Greetings, 0day kernel testing robot got the below dmesg and the first bad commit is https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master commit f45ec5ff16a75f96dac8c89862d75f1d8739efd4 Author: Peter Xu AuthorDate: Mon Apr 6 20:06:01 2020 -0700 Commit: Linus Torvalds CommitDate: Tue Apr 7 10:43:39 2020 -0700 userfaultfd: wp: support swap and page migration For either swap and page migration, we all use the bit 2 of the entry to identify whether this entry is uffd write-protected. It plays a similar role as the existing soft dirty bit in swap entries but only for keeping the uffd-wp tracking for a specific PTE/PMD. Something special here is that when we want to recover the uffd-wp bit from a swap/migration entry to the PTE bit we'll also need to take care of the _PAGE_RW bit and make sure it's cleared, otherwise even with the _PAGE_UFFD_WP bit we can't trap it at all. In change_pte_range() we do nothing for uffd if the PTE is a swap entry. That can lead to data mismatch if the page that we are going to write protect is swapped out when sending the UFFDIO_WRITEPROTECT. This patch also applies/removes the uffd-wp bit even for the swap entries. Signed-off-by: Peter Xu Signed-off-by: Andrew Morton Cc: Andrea Arcangeli Cc: Bobby Powers Cc: Brian Geffon Cc: David Hildenbrand Cc: Denis Plotnikov Cc: "Dr . David Alan Gilbert" Cc: Hugh Dickins Cc: Jerome Glisse Cc: Johannes Weiner Cc: "Kirill A . Shutemov" Cc: Martin Cracauer Cc: Marty McFadden Cc: Maya Gokhale Cc: Mel Gorman Cc: Mike Kravetz Cc: Mike Rapoport Cc: Pavel Emelyanov Cc: Rik van Riel Cc: Shaohua Li Link: http://lkml.kernel.org/r/20200220163112.11409-11-peterx@redhat.com Signed-off-by: Linus Torvalds 2e3d5dc508 userfaultfd: wp: add pmd_swp_*uffd_wp() helpers f45ec5ff16 userfaultfd: wp: support swap and page migration 5d30bcacd9 Merge tag '9p-for-5.7-2' of git://github.com/martinetd/linux +-------------------------------------------------------------------------------------------------+------------+------------+------------+ | | 2e3d5dc508 | f45ec5ff16 | 5d30bcacd9 | +-------------------------------------------------------------------------------------------------+------------+------------+------------+ | boot_successes | 651 | 193 | 197 | | boot_failures | 25 | 36 | 32 | | BUG_pde_opener(Not_tainted):Freepointer_corrupt | 1 | | | | INFO:Slab#objects=#used=#fp=#flags= | 1 | | | | INFO:Object#@offset=#fp= | 1 | | | | BUG:soft_lockup-CPU##stuck_for#s![swapper:#] | 1 | 2 | | | EIP:new_slab | 2 | 1 | | | Kernel_panic-not_syncing:softlockup:hung_tasks | 2 | 2 | 1 | | BUG:workqueue_lockup-pool | 11 | 8 | 10 | | INFO:rcu_preempt_self-detected_stall_on_CPU | 4 | 1 | | | EIP:kernel_init_free_pages | 1 | | | | INFO:rcu_preempt_detected_stalls_on_CPUs/tasks | 1 | | | | EIP:iov_iter_copy_from_user_atomic | 1 | 1 | | | BUG:soft_lockup-CPU##stuck_for#s![trinity-c3:#] | 1 | | | | BUG:sleeping_function_called_from_invalid_context_at_include/linux/percpu-rwsem.h | 1 | | | | EIP:inode_init_once | 2 | | | | BUG:kernel_hang_in_early-boot_stage | 1 | | | | BUG:kernel_hang_in_boot_stage | 3 | | | | Kernel_panic-not_syncing:stack-protector:Kernel_stack_is_corrupted_in:__schedule | 1 | | | | WARNING:bad_unlock_balance_detected | 1 | | | | is_trying_to_release_lock(&port->lock)at | 1 | | | | Kernel_panic-not_syncing:stack-protector:Kernel_stack_is_corrupted_in:native_flush_tlb_one_user | 1 | | | | EIP:clear_user | 1 | | | | BUG:Bad_page_map_in_process | 0 | 11 | 10 | | BUG:Bad_rss-counter_state_mm:#type:MM_ANONPAGES_val | 0 | 21 | 16 | | BUG:Bad_rss-counter_state_mm:#type:MM_SWAPENTS_val | 0 | 10 | 10 | | BUG:Bad_rss-counter_state_mm:#type:MM_SHMEMPAGES_val | 0 | 20 | 12 | | BUG:kernel_NULL_pointer_dereference,address | 0 | 1 | 5 | | Oops:#[##] | 0 | 1 | 5 | | EIP:do_swap_page | 0 | 1 | 5 | | Kernel_panic-not_syncing:Fatal_exception | 0 | 1 | 5 | | EIP:__slab_alloc | 0 | 1 | | | Mem-Info | 0 | 0 | 1 | | BUG:soft_lockup-CPU##stuck_for#s![trinity-c1:#] | 0 | 0 | 1 | | EIP:copy_user_highpage | 0 | 0 | 1 | +-------------------------------------------------------------------------------------------------+------------+------------+------------+ If you fix the issue, kindly add following tag Reported-by: kernel test robot [child3:925] eventfd (323) returned ENOSYS, marking as inactive. [ 132.014801] can: request_module (can-proto-2) failed. [ 132.063717] can: request_module (can-proto-2) failed. [ 137.186037] trinity-c2 (943) used greatest stack depth: 5804 bytes left [ 140.771486] MCE: Killing trinity-c2:956 due to hardware memory corruption fault at 8bd2060 [ 140.777858] BUG: Bad rss-counter state mm:b278fc66 type:MM_ANONPAGES val:1 [ 140.778736] BUG: Bad rss-counter state mm:b278fc66 type:MM_SHMEMPAGES val:2 [ 141.589424] MCE: Killing trinity-c3:940 due to hardware memory corruption fault at 8a8c860 [ 141.590730] swap_info_get: Bad swap file entry 700b8216 [ 141.591400] BUG: Bad page map in process trinity-c3 pte:17042c3c pmd:b1809067 [ 141.592304] addr:08bcf000 vm_flags:00100073 anon_vma:f1f29528 mapping:00000000 index:8bcf [ 141.593399] file:(null) fault:0x0 mmap:0x0 readpage:0x0 [ 141.594065] CPU: 0 PID: 940 Comm: trinity-c3 Not tainted 5.6.0-11490-gf45ec5ff16a75 #1 [ 141.595055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 141.596093] Call Trace: [ 141.596443] dump_stack+0x16/0x18 [ 141.596868] print_bad_pte+0x13f/0x159 [ 141.597367] unmap_page_range+0x2a7/0x3e7 [ 141.597893] unmap_single_vma+0x53/0x5d [ 141.598383] unmap_vmas+0x2c/0x3b [ 141.598811] exit_mmap+0x81/0xfc [ 141.599238] __mmput+0x25/0x8d [ 141.599633] mmput+0x28/0x2b [ 141.600007] do_exit+0x2f0/0x84a [ 141.600449] ? ___might_sleep+0x3f/0x11f [ 141.600949] do_group_exit+0x86/0x86 [ 141.601421] __ia32_sys_exit_group+0x15/0x15 [ 141.601965] do_fast_syscall_32+0x86/0xbf [ 141.602481] entry_SYSENTER_32+0xaf/0x101 [ 141.602992] EIP: 0x37f399c9 [ 141.603356] Code: 00 00 00 89 d3 eb 02 31 c0 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 1c 24 c3 8b 34 24 c3 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 141.605693] EAX: ffffffda EBX: 00000000 ECX: 00000000 EDX: 00000000 [ 141.606476] ESI: 00000133 EDI: 375c9000 EBP: 375c9030 ESP: 3ffdb5fc [ 141.607245] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000216 [ 141.608098] Disabling lock debugging due to kernel taint [ 141.609128] swap_info_get: Bad swap file entry 700b82bf [ 141.610319] BUG: Bad page map in process trinity-c3 pte:17057e3c pmd:b1809067 [ 141.611876] addr:08bd0000 vm_flags:00100073 anon_vma:f1f29528 mapping:00000000 index:8bd0 [ 141.613716] file:(null) fault:0x0 mmap:0x0 readpage:0x0 [ 141.614823] CPU: 0 PID: 940 Comm: trinity-c3 Tainted: G B 5.6.0-11490-gf45ec5ff16a75 #1 [ 141.616853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 141.618583] Call Trace: [ 141.619121] dump_stack+0x16/0x18 [ 141.619860] print_bad_pte+0x13f/0x159 [ 141.620708] unmap_page_range+0x2a7/0x3e7 [ 141.621645] unmap_single_vma+0x53/0x5d [ 141.622526] unmap_vmas+0x2c/0x3b [ 141.623271] exit_mmap+0x81/0xfc [ 141.624026] __mmput+0x25/0x8d [ 141.624779] mmput+0x28/0x2b [ 141.625472] do_exit+0x2f0/0x84a [ 141.626247] ? ___might_sleep+0x3f/0x11f [ 141.627189] do_group_exit+0x86/0x86 [ 141.628008] __ia32_sys_exit_group+0x15/0x15 [ 141.629042] do_fast_syscall_32+0x86/0xbf [ 141.629989] entry_SYSENTER_32+0xaf/0x101 [ 141.630877] EIP: 0x37f399c9 [ 141.631521] Code: 8c 13 68 21 00 00 0f 95 c1 0f b6 c9 01 ca eb e1 01 f0 83 ec 0c c6 84 13 68 21 00 00 00 50 67 e8 e1 fd ff ff 8b 75 b4 40 8b 7d 65 33 3d 14 00 00 00 89 06 8d 83 68 21 00 00 74 05 e8 23 33 fd [ 141.635758] EAX: ffffffda EBX: 00000000 ECX: 00000000 EDX: 00000000 [ 141.637124] ESI: 00000133 EDI: 375c9000 EBP: 375c9030 ESP: 3ffdb5fc [ 141.638510] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000216 [ 141.640039] get_swap_device: Bad swap file entry 700b81c7 [ 141.641347] BUG: kernel NULL pointer dereference, address: 00000000 [ 141.642639] #PF: supervisor read access in kernel mode [ 141.643765] #PF: error_code(0x0000) - not-present page [ 141.644922] *pde = b1849067 *pte = 1703aa3e [ 141.645862] Oops: 0000 [#1] PREEMPT [ 141.646638] CPU: 0 PID: 931 Comm: trinity-c3 Tainted: G B 5.6.0-11490-gf45ec5ff16a75 #1 [ 141.648687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 141.650523] EIP: do_swap_page+0x9a/0x3ee [ 141.651402] Code: f0 00 00 00 00 e9 69 03 00 00 8b 4b 10 8b 55 ec 8b 45 e8 e8 73 1c 01 00 89 c7 85 c0 0f 85 dd 00 00 00 8b 45 e8 e8 a0 3e 01 00 <8b> 00 0f ba e0 0c 0f 83 a5 00 00 00 8b 45 e8 e8 28 3f 01 00 48 0f [ 141.655403] EAX: 00000000 EBX: f328def4 ECX: 00000000 EDX: 00000001 [ 141.656763] ESI: 00000254 EDI: 00000000 EBP: f328dee4 ESP: f328dec4 [ 141.658042] DS: 007b ES: 007b FS: 0000 GS: 00e0 SS: 0068 EFLAGS: 00010246 [ 141.659008] CR0: 80050033 CR2: 00000000 CR3: b1f78000 CR4: 000006d0 [ 141.660163] Call Trace: [ 141.660589] handle_mm_fault+0x72e/0x7a9 [ 141.661088] do_user_addr_fault+0x1ef/0x2fb [ 141.661614] do_page_fault+0xe7/0xef [ 141.662069] ? kvm_async_pf_task_wake+0x16d/0x16d [ 141.662663] do_async_page_fault+0x2d/0x67 [ 141.663179] common_exception_read_cr2+0x12f/0x134 [ 141.665266] EIP: 0x806840e [ 141.665731] Code: 00 00 00 89 c3 31 c0 81 ec 24 01 00 00 89 54 24 08 8d 54 24 0c 89 d7 f3 ab 8d 4b ff b8 01 00 00 00 d3 e0 c1 e9 05 09 44 8c 0c <85> 04 8d 60 93 a8 08 0f 94 c0 83 ec 04 0f b6 c0 c1 e0 1c 89 84 24 [ 141.668623] EAX: 00002000 EBX: 0000000e ECX: 00000000 EDX: 3fb4246c [ 141.669466] ESI: 000000ff EDI: 3fb424ec EBP: fffffffb ESP: 3fb42460 [ 141.670244] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00010206 [ 141.671086] Modules linked in: [ 141.671478] CR2: 0000000000000000 [ 141.672000] swap_info_get: Bad swap file entry 700b81d1 [ 141.672708] BUG: Bad page map in process trinity-c3 pte:1703a23c pmd:b1809067 [ 141.673620] addr:08bd1000 vm_flags:00100073 anon_vma:f1f29528 mapping:00000000 index:8bd1 [ 141.674632] file:(null) fault:0x0 mmap:0x0 readpage:0x0 [ 141.675286] CPU: 0 PID: 940 Comm: trinity-c3 Tainted: G B D 5.6.0-11490-gf45ec5ff16a75 #1 [ 141.676492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 141.677595] Call Trace: [ 141.677925] dump_stack+0x16/0x18 [ 141.678357] print_bad_pte+0x13f/0x159 [ 141.678836] unmap_page_range+0x2a7/0x3e7 [ 141.679351] unmap_single_vma+0x53/0x5d [ 141.679839] unmap_vmas+0x2c/0x3b [ 141.680263] exit_mmap+0x81/0xfc [ 141.680699] __mmput+0x25/0x8d [ 141.681091] mmput+0x28/0x2b [ 141.681476] do_exit+0x2f0/0x84a [ 141.681890] ? ___might_sleep+0x3f/0x11f [ 141.682390] do_group_exit+0x86/0x86 [ 141.682848] __ia32_sys_exit_group+0x15/0x15 [ 141.683408] do_fast_syscall_32+0x86/0xbf [ 141.683922] entry_SYSENTER_32+0xaf/0x101 [ 141.684475] EIP: 0x37f399c9 [ 141.684832] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 141.687105] EAX: ffffffda EBX: 00000000 ECX: 00000000 EDX: 00000000 [ 141.687883] ESI: 00000133 EDI: 375c9000 EBP: 375c9030 ESP: 3ffdb5fc [ 141.688692] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000216 [ 141.689599] ---[ end trace 4f92dcfde7686b01 ]--- [ 141.690178] EIP: do_swap_page+0x9a/0x3ee # HH:MM RESULT GOOD BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD git bisect start 5c7efc30142653ff7af43d7343b466309c78bfce 7111951b8d4973bda27ff663f2cf18b663d15b48 -- git bisect good 322665027513e6f98e25091645ca5f4ba19afb44 # 08:41 G 28 0 2 2 Merge 'internal-eywa/eywa' into devel-hourly-2020040904 git bisect bad 4adc48efc7243b24e3ec5329f4877200d5b26774 # 09:05 B 4 2 0 0 Merge 'internal-linux-review/Revanth-Rajashekar/block-sed-opal-Implement-RevertSP-IOCTL/20200404-080151' into devel-hourly-2020040904 git bisect bad 622719e6b8ff2655aaf000febd3614449bf6add5 # 09:25 B 9 1 0 0 Merge 'internal-cldemote/pasid.test' into devel-hourly-2020040904 git bisect good d6cc03a2f5ee665441d517e04bc744a38278fad7 # 09:58 G 36 0 0 0 Merge 'internal-linux-review/Fenghua-Yu/crypto-qat-Fix-alignment-issue-with-resp_handler/20200408-012430' into devel-hourly-2020040904 git bisect good f40f31cadc0ea5dcdd224c8b324add26469c2379 # 10:34 G 33 0 5 5 Merge tag 'f2fs-for-5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs git bisect bad 713a09de9ca9ac6277cb43d79967e7852238f998 # 13:02 B 2 1 1 1 checkpatch: add command-line option for TAB size git bisect bad ed7f9fec8c8f8227ebd1fb69feda60ce4a7df61f # 13:25 B 1 1 0 0 powernv/memtrace: always online added memory blocks git bisect good 1df319e0b4dee11436fe2ab1a0d536d3fad7cfef # 13:54 G 33 0 1 1 userfaultfd: wp: add helper for writeprotect check git bisect bad 14819305e09fe4fda546f0dfa12134c8e5366616 # 14:20 B 5 1 0 0 userfaultfd: wp: declare _UFFDIO_WRITEPROTECT conditionally git bisect good 2e3d5dc508cf001c4fb2d15515ebe6f30df88f76 # 15:20 G 57 0 0 0 userfaultfd: wp: add pmd_swp_*uffd_wp() helpers git bisect bad 63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 # 15:53 B 2 1 1 1 userfaultfd: wp: add the writeprotect API to userfaultfd ioctl git bisect bad e1e267c7928fe387e5e1cffeafb0de2d0473663a # 16:25 B 16 1 3 3 khugepaged: skip collapse if uffd-wp detected git bisect bad f45ec5ff16a75f96dac8c89862d75f1d8739efd4 # 17:05 B 4 1 0 0 userfaultfd: wp: support swap and page migration # first bad commit: [f45ec5ff16a75f96dac8c89862d75f1d8739efd4] userfaultfd: wp: support swap and page migration git bisect good 2e3d5dc508cf001c4fb2d15515ebe6f30df88f76 # 18:55 G 666 0 24 26 userfaultfd: wp: add pmd_swp_*uffd_wp() helpers # extra tests with debug options git bisect bad f45ec5ff16a75f96dac8c89862d75f1d8739efd4 # 19:30 B 2 1 0 0 userfaultfd: wp: support swap and page migration # extra tests on head commit of linus/master git bisect bad 5d30bcacd91af6874481129797af364a53cd9b46 # 22:45 B 18 1 1 1 Merge tag '9p-for-5.7-2' of git://github.com/martinetd/linux # bad: [5d30bcacd91af6874481129797af364a53cd9b46] Merge tag '9p-for-5.7-2' of git://github.com/martinetd/linux # extra tests on revert first bad commit git bisect good c28205da059708e32e23e4affd20645295078c54 # 01:24 G 224 0 7 7 Revert "userfaultfd: wp: support swap and page migration" # good: [c28205da059708e32e23e4affd20645295078c54] Revert "userfaultfd: wp: support swap and page migration" # extra tests on linus/master # duplicated: [5d30bcacd91af6874481129797af364a53cd9b46] Merge tag '9p-for-5.7-2' of git://github.com/martinetd/linux # extra tests on linux-next/master # 119: [873e37a44b1ee8ad4628ca257dc51c0c7c654326] Add linux-next specific files for 20200409 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/lkp@lists.01.org