680>] f2fs_sync_fs+0x100/0x180
[ 720.674011] [<ffffffff812b27ab>] sync_fs_one_sb+0x1b/0x20
[ 720.674011] [<ffffffff8128198f>] iterate_supers+0x7f/0xe0
[ 720.674011] [<ffffffff812b2a00>] sys_sync+0x50/0x90
[ 720.674011] [<ffffffff8259cae9>] system_call_fastpath+0x16/0x1b
[ 720.674011] Code: 63 00 00 48 b8 00 00 00 00 00 16 00 00 4c 01 e0
48 c1 f8 06 48 c1 e0 0c 49 01 c7 41 8b 9f e8 0f 00 00 89 d8 49 39 44
24 10 74 07 <0f> 0b 0f 1f 44 00 00 48 8d 55 c8 89 de 4c 89 ef e8 3a fb
ff ff
[ 720.674011] RIP [<ffffffff81776681>] f2fs_write_node_page+0x171/0x290
[ 720.674011] RSP <ffff88002c473cb0>
[ 720.674011] ------------[ cut here ]------------
[ 720.674011] kernel BUG at arch/x86/mm/pageattr.c:216!
[ 720.674011] invalid opcode: 0000 [#2] SMP DEBUG_PAGEALLOC
[ 720.674011] CPU: 0 PID: 5298 Comm: trinity-c15 Not tainted 3.17.0-rc4+ #38
[ 720.674011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 720.674011] task: ffff88002c468000 ti: ffff88002c470000 task.ti:
ffff88002c470000
[ 720.674011] RIP: 0010:[<ffffffff810b0fe0>] [<ffffffff810b0fe0>]
change_page_attr_set_clr+0x250/0x430
[ 720.674011] RSP: 0018:ffff88002c4730b8 EFLAGS: 00010046
[ 720.674011] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000010
[ 720.674011] RDX: 0000000000004600 RSI: 0000000000000000 RDI: 0000000080000000
[ 720.674011] RBP: ffff88002c473148 R08: 0000000000000001 R09: ffff880000000000
[ 720.674011] R10: ffff880034780738 R11: ffff88000e526610 R12: 0000000000000000
[ 720.674011] R13: 0000000000000010 R14: 0000000000000004 R15: 0000000000000005
[ 720.674011] FS: 00007fb4b61d4700(0000) GS:ffff88003fa00000(0000)
knlGS:0000000000000000
[ 720.674011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 720.674011] CR2: 0000000000000008 CR3: 000000002c450000 CR4: 00000000000006f0
[ 720.674011] DR0: 0000000001ee3000 DR1: 00000000019d3000 DR2: 0000000000000000
[ 720.674011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 720.674011] Stack:
[ 720.674011] 0000000000000000 0000000000000000 0000000000000000
ffffffff00000200
[ 720.674011] ffff880000000001 0000000000000000 0000000000000000
0000000000000010
[ 720.674011] 0000000000000000 0000000500000001 0000000000005d4d
0000020000000000
[ 720.674011] Call Trace:
[ 720.674011] [<ffffffff810b1396>] _set_pages_array+0x86/0x130
[ 720.674011] [<ffffffff810b1a3e>] set_pages_array_wc+0xe/0x10
[ 720.674011] [<ffffffff81965487>] ttm_set_pages_caching+0x47/0x70
[ 720.674011] [<ffffffff819655f3>] ttm_alloc_new_pages.isra.4+0xf3/0x190
[ 720.674011] [<ffffffff81965ff5>] ttm_pool_populate+0x1b5/0x490
[ 720.674011] [<ffffffff81ae0c59>] cirrus_ttm_tt_populate+0x9/0x10
[ 720.674011] [<ffffffff81961a03>] ttm_bo_move_memcpy+0x183/0x640
[ 720.674011] [<ffffffff81ae0ba3>] cirrus_bo_move+0x13/0x20
[ 720.674011] [<ffffffff8195f081>] ttm_bo_handle_move_mem+0x251/0x590
[ 720.674011] [<ffffffff8196029c>] ? ttm_bo_mem_space+0xbc/0x310
[ 720.674011] [<ffffffff8196093d>] ttm_bo_validate+0x1bd/0x2c0
[ 720.674011] [<ffffffff81ae128c>] cirrus_bo_push_sysram+0x8c/0xd0
[ 720.674011] [<ffffffff81adf609>]
cirrus_crtc_do_set_base.isra.7.constprop.9+0x89/0x3e0
[ 720.674011] [<ffffffff81adfde1>] cirrus_crtc_mode_set+0x481/0x4b0
[ 720.674011] [<ffffffff819326f9>] drm_crtc_helper_set_mode+0x299/0x530
[ 720.674011] [<ffffffff819330ab>] drm_crtc_helper_set_config+0x71b/0xa60
[ 720.674011] [<ffffffff8194d82d>] drm_mode_set_config_internal+0x3d/0x100
[ 720.674011] [<ffffffff8193b3c3>] drm_fb_helper_pan_display+0x93/0xe0
[ 720.674011] [<ffffffff81884034>] fb_pan_display+0x104/0x170
[ 720.674011] [<ffffffff818807fb>] bit_update_start+0x1b/0x50
[ 720.674011] [<ffffffff8187f1ba>] fbcon_switch+0x50a/0x530
[ 720.674011] [<ffffffff8190e979>] redraw_screen+0x129/0x250
[ 720.674011] [<ffffffff81884566>] ? fb_blank+0x66/0xa0
[ 720.674011] [<ffffffff8187d75f>] fbcon_blank+0x20f/0x2d0
[ 720.674011] [<ffffffff8259bbbd>] ? _raw_spin_lock_irqsave+0x7d/0x90
[ 720.674011] [<ffffffff81189f3f>] ? trace_hardirqs_off_caller+0x1f/0xd0
[ 720.674011] [<ffffffff8118a25d>] ? trace_hardirqs_off+0xd/0x10
[ 720.674011] [<ffffffff8259bd3b>] ? _raw_spin_unlock_irqrestore+0x3b/0x60
[ 720.674011] [<ffffffff811a7951>] ? mod_timer+0x221/0x2a0
[ 720.674011] [<ffffffff819109a8>] do_unblank_screen+0x108/0x1e0
[ 720.674011] [<ffffffff81910a8b>] unblank_screen+0xb/0x10
[ 720.674011] [<ffffffff81834399>] bust_spinlocks+0x19/0x30
[ 720.674011] [<ffffffff8106e307>] oops_end+0x37/0x150
[ 720.674011] [<ffffffff8106e565>] die+0x55/0x60
[ 720.674011] [<ffffffff8106acc3>] do_trap+0x63/0x150
[ 720.674011] [<ffffffff8106ae83>] do_error_trap+0xd3/0xf0
[ 720.674011] [<ffffffff81776681>] ? f2fs_write_node_page+0x171/0x290
[ 720.674011] [<ffffffff81832fbd>] ? trace_hardirqs_off_thunk+0x3a/0x3c
[ 720.674011] [<ffffffff8106b24b>] do_invalid_op+0x1b/0x20
[ 720.674011] [<ffffffff8259e53e>] invalid_op+0x1e/0x30
[ 720.674011] [<ffffffff81776681>] ? f2fs_write_node_page+0x171/0x290
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff81778745>] sync_node_pages+0x415/0x5f0
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff8176f52d>] write_checkpoint+0x21d/0xeb0
[ 720.674011] [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
[ 720.674011] [<ffffffff82597685>] ? mutex_lock_nested+0x435/0x4b0
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff81769680>] f2fs_sync_fs+0x100/0x180
[ 720.674011] [<ffffffff812b27ab>] sync_fs_one_sb+0x1b/0x20
[ 720.674011] [<ffffffff8128198f>] iterate_supers+0x7f/0xe0
[ 720.674011] [<ffffffff812b2a00>] sys_sync+0x50/0x90
[ 720.674011] [<ffffffff8259cae9>] system_call_fastpath+0x16/0x1b
[ 720.674011] Code: e6 06 0f 84 f3 00 00 00 85 c9 41 0f 95 c4 81 7d
88 ff 03 00 00 0f 9f c0 41 21 c4 41 0f b6 f4 9c 58 0f 1f 44 00 00 f6
c4 02 75 08 <0f> 0b 66 0f 1f 44 00 00 ba 01 00 00 00 48 c7 c7 d0 f2 0a
81 89
[ 720.674011] RIP [<ffffffff810b0fe0>] change_page_attr_set_clr+0x250/0x430
[ 720.674011] RSP <ffff88002c4730b8>
[ 720.674011] ---[ end trace 7dd145ad962d6c6d ]---
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
@ 2014-09-09 18:24 ` Tommi Rantala
0 siblings, 0 replies; 14+ messages in thread
From: Tommi Rantala @ 2014-09-09 18:24 UTC (permalink / raw)
To: Jaegeuk Kim; +Cc: Dave Jones, trinity, LKML, linux-f2fs-devel
2014-09-09 7:41 GMT+03:00 Jaegeuk Kim <jaegeuk@kernel.org>:
> Hi Tommi,
>
> This patch should resolve this bug.
> Thanks a lot. :)
>
> From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
> From: Jaegeuk Kim <jaegeuk@kernel.org>
> Date: Mon, 8 Sep 2014 10:59:43 -0700
> Subject: [PATCH] f2fs: fix negative value for lseek offset
>
Thanks, with this patch applied, I could not reproduce the lseek oops,
but now I hit the following:
[ 720.673788] ------------[ cut here ]------------
[ 720.674011] kernel BUG at fs/f2fs/node.c:1229!
[ 720.674011] invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC
[ 720.674011] CPU: 0 PID: 5298 Comm: trinity-c15 Not tainted 3.17.0-rc4+ #38
[ 720.674011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 720.674011] task: ffff88002c468000 ti: ffff88002c470000 task.ti:
ffff88002c470000
[ 720.674011] RIP: 0010:[<ffffffff81776681>] [<ffffffff81776681>]
f2fs_write_node_page+0x171/0x290
[ 720.674011] RSP: 0018:ffff88002c473cb0 EFLAGS: 00010206
[ 720.674011] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00006173c0
[ 720.674011] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffffea00006173c0
[ 720.674011] RBP: ffff88002c473cf8 R08: 0000000000000000 R09: 0000000000000000
[ 720.674011] R10: 0000000000000001 R11: ffff8800185cf000 R12: ffffea00006173c0
[ 720.674011] R13: ffff8800399d4520 R14: ffff88002c473e68 R15: ffff8800185cf000
[ 720.674011] FS: 00007fb4b61d4700(0000) GS:ffff88003fa00000(0000)
knlGS:0000000000000000
[ 720.674011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 720.674011] CR2: 0000000000000008 CR3: 000000002c450000 CR4: 00000000000006f0
[ 720.674011] DR0: 0000000001ee3000 DR1: 00000000019d3000 DR2: 0000000000000000
[ 720.674011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 720.674011] Stack:
[ 720.674011] ffffffff81189e75 0000041100000001 ffff880037cb10a8
ffff88002c473cd8
[ 720.674011] ffff880000000000 0000160000000000 ffff88002c473d58
0000000000000000
[ 720.674011] 0000000000000001 ffff88002c473df0 ffffffff81778745
0000000000000000
[ 720.674011] Call Trace:
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff81778745>] sync_node_pages+0x415/0x5f0
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff8176f52d>] write_checkpoint+0x21d/0xeb0
[ 720.674011] [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
[ 720.674011] [<ffffffff82597685>] ? mutex_lock_nested+0x435/0x4b0
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff81769680>] f2fs_sync_fs+0x100/0x180
[ 720.674011] [<ffffffff812b27ab>] sync_fs_one_sb+0x1b/0x20
[ 720.674011] [<ffffffff8128198f>] iterate_supers+0x7f/0xe0
[ 720.674011] [<ffffffff812b2a00>] sys_sync+0x50/0x90
[ 720.674011] [<ffffffff8259cae9>] system_call_fastpath+0x16/0x1b
[ 720.674011] Code: 63 00 00 48 b8 00 00 00 00 00 16 00 00 4c 01 e0
48 c1 f8 06 48 c1 e0 0c 49 01 c7 41 8b 9f e8 0f 00 00 89 d8 49 39 44
24 10 74 07 <0f> 0b 0f 1f 44 00 00 48 8d 55 c8 89 de 4c 89 ef e8 3a fb
ff ff
[ 720.674011] RIP [<ffffffff81776681>] f2fs_write_node_page+0x171/0x290
[ 720.674011] RSP <ffff88002c473cb0>
[ 720.674011] ------------[ cut here ]------------
[ 720.674011] kernel BUG at arch/x86/mm/pageattr.c:216!
[ 720.674011] invalid opcode: 0000 [#2] SMP DEBUG_PAGEALLOC
[ 720.674011] CPU: 0 PID: 5298 Comm: trinity-c15 Not tainted 3.17.0-rc4+ #38
[ 720.674011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 720.674011] task: ffff88002c468000 ti: ffff88002c470000 task.ti:
ffff88002c470000
[ 720.674011] RIP: 0010:[<ffffffff810b0fe0>] [<ffffffff810b0fe0>]
change_page_attr_set_clr+0x250/0x430
[ 720.674011] RSP: 0018:ffff88002c4730b8 EFLAGS: 00010046
[ 720.674011] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000010
[ 720.674011] RDX: 0000000000004600 RSI: 0000000000000000 RDI: 0000000080000000
[ 720.674011] RBP: ffff88002c473148 R08: 0000000000000001 R09: ffff880000000000
[ 720.674011] R10: ffff880034780738 R11: ffff88000e526610 R12: 0000000000000000
[ 720.674011] R13: 0000000000000010 R14: 0000000000000004 R15: 0000000000000005
[ 720.674011] FS: 00007fb4b61d4700(0000) GS:ffff88003fa00000(0000)
knlGS:0000000000000000
[ 720.674011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 720.674011] CR2: 0000000000000008 CR3: 000000002c450000 CR4: 00000000000006f0
[ 720.674011] DR0: 0000000001ee3000 DR1: 00000000019d3000 DR2: 0000000000000000
[ 720.674011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 720.674011] Stack:
[ 720.674011] 0000000000000000 0000000000000000 0000000000000000
ffffffff00000200
[ 720.674011] ffff880000000001 0000000000000000 0000000000000000
0000000000000010
[ 720.674011] 0000000000000000 0000000500000001 0000000000005d4d
0000020000000000
[ 720.674011] Call Trace:
[ 720.674011] [<ffffffff810b1396>] _set_pages_array+0x86/0x130
[ 720.674011] [<ffffffff810b1a3e>] set_pages_array_wc+0xe/0x10
[ 720.674011] [<ffffffff81965487>] ttm_set_pages_caching+0x47/0x70
[ 720.674011] [<ffffffff819655f3>] ttm_alloc_new_pages.isra.4+0xf3/0x190
[ 720.674011] [<ffffffff81965ff5>] ttm_pool_populate+0x1b5/0x490
[ 720.674011] [<ffffffff81ae0c59>] cirrus_ttm_tt_populate+0x9/0x10
[ 720.674011] [<ffffffff81961a03>] ttm_bo_move_memcpy+0x183/0x640
[ 720.674011] [<ffffffff81ae0ba3>] cirrus_bo_move+0x13/0x20
[ 720.674011] [<ffffffff8195f081>] ttm_bo_handle_move_mem+0x251/0x590
[ 720.674011] [<ffffffff8196029c>] ? ttm_bo_mem_space+0xbc/0x310
[ 720.674011] [<ffffffff8196093d>] ttm_bo_validate+0x1bd/0x2c0
[ 720.674011] [<ffffffff81ae128c>] cirrus_bo_push_sysram+0x8c/0xd0
[ 720.674011] [<ffffffff81adf609>]
cirrus_crtc_do_set_base.isra.7.constprop.9+0x89/0x3e0
[ 720.674011] [<ffffffff81adfde1>] cirrus_crtc_mode_set+0x481/0x4b0
[ 720.674011] [<ffffffff819326f9>] drm_crtc_helper_set_mode+0x299/0x530
[ 720.674011] [<ffffffff819330ab>] drm_crtc_helper_set_config+0x71b/0xa60
[ 720.674011] [<ffffffff8194d82d>] drm_mode_set_config_internal+0x3d/0x100
[ 720.674011] [<ffffffff8193b3c3>] drm_fb_helper_pan_display+0x93/0xe0
[ 720.674011] [<ffffffff81884034>] fb_pan_display+0x104/0x170
[ 720.674011] [<ffffffff818807fb>] bit_update_start+0x1b/0x50
[ 720.674011] [<ffffffff8187f1ba>] fbcon_switch+0x50a/0x530
[ 720.674011] [<ffffffff8190e979>] redraw_screen+0x129/0x250
[ 720.674011] [<ffffffff81884566>] ? fb_blank+0x66/0xa0
[ 720.674011] [<ffffffff8187d75f>] fbcon_blank+0x20f/0x2d0
[ 720.674011] [<ffffffff8259bbbd>] ? _raw_spin_lock_irqsave+0x7d/0x90
[ 720.674011] [<ffffffff81189f3f>] ? trace_hardirqs_off_caller+0x1f/0xd0
[ 720.674011] [<ffffffff8118a25d>] ? trace_hardirqs_off+0xd/0x10
[ 720.674011] [<ffffffff8259bd3b>] ? _raw_spin_unlock_irqrestore+0x3b/0x60
[ 720.674011] [<ffffffff811a7951>] ? mod_timer+0x221/0x2a0
[ 720.674011] [<ffffffff819109a8>] do_unblank_screen+0x108/0x1e0
[ 720.674011] [<ffffffff81910a8b>] unblank_screen+0xb/0x10
[ 720.674011] [<ffffffff81834399>] bust_spinlocks+0x19/0x30
[ 720.674011] [<ffffffff8106e307>] oops_end+0x37/0x150
[ 720.674011] [<ffffffff8106e565>] die+0x55/0x60
[ 720.674011] [<ffffffff8106acc3>] do_trap+0x63/0x150
[ 720.674011] [<ffffffff8106ae83>] do_error_trap+0xd3/0xf0
[ 720.674011] [<ffffffff81776681>] ? f2fs_write_node_page+0x171/0x290
[ 720.674011] [<ffffffff81832fbd>] ? trace_hardirqs_off_thunk+0x3a/0x3c
[ 720.674011] [<ffffffff8106b24b>] do_invalid_op+0x1b/0x20
[ 720.674011] [<ffffffff8259e53e>] invalid_op+0x1e/0x30
[ 720.674011] [<ffffffff81776681>] ? f2fs_write_node_page+0x171/0x290
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff81778745>] sync_node_pages+0x415/0x5f0
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff8176f52d>] write_checkpoint+0x21d/0xeb0
[ 720.674011] [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
[ 720.674011] [<ffffffff82597685>] ? mutex_lock_nested+0x435/0x4b0
[ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
[ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
[ 720.674011] [<ffffffff81769680>] f2fs_sync_fs+0x100/0x180
[ 720.674011] [<ffffffff812b27ab>] sync_fs_one_sb+0x1b/0x20
[ 720.674011] [<ffffffff8128198f>] iterate_supers+0x7f/0xe0
[ 720.674011] [<ffffffff812b2a00>] sys_sync+0x50/0x90
[ 720.674011] [<ffffffff8259cae9>] system_call_fastpath+0x16/0x1b
[ 720.674011] Code: e6 06 0f 84 f3 00 00 00 85 c9 41 0f 95 c4 81 7d
88 ff 03 00 00 0f 9f c0 41 21 c4 41 0f b6 f4 9c 58 0f 1f 44 00 00 f6
c4 02 75 08 <0f> 0b 66 0f 1f 44 00 00 ba 01 00 00 00 48 c7 c7 d0 f2 0a
81 89
[ 720.674011] RIP [<ffffffff810b0fe0>] change_page_attr_set_clr+0x250/0x430
[ 720.674011] RSP <ffff88002c4730b8>
[ 720.674011] ---[ end trace 7dd145ad962d6c6d ]---
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [f2fs-dev] f2fs get_dnode_of_data oops
2014-09-09 8:10 ` [f2fs-dev] " Chao Yu
@ 2014-09-10 7:23 ` Jaegeuk Kim
0 siblings, 0 replies; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-10 7:23 UTC (permalink / raw)
To: Chao Yu
Cc: 'Tommi Rantala', 'Dave Jones',
trinity, 'LKML',
linux-f2fs-devel
On Tue, Sep 09, 2014 at 04:10:00PM +0800, Chao Yu wrote:
> Hi Jaegeuk,
>
> Looks good to me!
>
> One nitpick, how about judging this condition before we lock ->i_mutex to
> avoid unneeded lock contention and invoking of i_size_read()?
Agreed.
>From 0b4c5afde9b57c08b55d26725d228d5314cfc57a Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@kernel.org>
Date: Mon, 8 Sep 2014 10:59:43 -0700
Subject: [PATCH] f2fs: fix negative value for lseek offset
If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
by Tommi Rantala.
He could make a simple code to detect this having:
lseek(fd, -17595150933902LL, SEEK_DATA);
This patch should resolve that bug.
Reported-by: Tommi Rentala <tt.rantala@gmail.com>
[Jaegeuk Kim: relocate the condition as suggested by Chao]
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/file.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 9f0ea3d..5cde363 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -353,6 +353,8 @@ static loff_t f2fs_llseek(struct file *file, loff_t offset, int whence)
maxbytes, i_size_read(inode));
case SEEK_DATA:
case SEEK_HOLE:
+ if (offset < 0)
+ return -ENXIO;
return f2fs_seek_block(file, offset, whence);
}
--
1.8.5.2 (Apple Git-48)
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [f2fs-dev] f2fs get_dnode_of_data oops
@ 2014-09-10 7:23 ` Jaegeuk Kim
0 siblings, 0 replies; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-10 7:23 UTC (permalink / raw)
To: Chao Yu
Cc: 'Tommi Rantala', 'Dave Jones',
trinity, 'LKML',
linux-f2fs-devel
On Tue, Sep 09, 2014 at 04:10:00PM +0800, Chao Yu wrote:
> Hi Jaegeuk,
>
> Looks good to me!
>
> One nitpick, how about judging this condition before we lock ->i_mutex to
> avoid unneeded lock contention and invoking of i_size_read()?
Agreed.
From 0b4c5afde9b57c08b55d26725d228d5314cfc57a Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@kernel.org>
Date: Mon, 8 Sep 2014 10:59:43 -0700
Subject: [PATCH] f2fs: fix negative value for lseek offset
If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
by Tommi Rantala.
He could make a simple code to detect this having:
lseek(fd, -17595150933902LL, SEEK_DATA);
This patch should resolve that bug.
Reported-by: Tommi Rentala <tt.rantala@gmail.com>
[Jaegeuk Kim: relocate the condition as suggested by Chao]
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/file.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 9f0ea3d..5cde363 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -353,6 +353,8 @@ static loff_t f2fs_llseek(struct file *file, loff_t offset, int whence)
maxbytes, i_size_read(inode));
case SEEK_DATA:
case SEEK_HOLE:
+ if (offset < 0)
+ return -ENXIO;
return f2fs_seek_block(file, offset, whence);
}
--
1.8.5.2 (Apple Git-48)
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: f2fs get_dnode_of_data oops
2014-09-09 18:24 ` Tommi Rantala
(?)
@ 2014-09-10 7:26 ` Jaegeuk Kim
-1 siblings, 0 replies; 14+ messages in thread
From: Jaegeuk Kim @ 2014-09-10 7:26 UTC (permalink / raw)
To: Tommi Rantala; +Cc: linux-f2fs-devel, Changman Lee, LKML, trinity, Dave Jones
Hi,
On Tue, Sep 09, 2014 at 09:24:18PM +0300, Tommi Rantala wrote:
> 2014-09-09 7:41 GMT+03:00 Jaegeuk Kim <jaegeuk@kernel.org>:
> > Hi Tommi,
> >
> > This patch should resolve this bug.
> > Thanks a lot. :)
> >
> > From ee24677b9917583f50f16b6f59771439f91b890c Mon Sep 17 00:00:00 2001
> > From: Jaegeuk Kim <jaegeuk@kernel.org>
> > Date: Mon, 8 Sep 2014 10:59:43 -0700
> > Subject: [PATCH] f2fs: fix negative value for lseek offset
> >
>
> Thanks, with this patch applied, I could not reproduce the lseek oops,
> but now I hit the following:
Hmm.
Could you share a little bit more information?
Is it reproducible?
What are the page->index and nid_of_node(page)?
Thanks,
>
>
> [ 720.673788] ------------[ cut here ]------------
> [ 720.674011] kernel BUG at fs/f2fs/node.c:1229!
> [ 720.674011] invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC
> [ 720.674011] CPU: 0 PID: 5298 Comm: trinity-c15 Not tainted 3.17.0-rc4+ #38
> [ 720.674011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> [ 720.674011] task: ffff88002c468000 ti: ffff88002c470000 task.ti:
> ffff88002c470000
> [ 720.674011] RIP: 0010:[<ffffffff81776681>] [<ffffffff81776681>]
> f2fs_write_node_page+0x171/0x290
> [ 720.674011] RSP: 0018:ffff88002c473cb0 EFLAGS: 00010206
> [ 720.674011] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00006173c0
> [ 720.674011] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffffea00006173c0
> [ 720.674011] RBP: ffff88002c473cf8 R08: 0000000000000000 R09: 0000000000000000
> [ 720.674011] R10: 0000000000000001 R11: ffff8800185cf000 R12: ffffea00006173c0
> [ 720.674011] R13: ffff8800399d4520 R14: ffff88002c473e68 R15: ffff8800185cf000
> [ 720.674011] FS: 00007fb4b61d4700(0000) GS:ffff88003fa00000(0000)
> knlGS:0000000000000000
> [ 720.674011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> [ 720.674011] CR2: 0000000000000008 CR3: 000000002c450000 CR4: 00000000000006f0
> [ 720.674011] DR0: 0000000001ee3000 DR1: 00000000019d3000 DR2: 0000000000000000
> [ 720.674011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
> [ 720.674011] Stack:
> [ 720.674011] ffffffff81189e75 0000041100000001 ffff880037cb10a8
> ffff88002c473cd8
> [ 720.674011] ffff880000000000 0000160000000000 ffff88002c473d58
> 0000000000000000
> [ 720.674011] 0000000000000001 ffff88002c473df0 ffffffff81778745
> 0000000000000000
> [ 720.674011] Call Trace:
> [ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
> [ 720.674011] [<ffffffff81778745>] sync_node_pages+0x415/0x5f0
> [ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
> [ 720.674011] [<ffffffff8176f52d>] write_checkpoint+0x21d/0xeb0
> [ 720.674011] [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
> [ 720.674011] [<ffffffff82597685>] ? mutex_lock_nested+0x435/0x4b0
> [ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
> [ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
> [ 720.674011] [<ffffffff81769680>] f2fs_sync_fs+0x100/0x180
> [ 720.674011] [<ffffffff812b27ab>] sync_fs_one_sb+0x1b/0x20
> [ 720.674011] [<ffffffff8128198f>] iterate_supers+0x7f/0xe0
> [ 720.674011] [<ffffffff812b2a00>] sys_sync+0x50/0x90
> [ 720.674011] [<ffffffff8259cae9>] system_call_fastpath+0x16/0x1b
> [ 720.674011] Code: 63 00 00 48 b8 00 00 00 00 00 16 00 00 4c 01 e0
> 48 c1 f8 06 48 c1 e0 0c 49 01 c7 41 8b 9f e8 0f 00 00 89 d8 49 39 44
> 24 10 74 07 <0f> 0b 0f 1f 44 00 00 48 8d 55 c8 89 de 4c 89 ef e8 3a fb
> ff ff
> [ 720.674011] RIP [<ffffffff81776681>] f2fs_write_node_page+0x171/0x290
> [ 720.674011] RSP <ffff88002c473cb0>
> [ 720.674011] ------------[ cut here ]------------
> [ 720.674011] kernel BUG at arch/x86/mm/pageattr.c:216!
> [ 720.674011] invalid opcode: 0000 [#2] SMP DEBUG_PAGEALLOC
> [ 720.674011] CPU: 0 PID: 5298 Comm: trinity-c15 Not tainted 3.17.0-rc4+ #38
> [ 720.674011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> [ 720.674011] task: ffff88002c468000 ti: ffff88002c470000 task.ti:
> ffff88002c470000
> [ 720.674011] RIP: 0010:[<ffffffff810b0fe0>] [<ffffffff810b0fe0>]
> change_page_attr_set_clr+0x250/0x430
> [ 720.674011] RSP: 0018:ffff88002c4730b8 EFLAGS: 00010046
> [ 720.674011] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000010
> [ 720.674011] RDX: 0000000000004600 RSI: 0000000000000000 RDI: 0000000080000000
> [ 720.674011] RBP: ffff88002c473148 R08: 0000000000000001 R09: ffff880000000000
> [ 720.674011] R10: ffff880034780738 R11: ffff88000e526610 R12: 0000000000000000
> [ 720.674011] R13: 0000000000000010 R14: 0000000000000004 R15: 0000000000000005
> [ 720.674011] FS: 00007fb4b61d4700(0000) GS:ffff88003fa00000(0000)
> knlGS:0000000000000000
> [ 720.674011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> [ 720.674011] CR2: 0000000000000008 CR3: 000000002c450000 CR4: 00000000000006f0
> [ 720.674011] DR0: 0000000001ee3000 DR1: 00000000019d3000 DR2: 0000000000000000
> [ 720.674011] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
> [ 720.674011] Stack:
> [ 720.674011] 0000000000000000 0000000000000000 0000000000000000
> ffffffff00000200
> [ 720.674011] ffff880000000001 0000000000000000 0000000000000000
> 0000000000000010
> [ 720.674011] 0000000000000000 0000000500000001 0000000000005d4d
> 0000020000000000
> [ 720.674011] Call Trace:
> [ 720.674011] [<ffffffff810b1396>] _set_pages_array+0x86/0x130
> [ 720.674011] [<ffffffff810b1a3e>] set_pages_array_wc+0xe/0x10
> [ 720.674011] [<ffffffff81965487>] ttm_set_pages_caching+0x47/0x70
> [ 720.674011] [<ffffffff819655f3>] ttm_alloc_new_pages.isra.4+0xf3/0x190
> [ 720.674011] [<ffffffff81965ff5>] ttm_pool_populate+0x1b5/0x490
> [ 720.674011] [<ffffffff81ae0c59>] cirrus_ttm_tt_populate+0x9/0x10
> [ 720.674011] [<ffffffff81961a03>] ttm_bo_move_memcpy+0x183/0x640
> [ 720.674011] [<ffffffff81ae0ba3>] cirrus_bo_move+0x13/0x20
> [ 720.674011] [<ffffffff8195f081>] ttm_bo_handle_move_mem+0x251/0x590
> [ 720.674011] [<ffffffff8196029c>] ? ttm_bo_mem_space+0xbc/0x310
> [ 720.674011] [<ffffffff8196093d>] ttm_bo_validate+0x1bd/0x2c0
> [ 720.674011] [<ffffffff81ae128c>] cirrus_bo_push_sysram+0x8c/0xd0
> [ 720.674011] [<ffffffff81adf609>]
> cirrus_crtc_do_set_base.isra.7.constprop.9+0x89/0x3e0
> [ 720.674011] [<ffffffff81adfde1>] cirrus_crtc_mode_set+0x481/0x4b0
> [ 720.674011] [<ffffffff819326f9>] drm_crtc_helper_set_mode+0x299/0x530
> [ 720.674011] [<ffffffff819330ab>] drm_crtc_helper_set_config+0x71b/0xa60
> [ 720.674011] [<ffffffff8194d82d>] drm_mode_set_config_internal+0x3d/0x100
> [ 720.674011] [<ffffffff8193b3c3>] drm_fb_helper_pan_display+0x93/0xe0
> [ 720.674011] [<ffffffff81884034>] fb_pan_display+0x104/0x170
> [ 720.674011] [<ffffffff818807fb>] bit_update_start+0x1b/0x50
> [ 720.674011] [<ffffffff8187f1ba>] fbcon_switch+0x50a/0x530
> [ 720.674011] [<ffffffff8190e979>] redraw_screen+0x129/0x250
> [ 720.674011] [<ffffffff81884566>] ? fb_blank+0x66/0xa0
> [ 720.674011] [<ffffffff8187d75f>] fbcon_blank+0x20f/0x2d0
> [ 720.674011] [<ffffffff8259bbbd>] ? _raw_spin_lock_irqsave+0x7d/0x90
> [ 720.674011] [<ffffffff81189f3f>] ? trace_hardirqs_off_caller+0x1f/0xd0
> [ 720.674011] [<ffffffff8118a25d>] ? trace_hardirqs_off+0xd/0x10
> [ 720.674011] [<ffffffff8259bd3b>] ? _raw_spin_unlock_irqrestore+0x3b/0x60
> [ 720.674011] [<ffffffff811a7951>] ? mod_timer+0x221/0x2a0
> [ 720.674011] [<ffffffff819109a8>] do_unblank_screen+0x108/0x1e0
> [ 720.674011] [<ffffffff81910a8b>] unblank_screen+0xb/0x10
> [ 720.674011] [<ffffffff81834399>] bust_spinlocks+0x19/0x30
> [ 720.674011] [<ffffffff8106e307>] oops_end+0x37/0x150
> [ 720.674011] [<ffffffff8106e565>] die+0x55/0x60
> [ 720.674011] [<ffffffff8106acc3>] do_trap+0x63/0x150
> [ 720.674011] [<ffffffff8106ae83>] do_error_trap+0xd3/0xf0
> [ 720.674011] [<ffffffff81776681>] ? f2fs_write_node_page+0x171/0x290
> [ 720.674011] [<ffffffff81832fbd>] ? trace_hardirqs_off_thunk+0x3a/0x3c
> [ 720.674011] [<ffffffff8106b24b>] do_invalid_op+0x1b/0x20
> [ 720.674011] [<ffffffff8259e53e>] invalid_op+0x1e/0x30
> [ 720.674011] [<ffffffff81776681>] ? f2fs_write_node_page+0x171/0x290
> [ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
> [ 720.674011] [<ffffffff81778745>] sync_node_pages+0x415/0x5f0
> [ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
> [ 720.674011] [<ffffffff8176f52d>] write_checkpoint+0x21d/0xeb0
> [ 720.674011] [<ffffffff81189ce0>] ? mark_held_locks+0x90/0xa0
> [ 720.674011] [<ffffffff82597685>] ? mutex_lock_nested+0x435/0x4b0
> [ 720.674011] [<ffffffff81189e75>] ? trace_hardirqs_on_caller+0x185/0x220
> [ 720.674011] [<ffffffff812b2790>] ? SyS_tee+0x390/0x390
> [ 720.674011] [<ffffffff81769680>] f2fs_sync_fs+0x100/0x180
> [ 720.674011] [<ffffffff812b27ab>] sync_fs_one_sb+0x1b/0x20
> [ 720.674011] [<ffffffff8128198f>] iterate_supers+0x7f/0xe0
> [ 720.674011] [<ffffffff812b2a00>] sys_sync+0x50/0x90
> [ 720.674011] [<ffffffff8259cae9>] system_call_fastpath+0x16/0x1b
> [ 720.674011] Code: e6 06 0f 84 f3 00 00 00 85 c9 41 0f 95 c4 81 7d
> 88 ff 03 00 00 0f 9f c0 41 21 c4 41 0f b6 f4 9c 58 0f 1f 44 00 00 f6
> c4 02 75 08 <0f> 0b 66 0f 1f 44 00 00 ba 01 00 00 00 48 c7 c7 d0 f2 0a
> 81 89
> [ 720.674011] RIP [<ffffffff810b0fe0>] change_page_attr_set_clr+0x250/0x430
> [ 720.674011] RSP <ffff88002c4730b8>
> [ 720.674011] ---[ end trace 7dd145ad962d6c6d ]---
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2014-09-10 7:26 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-09-07 19:14 f2fs get_dnode_of_data oops Tommi Rantala
2014-09-07 19:20 ` Tommi Rantala
2014-09-08 4:20 ` Jaegeuk Kim
2014-09-08 15:39 ` Tommi Rantala
2014-09-08 15:39 ` Tommi Rantala
2014-09-09 4:41 ` Jaegeuk Kim
2014-09-09 4:41 ` Jaegeuk Kim
2014-09-09 4:41 ` Jaegeuk Kim
2014-09-09 8:10 ` [f2fs-dev] " Chao Yu
2014-09-10 7:23 ` Jaegeuk Kim
2014-09-10 7:23 ` Jaegeuk Kim
2014-09-09 18:24 ` Tommi Rantala
2014-09-09 18:24 ` Tommi Rantala
2014-09-10 7:26 ` Jaegeuk Kim
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.