From: Zorro Lang <zlang@redhat.com>
To: Matthew Wilcox <willy@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org
Subject: Re: Fw: [Bug 216114] New: page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and kernel BUG at mm/truncate.c:669!
Date: Mon, 13 Jun 2022 09:08:50 +0800 [thread overview]
Message-ID: <20220613010850.6kmpenitmuct2osb@zlang-mailbox> (raw)
In-Reply-To: <YqY9ExMWlma2ej5J@casper.infradead.org>
On Sun, Jun 12, 2022 at 08:22:59PM +0100, Matthew Wilcox wrote:
> On Sun, Jun 12, 2022 at 12:37:22PM +0800, Zorro Lang wrote:
> > On Sat, Jun 11, 2022 at 09:33:39PM +0100, Matthew Wilcox wrote:
> > > On Sat, Jun 11, 2022 at 01:07:49PM -0700, Andrew Morton wrote:
> > > >
> > > > Hi. Do you recall if this is a new one?
> > >
> > > New to me. Does this happen reliably enough to do a bisect?
> > >
> > > Hmm.
> > >
> > > folio_lock(folio);
> > > VM_BUG_ON_FOLIO(!folio_contains(folio, index), folio);
> > > if (folio->mapping != mapping) {
> > > folio_unlock(folio);
> > > continue;
> > > }
> > >
> > > so we found a truncated folio (below dump shows folio->mapping == NULL).
> > > We should be able to solve this by simply moving the VM_BUG_ON_FOLIO
> > > down four lines.
> > >
> > > I'm a little confused that this can happen; the page cache is littered
> > > with comments saying:
> > >
> > > /* Leave page->index set: truncation lookup relies upon it */
> > >
> > > so the VM_BUG_ON_FOLIO shouldn't need to be moved and hints at a problem
> > > that I don't understand. I also don't understand that PG_head is set,
> > > and yet dump_page() did not print:
> > > pr_warn("head:%p order:%u compound_mapcount:%d compound_pincount:%d\n",
> > > (is it possible it was inadvertently omitted from the bug report?)
> >
> > Hi Matthew,
> >
> > I just checked the full console log, didn't find above warning, it just printed:
> >
> > [ 8590.600151] page:0000000027772b07 refcount:2 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x2a7a00
> >
> > As the current code logic(mm/debug.c::):
> >
> > pr_warn("page:%p refcount:%d mapcount:%d mapping:%p index:%#lx pfn:%#lx\n",
> > page, page_ref_count(head), mapcount, mapping,
> > page_to_pgoff(page), page_to_pfn(page));
> > if (compound) {
> > pr_warn("head:%p order:%u compound_mapcount:%d compound_pincount:%d\n",
> > head, compound_order(head),
> > folio_entire_mapcount(folio),
> > head_compound_pincount(head));
> > }
> >
> > The 1st warn as above, but didn't get the 2nd warn. Might due to the compound==false?
>
> Right. So that _shouldn't_ happen.
>
> bool compound = PageCompound(page);
>
> ... if PG_head is set, then compound would be true.
>
> It must be that something else is setting PG_head while dump_page() is
> running. It observes PG_head clear at the top of the function, then
> observes PG_head set later on.
>
> The only place that sets PG_head is the page allocator. If that's what's
> going on, some other aspects of this start to make sense. For example
> page->index might well be in use as set_pcppage_migratetype().
>
> But we shouldn't get to that point. filemap_remove_folio() does:
>
> __filemap_remove_folio(folio, NULL)
> page_cache_delete(mapping, folio, NULL)
> xas_store(&xas, NULL)
> filemap_free_folio(mapping, folio)
> folio_put_refs(folio, refs)
>
> While invalidate_inode_pages2_range() does:
>
> find_get_entries()
> find_get_entry()
> folio = xas_find()
> folio_try_get_rcu(folio)
> if (unlikely(folio != xas_reload(xas))) {
> folio_put(folio)
> goto reset
> }
> folio_lock(folio)
> VM_BUG_ON_FOLIO(!folio_contains(folio, index), folio)
>
> I don't see what the route is for us to be able to get out of
> find_get_entry() with a pointer to a folio that is in the middle of
> being allocated by the page allocator. If the refcount is still
> 0, folio_try_get_rcu() fails. If the refcount has returned to 1,
> xas_reload() should not be able to see the same folio pointer.
>
> If this were ARM, I'd be questioning whether the CPU was really obeying
> the memory model (in terms of observability / ordering). But it's x86 and
> both AMD and Intel are pretty good about not breaking that kind of thing.
Hi Matthew,
I just reproduced this bug twice on different x86_64 machines, with latest
v5.19-rc1+ kernel, by loop running xfs/132 and xfs/133 on 64k directory size
(-n size=65536) XFS.
One doesn't have this warning [1]:
pr_warn("head:%p order:%u compound_mapcount:%d compound_pincount:%d\n"
But another one has that warning [2] ... That's really weird.
Thanks,
Zorro
[1]
[ 8573.888318] XFS (sda5): Unmounting Filesystem
[ 8575.293213] XFS (sda5): Mounting V5 Filesystem
[ 8575.545576] XFS (sda5): Ending clean mount
[ 8575.883979] run fstests generic/133 at 2022-06-10 17:59:23
[ 8590.600151] page:0000000027772b07 refcount:2 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x2a7a00
[ 8590.601327] flags: 0x57ffffc0050000(head|reclaim|node=1|zone=2|lastcpupid=0x1fffff)
[ 8590.601341] raw: 0057ffffc0050000 0000000000000000 dead000000000122 0000000000000000
[ 8590.601345] raw: 0000000000007300 0000000000000000 00000001ffffffff 0000000000000000
[ 8590.601348] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index))
[ 8590.601416] ------------[ cut here ]------------
[ 8590.601417] kernel BUG at mm/truncate.c:669!
[ 8590.601431] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 8590.606435] CPU: 13 PID: 768777 Comm: xfs_io Kdump: loaded Not tainted 5.19.0-rc1+ #1
[ 8590.606841] Hardware name: HP ProLiant DL385p Gen8, BIOS A28 02/06/2014
[ 8590.607178] RIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[ 8590.607924] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 37 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[ 8590.609335] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
[ 8590.609697] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[ 8590.610771] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520017b2eca
[ 8590.611576] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff8888367efd0b
[ 8590.612349] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12: ffff88825a578418
[ 8590.613117] R13: 0000000000007340 R14: 000000000000733f R15: ffffea000a9e8000
[ 8590.613902] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000) knlGS:0000000000000000
[ 8590.614346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 8590.615008] CR2: 00007f0576919150 CR3: 0000000649990000 CR4: 00000000000406e0
[ 8590.615761] Call Trace:
[ 8590.615914] <TASK>
[ 8590.616425] ? mapping_evict_folio.part.0+0x1e0/0x1e0
[ 8590.616718] ? pagevec_lookup_range_tag+0x28/0x60
[ 8590.617492] ? __filemap_fdatawait_range+0xbb/0x250
[ 8590.618140] ? xas_reload+0x2d0/0x2d0
[ 8590.618357] ? filemap_fdatawrite_wbc+0x38/0x170
[ 8590.619013] ? filemap_range_has_page+0xf0/0x200
[ 8590.619866] ? delete_from_page_cache_batch+0x8e0/0x8e0
[ 8590.620201] ? rcu_read_lock_sched_held+0x3f/0x70
[ 8590.620864] ? filemap_check_errors+0x56/0xe0
[ 8590.621542] __iomap_dio_rw+0x789/0x1150
[ 8590.621768] ? iomap_dio_bio_iter+0x12f0/0x12f0
[ 8590.622436] ? trace_xfs_setattr+0x230/0x230 [xfs]
[ 8590.623386] ? iu[ 8590.708322] iomap_dio_rw+0xe/0x30
[ 8590.724063] xfs_file_dio_write_aligned+0x14c/0x1f0 [xfs]
[ 8590.724539] ? xfs_file_dio_write_unaligned+0x740/0x740 [xfs]
[ 8590.725586] xfs_file_write_iter+0x450/0x6a0 [xfs]
[ 8590.726382] new_sync_write+0x2ef/0x530
[ 8590.726593] ? new_sync_read+0x530/0x530
[ 8590.726801] ? lock_acquire+0x1d8/0x620
[ 8590.727040] ? rcu_read_unlock+0x40/0x40
[ 8590.727267] vfs_write+0x626/0x910
[ 8590.727815] __x64_sys_pwrite64+0x19c/0x1f0
[ 8590.728051] ? vfs_write+0x910/0x910
[ 8590.728263] ? ktime_get_coarse_real_ts64+0x128/0x160
[ 8590.728546] do_syscall_64+0x5c/0x80
[ 8590.728756] ? do_syscall_64+0x69/0x80
[ 8590.728983] ? lockdep_hardirqs_on+0x79/0x100
[ 8590.729600] ? do_syscall_64+0x69/0x80
[ 8590.729833] ? do_syscall_64+0x69/[ 8591.130203] ? lockdep_hardirqs_on+0x79/0x100
[ 8591.130866] ? do_syscall_64+0x69/0x80
[ 8591.131115] ? do_syscall_64+0x69/0x80
[ 8591.131331] ? do_syscall_64+0x69/0x80
[ 8591.131576] ? lockdep_hardirqs_on+0x79/0x100
[ 8591.132207] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 8591.132501] RIP: 0033:0x7f93f6d3cddf
[ 8591.132737] Code: 08 89 3c 24 48 89 4c 24 18 e8 6d fe f5 ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 bd fe f5 ff 48 8b
[ 8591.134056] RSP: 002b:00007ffd8aac5a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 8591.134828] RAX: ffffffffffffffda RBX: 0000000007340000 RCX: 00007f93f6d3cddf
[ 8591.135648] RDX: 0000000000010000 RSI: 0000000000b63000 RDI: 0000000000000003
[ 8591.136425] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000079
[ 8591.137179] R10: 0000000007340000 R11: 0000000000000293 R12: 0000000007340000
[ 8591.138020] R13: 0000000000000000 R14: 0000000000000734 R15: 0000000018cc0000
[ 8591.138804] </TASK>
[ 8591.138985] Modules limi sysimgblt fb_sys_fops hpilo ipmi_si ipmi_devintf ipmi_msghandler sunrpc acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 sr_mod cdrom sg crct10dif_pclmul crc32_pclmul crc32c_intel ahci ata_generic libahci ghash_clmulni_intel serio_raw libata hpsa tg3 scsi_transport_sas hpwdt [last unloaded: scsi_debug]
[ 8591.641707] ---[ end trace 0000000000000000 ]---
[ 8591.644539] amd_iommu_report_page_fault: 501 callbacks suppressed
[ 8591.644554] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.650728] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.655235] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.661240] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.666237] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000d address=0xbde0e000 flags=0x0000]
[ 8591.670741] hpilo 0000:02:00.2: AMD-ViIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[ 8591.676251] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 37 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[ 8591.676261] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
[ 8591.676273] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[ 8591.676279] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520017b2eca
[ 8591.676287] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff8888367efd0b
[ 8591.676293] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12: ffff88825a578418
[ 8591.676327] R13: 0000000000007340 R14: 000000000000733f R15: ffffea000a9e8000
[ 8591.676336] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000) knlGS:0000000000000000
[ 8591.676344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 8591.676350] CR2: 00007f0576919150 CR3: 0000000649990000 CR4: 00000000000406e0
[2]
[13395.160194] watchdog: BUG: soft lockup - CPU#14 stuck for 11523s! [migration/14:87]
[13395.167856] Modules linked in: tls rfkill intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common isst_if_common skx_edac nfit x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass sunrpc rapl intel_cstate irdma ice ast drm_vram_helper drm_ttm_helper ttm iTCO_wdt drm_kms_helper iTCO_vendor_support ib_uverbs syscopyarea sysfillrect mei_me ipmi_ssif mei i2c_i801 intel_uncore sysimgblt pcspkr ib_core fb_sys_fops intel_pch_thermal acpi_ipmi joydev ioatdma i2c_smbus ipmi_si lpc_ich ipmi_devintf ipmi_msghandler acpi_pad acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 sg crct10dif_pclmul igb crc32_pclmul crc32c_intel i2c_algo_bit ghash_clmulni_intel megaraid_sas dca ahci libahci i40e libata wmi
[13395.237154] irq event stamp: 3140
[13395.240473] hardirqs last enabled at (3139): [<ffffffffaabea7c5>] _raw_spin_unlock_irqrestore+0x55/0x70
[13395.249945] hardirqs last disabled at (3140): [<ffffffffaabd4b2c>] __schedule+0x98c/0x1510
[13395.258204] softirqs last enabled at (2698): [<ffffffffaae00621>] __do_softirq+0x621/0x9a4
[13395.266552] softirqs last disabled at (2689): [<ffffffffa8a14404>] __irq_exit_rcu+0x1f4/0x2a0
[13395.275072] CPU: 14 PID: 87 Comm: migration/14 Kdump: loaded Tainted: G W L 5.19.0-rc1+ #1
[13395.284466] Hardware name: Supermicro SYS-1029P-WTRT/X11DDW-NT, BIOS 2.1 09/14/2018
[13395.292117] Stopper: multi_cpu_stop+0x0/0x370 <- migrate_swap+0x2db/0x520
[13395.298905] RIP: 0010:rcu_dynticks_inc+0x21/0x30
[13395.303532] Code: c0 0f b6 c0 c3 cc cc cc cc 55 48 c7 c5 58 3f 20 00 53 89 fb e8 10 0b 00 00 89 c0 48 03 2c c5 20 5b 89 ab 89 d8 f0 0f c1 45 00 <01> d8 5b 5d 48 98 c3 0f 1f 84 00 00 00 00 00 bf 01 00 00 00 eb c9
[13395.322279] RSP: 0000:ffffc9000d00fde0 EFLAGS: 00000286
[13395.327512] RAX: 00000000ebb562d9 RBX: 0000000000000002 RCX: ffffffffa8d00c8c
[13395.334648] RDX: 0000000000000000 RSI: ffffffffab2b7520 RDI: ffffffffab2b7560
[13395.341786] RBP: ffff889794e03f58 R08: 0000000000000001 R09: ffffc90025dd7747
[13395.348922] R10: fffff52004bbaee8 R11: 0000000000000001 R12: fffff52004bbaee8
[13395.356053] R13: ffffffffab07f2c0 R14: 0000000000000001 R15: 0000000000000001
[13395.363186] FS: 0000000000000000(0000) GS:ffff889794c00000(0000) knlGS:0000000000000000
[13395.371272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[13395.377019] CR2: 000055c054158fd0 CR3: 0000001b36836004 CR4: 00000000007706e0
[13395.384152] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[13395.391283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[13395.398414] PKRU: 55555554
[13395.401129] Call Trace:
[13395.403582] <TASK>
[13395.405690] rcu_momentary_dyntick_idle+0x12/0x30
[13395.410403] multi_cpu_stop+0x1b0/0x370
[13395.414246] ? stop_machine_yield+0x10/0x10
[13395.418439] cpu_stopper_thread+0x1f6/0x400
[13395.422623] ? cpu_stop_queue_two_works+0x640/0x640
[13395.427504] ? smpboot_thread_fn+0x6b/0x910
[13395.431699] smpboot_thread_fn+0x559/0x910
[13395.435805] ? sort_range+0x20/0x20
[13395.439299] kthread+0x2a7/0x350
[13395.442539] ? kthread_complete_and_exit+0x20/0x20
[13395.447335] ret_from_fork+0x22/0x30
[13395.450925] </TASK>
[13403.186393] page:00000000c65d53f8 refcount:18 mapcount:0 mapping:000000007dc028c9 index:0x70 pfn:0x19c0c80
[13403.186400] head:00000000c65d53f8 order:4 compound_mapcount:0 compound_pincount:0
[13403.186404] memcg:ffff889b9c6d0000
[13403.186406] aops:xfs_address_space_operations [xfs] ino:7c05 dentry name:"9f94abbf9c6f899582e8dc0c13f6f0c8935651c3429794cebcdf6efca72fb6f8-primary.xml.gz"
[13403.186556] flags: 0x57ffffc0012015(locked|uptodate|lru|private|head|node=1|zone=2|lastcpupid=0x1fffff)
[13403.186564] raw: 0057ffffc0012015 ffffea006d072c08 ffffea0067032408 ffff8899ea6cdc18
[13403.186567] raw: 0000000000000070 ffff88998c546180 00000012ffffffff ffff889b9c6d0000
[13403.186568] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index))
[13403.186581] ------------[ cut here ]------------
[13403.186582] kernel BUG at mm/truncate.c:669!
[13403.186590] invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[13403.267576] CPU: 30 PID: 118131 Comm: xfs_io Kdump: loaded Tainted: G W L 5.19.0-rc1+ #1
[13403.276795] Hardware name: Supermicro SYS-1029P-WTRT/X11DDW-NT, BIOS 2.1 09/14/2018
[13403.284448] RIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[13403.290378] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 20 3c 15 ab 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 07 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[13403.309130] RSP: 0018:ffffc90039c5f748 EFLAGS: 00010286
[13403.314364] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[13403.321499] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff5200738bed9
[13403.328637] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff88afdb7efd0b
[13403.335772] R10: ffffed15fb6fdfa1 R11: 0000000000000001 R12: ffff889a1c2f0418
[13403.342902] R13: 0000000000005741 R14: 00000000000056d1 R15: ffffea0067032000
[13403.350038] FS: 00007f3133ce9740(0000) GS:ffff88afdb600000(0000) knlGS:0000000000000000
[13403.358124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[13403.363878] CR2: 00007f1db82ebc38 CR3: 0000001aa2b16005 CR4: 00000000007706e0
[13403.371009] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[13403.378144] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[13403.385276] PKRU: 55555554
[13403.387987] Call Trace:
[13403.390441] <TASK>
[13403.392552] ? mapping_evict_folio.part.0+0x1e0/0x1e0
[13403.397609] ? pagevec_lookup_range_tag+0x28/0x60
[13403.402317] ? __filemap_fdatawait_range+0xbb/0x250
[13403.407204] ? xas_reload+0x2d0/0x2d0
[13403.410867] ? filemap_fdatawrite_wbc+0x38/0x170
[13403.415492] ? trace_event_raw_event_mm_filemap_op_page_cache+0x270/0x500
[13403.422284] ? delete_from_page_cache_batch+0x8e0/0x8e0
[13403.427521] ? rcu_read_lock_sched_held+0x3f/0x70
[13403.432235] ? filemap_check_errors+0x56/0xe0
[13403.436605] __iomap_dio_rw+0x789/0x1150
[13403.440551] ? iomap_dio_bio_iter+0x12f0/0x12f0
[13403.445086] ? current_time+0x72/0x210
[13403.448848] ? file_remove_privs+0x490/0x490
[13403.453122] ? iunique+0x2c0/0x2c0
[13403.456546] iomap_dio_rw+0xe/0x30
[13403.459960] xfs_file_dio_write_aligned+0x14c/0x1f0 [xfs]
[13403.465636] ? xfs_file_dio_write_unaligned+0x740/0x740 [xfs]
[13403.471637] xfs_file_write_iter+0x450/0x6a0 [xfs]
[13403.476550] new_sync_write+0x2ef/0x530
[13403.480397] ? new_sync_read+0x530/0x530
[13403.484321] ? lock_acquire+0x1d8/0x620
[13403.488170] ? rcu_read_unlock+0x40/0x40
[13403.492100] vfs_write+0x626/0x910
[13403.495512] __x64_sys_pwrite64+0x19c/0x1f0
[13403.499705] ? vfs_write+0x910/0x910
[13403.503283] ? ktime_get_coarse_real_ts64+0x128/0x160
[13403.508349] do_syscall_64+0x5c/0x80
[13403.511930] ? do_syscall_64+0x69/0x80
[13403.515686] ? do_syscall_64+0x69/0x80
[13403.519446] ? lockdep_hardirqs_on+0x79/0x100
[13403.523805] ? do_syscall_64+0x69/0x80
[13403.527559] ? do_syscall_64+0x69/0x80
[13403.531309] ? do_syscall_64+0x69/0x80
[13403.535063] ? lockdep_hardirqs_on+0x79/0x100
[13403.539425] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[13403.544484] RIP: 0033:0x7f3133b3cddf
[13403.548063] Code: 08 89 3c 24 48 89 4c 24 18 e8 6d fe f5 ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 bd fe f5 ff 48 8b
[13403.566810] RSP: 002b:00007ffcad9bae70 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[13403.574377] RAX: ffffffffffffffda RBX: 0000000005740000 RCX: 00007f3133b3cddf
[13403.581510] RDX: 0000000000010000 RSI: 0000000000cc5000 RDI: 0000000000000003
[13403.588641] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000079
[13403.595773] R10: 0000000005740000 R11: 0000000000000293 R12: 0000000005740000
[13403.602908] R13: 0000000000000000 R14: 0000000000000574 R15: 000000001a8c0000
[13403.610046] </TASK>
[13403.612242] Modules linked in: tls rfkill intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common isst_if_common skx_edac nfit x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass sunrpc rapl intel_cstate irdma ice ast drm_vram_helper drm_ttm_helper ttm iTCO_wdt drm_kms_helper iTCO_vendor_support ib_uverbs syscopyarea sysfillrect mei_me ipmi_ssif mei i2c_i801 intel_uncore sysimgblt pcspkr ib_core fb_sys_fops intel_pch_thermal acpi_ipmi joydev ioatdma i2c_smbus ipmi_si lpc_ich ipmi_devintf ipmi_msghandler acpi_pad acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 sg crct10dif_pclmul igb crc32_pclmul crc32c_intel i2c_algo_bit ghash_clmulni_intel megaraid_sas dca ahci libahci i40e libata wmi
[13403.681589] ---[ end trace 0000000000000000 ]---
[13403.798015] RIP: 0010:invalidate_inode_pages2_range+0x2e2/0x9b0
[13403.798028] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49 39 c6 0f 82 80 fe ff ff 48 c7 c6 20 3c 15 ab 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8 07 ec fd ff 4c 89 ff e8 9f c3 03 00 84 c0 0f 85 2d 02 00
[13403.798031] RSP: 0018:ffffc90039c5f748 EFLAGS: 00010286
[13403.798035] RAX: 0000000000000043 RBX: dffffc0000000000 RCX: 0000000000000000
[13403.798038] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff5200738bed9
[13403.798040] RBP: 0000000000000000 R08: 0000000000000043 R09: ffff88afdb7efd0b
[13403.798042] R10: ffffed15fb6fdfa1 R11: 0000000000000001 R12: ffff889a1c2f0418
[13403.798044] R13: 0000000000005741 R14: 00000000000056d1 R15: ffffea0067032000
[13403.798046] FS: 00007f3133ce9740(0000) GS:ffff88afdb600000(0000) knlGS:0000000000000000
[13403.798049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[13403.798051] CR2: 00007f1db82ebc38 CR3: 0000001aa2b16005 CR4: 00000000007706e0
[13403.798053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[13403.798055] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[13403.798056] PKRU: 55555554
>
> > This bug isn't easy to reproduce, I just hit it once on x86_64, I'm still
> > trying to reproduce it. JFYI, another [mm] bug [1] is 100% reproducible
> > for me.
> >
> > Thanks,
> > Zorro
> >
> > [1]
> > kernel BUG at mm/usercopy.c:101!
> > https://bugzilla.kernel.org/show_bug.cgi?id=216073
>
> I don't know why you file bugs in bugzilla. It's a great way to have
> good bug reports get ignored.
Due to I might report bugs to many different components, likes mm, block, io_uring,
someone fs, someone arch and so on. So I thought bugzilla might help to track all
bugs I report to each mail list. And I can upload some files onto bugzilla easily.
I mail list, people generally don't like emails with attachments.
I don't know bugzilla is easy to ignored. I think I can record a bug report on
bugzilla, then send an email to mail list to ask :)
Thanks,
Zorro
>
> > > Also a head page should not be able to have an odd index. So there's a
> > > lot here that doesn't make sense to me right now.
> > >
> > > > Begin forwarded message:
> > > >
> > > > Date: Sat, 11 Jun 2022 10:50:53 +0000
> > > > From: bugzilla-daemon@kernel.org
> > > > To: akpm@linux-foundation.org
> > > > Subject: [Bug 216114] New: page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and kernel BUG at mm/truncate.c:669!
> > > >
> > > >
> > > > https://bugzilla.kernel.org/show_bug.cgi?id=216114
> > > >
> > > > Bug ID: 216114
> > > > Summary: page dumped because:
> > > > VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and
> > > > kernel BUG at mm/truncate.c:669!
> > > > Product: Memory Management
> > > > Version: 2.5
> > > > Kernel Version: 5.19-rc1
> > > > Hardware: All
> > > > OS: Linux
> > > > Tree: Mainline
> > > > Status: NEW
> > > > Severity: normal
> > > > Priority: P1
> > > > Component: Other
> > > > Assignee: akpm@linux-foundation.org
> > > > Reporter: zlang@redhat.com
> > > > Regression: No
> > > >
> > > > xfstests on x86_64 with 64k directory size (mkfs.xfs -n size=65536) XFS[1] hit
> > > > panic[2]. The kernel HEAD which I used is
> > > >
> > > > commit 874c8ca1e60b2c564a48f7e7acc40d328d5c8733
> > > > Author: David Howells <dhowells@redhat.com>
> > > > Date: Thu Jun 9 21:46:04 2022 +0100
> > > >
> > > > netfs: Fix gcc-12 warning by embedding vfs inode in netfs_i_context
> > > >
> > > >
> > > > [1]
> > > > meta-data=/dev/sda4 isize=512 agcount=16, agsize=245696 blks
> > > > = sectsz=512 attr=2, projid32bit=1
> > > > = crc=1 finobt=1, sparse=1, rmapbt=0
> > > > = reflink=1 bigtime=1 inobtcount=1
> > > > data = bsize=4096 blocks=3931136, imaxpct=25
> > > > = sunit=64 swidth=192 blks
> > > > naming =version 2 bsize=65536 ascii-ci=0, ftype=1
> > > > log =internal log bsize=4096 blocks=16384, version=2
> > > > = sectsz=512 sunit=64 blks, lazy-count=1
> > > > realtime =none extsz=4096 blocks=0, rtextents=0
> > > >
> > > > [2]
> > > > # ./scripts/decode_stacktrace.sh vmlinux < crash.log
> > > > [ 8525.364621] run fstests generic/132 at 2022-06-10 17:58:32
> > > > [ 8529.173644] XFS (sda4): Mounting V5 Filesystem
> > > > [ 8529.338529] XFS (sda4): Ending clean mount
> > > > [ 8531.015050] restraintd[1356]: *** Current Time: Fri Jun 10 17:58:44 2022
> > > > Localwatchdog at: Sun Jun 12 15:40:44 2022
> > > > [ 8560.723674] XFS (sda5): Unmounting Filesystem
> > > > [ 8560.984233] XFS (sda4): EXPERIMENTAL online scrub feature in use. Use at
> > > > your own risk!
> > > > [ 8561.787448] XFS (sda4): Unmounting Filesystem
> > > > [ 8562.925361] XFS (sda4): Mounting V5 Filesystem
> > > > [ 8563.101997] XFS (sda4): Ending clean mount
> > > > [ 8563.163581] XFS (sda4): Unmounting Filesystem
> > > > [ 8563.890637] XFS (sda5): Mounting V5 Filesystem
> > > > [ 8564.087515] XFS (sda5): Ending clean mount
> > > > [ 8567.049332] XFS (sda4): Mounting V5 Filesystem
> > > > [ 8567.176278] XFS (sda4): Ending clean mount
> > > > [ 8567.213659] XFS (sda4): Unmounting Filesystem
> > > > [ 8567.476953] XFS (sda5): EXPERIMENTAL online scrub feature in use. Use at
> > > > your own risk!
> > > > [ 8573.888318] XFS (sda5): Unmounting Filesystem
> > > > [ 8575.293213] XFS (sda5): Mounting V5 Filesystem
> > > > [ 8575.545576] XFS (sda5): Ending clean mount
> > > > [ 8575.883979] run fstests generic/133 at 2022-06-10 17:59:23
> > > > [ 8590.600151] page:0000000027772b07 refcount:2 mapcount:0
> > > > mapping:0000000000000000 index:0x1 pfn:0x2a7a00
> > > > [ 8590.601327] flags:
> > > > 0x57ffffc0050000(head|reclaim|node=1|zone=2|lastcpupid=0x1fffff)
> > > > [ 8590.601341] raw: 0057ffffc0050000 0000000000000000 dead000000000122
> > > > 0000000000000000
> > > > [ 8590.601345] raw: 0000000000007300 0000000000000000 00000001ffffffff
> > > > 0000000000000000
> > > > [ 8590.601348] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio,
> > > > index))
> > > > [ 8590.601416] ------------[ cut here ]------------
> > > > [ 8590.601417] kernel BUG at mm/truncate.c:669!
> > > > [ 8590.601431] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
> > > > [ 8590.606841] Hardware name: HP ProLiant DL385p Gen8, BIOS A28 02/06/2014
> > > > [ 8590.607178] RIP: 0010:invalidate_inode_pages2_range (mm/truncate.c:669
> > > > (discriminator 1))
> > > > [ 8590.607924] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49
> > > > 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8
> > > > 37 ec fd ff 4c 89 ff e8 9f c3 03
> > > > 00 84 c0 0f 85 2d 02 00
> > > > All code
> > > > ========
> > > > 0: c0 03 38 rolb $0x38,(%rbx)
> > > > 3: d0 7c 08 84 sarb -0x7c(%rax,%rcx,1)
> > > > 7: d2 0f rorb %cl,(%rdi)
> > > > 9: 85 aa 06 00 00 41 test %ebp,0x41000006(%rdx)
> > > > f: 8b 47 5c mov 0x5c(%rdi),%eax
> > > > 12: 49 39 c6 cmp %rax,%r14
> > > > 15: 0f 82 80 fe ff ff jb 0xfffffffffffffe9b
> > > > 1b: 48 c7 c6 a0 3b 55 99 mov $0xffffffff99553ba0,%rsi
> > > > 22: 4c 89 ff mov %r15,%rdi
> > > > 25: e8 7e 9f 07 00 callq 0x79fa8
> > > > 2a:* 0f 0b ud2 <-- trapping instruction
> > > > 2c: e8 37 ec fd ff callq 0xfffffffffffdec68
> > > > 31: 4c 89 ff mov %r15,%rdi
> > > > 34: e8 9f c3 03 00 callq 0x3c3d8
> > > > 39: 84 c0 test %al,%al
> > > > 3b: 0f .byte 0xf
> > > > 3c: 85 .byte 0x85
> > > > 3d: 2d .byte 0x2d
> > > > 3e: 02 00 add (%rax),%al
> > > >
> > > > Code starting with the faulting instruction
> > > > ===========================================
> > > > 0: 0f 0b ud2
> > > > 2: e8 37 ec fd ff callq 0xfffffffffffdec3e
> > > > 7: 4c 89 ff mov %r15,%rdi
> > > > a: e8 9f c3 03 00 callq 0x3c3ae
> > > > f: 84 c0 test %al,%al
> > > > 11: 0f .byte 0xf
> > > > 12: 85 .byte 0x85
> > > > 13: 2d .byte 0x2d
> > > > 14: 02 00 add (%rax),%al
> > > > [ 8590.609335] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
> > > > [ 8590.609697] RAX: 0000000000000043 RBX: dffffc0000000000 RCX:
> > > > 0000000000000000
> > > > [ 8590.610771] RDX: 0000000000000001 RSI: 0000000000000004 RDI:
> > > > fffff520017b2eca
> > > > [ 8590.611576] RBP: 0000000000000000 R08: 0000000000000043 R09:
> > > > ffff8888367efd0b
> > > > [ 8590.612349] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12:
> > > > ffff88825a578418
> > > > [ 8590.613117] R13: 0000000000007340 R14: 000000000000733f R15:
> > > > ffffea000a9e8000
> > > > [ 8590.613902] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000)
> > > > knlGS:0000000000000000
> > > > [ 8590.614346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > > > [ 8590.615008] CR2: 00007f0576919150 CR3: 0000000649990000 CR4:
> > > > 00000000000406e0
> > > > [ 8590.615761] Call Trace:
> > > > [ 8590.615914] <TASK>
> > > > [ 8590.616425] ? mapping_evict_folio.part.0 (mm/truncate.c:630)
> > > >
> > > > [86/196]
> > > > [ 8590.616718] ? pagevec_lookup_range_tag (mm/swap.c:1122)
> > > > [ 8590.617492] ? __filemap_fdatawait_range (mm/filemap.c:518)
> > > > [ 8590.618140] ? xas_reload (mm/filemap.c:503)
> > > > [ 8590.618357] ? filemap_fdatawrite_wbc (./include/linux/backing-dev.h:138
> > > > mm/filemap.c:383)
> > > > [ 8590.619013] ? filemap_range_has_page (mm/filemap.c:498)
> > > > [ 8590.619866] ? delete_from_page_cache_batch (mm/filemap.c:413)
> > > > [ 8590.620201] ? rcu_read_lock_sched_held (kernel/rcu/update.c:125)
> > > > [ 8590.620864] ? filemap_check_errors (./arch/x86/include/asm/bitops.h:207
> > > > ./include/asm-generic/bitops/instrumented-non-atomic.h:135 mm/filemap.c:351)
> > > > [ 8590.621542] __iomap_dio_rw (fs/iomap/direct-io.c:582)
> > > > [ 8590.621768] ? iomap_dio_bio_iter (fs/iomap/direct-io.c:487)
> > > > [ 8590.622436] ? trace_xfs_setattr (fs/xfs/xfs_iops.c:1020) xfs
> > > > [ 8590.623386] ? iu[ 8590.708322] iomap_dio_rw (fs/iomap/direct-io.c:689)
> > > > [ 8590.724063] xfs_file_dio_write_aligned (fs/xfs/xfs_file.c:536) xfs
> > > > [ 8590.724539] ? xfs_file_dio_write_unaligned (fs/xfs/xfs_file.c:515) xfs
> > > > [ 8590.725586] xfs_file_write_iter (fs/xfs/xfs_file.c:792) xfs
> > > > [ 8590.726382] new_sync_write (fs/read_write.c:505 (discriminator 1))
> > > > [ 8590.726593] ? new_sync_read (fs/read_write.c:494)
> > > > [ 8590.726801] ? lock_acquire (kernel/locking/lockdep.c:466
> > > > kernel/locking/lockdep.c:5667 kernel/locking/lockdep.c:5630)
> > > > [ 8590.727040] ? rcu_read_unlock (./include/linux/rcupdate.h:724 (discriminator
> > > > 5))
> > > > [ 8590.727267] vfs_write (fs/read_write.c:591)
> > > > [ 8590.727815] __x64_sys_pwrite64 (fs/read_write.c:706 fs/read_write.c:716
> > > > fs/read_write.c:713 fs/read_write.c:713)
> > > > [ 8590.728051] ? vfs_write (fs/read_write.c:713)
> > > > [ 8590.728263] ? ktime_get_coarse_real_ts64 (./include/linux/seqlock.h:104
> > > > kernel/time/timekeeping.c:2258)
> > > > [ 8590.728546] do_syscall_64 (arch/x86/entry/common.c:50
> > > > arch/x86/entry/common.c:80)
> > > > [ 8590.728756] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8590.728983] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4383)
> > > > [ 8590.729600] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8590.729833] ? do_syscall_64+0x69/[ 8591.130203] ? lockdep_hardirqs_on
> > > > (kernel/locking/lockdep.c:4383)
> > > > [ 8591.130866] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8591.131115] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8591.131331] ? do_syscall_64 (arch/x86/entry/common.c:87)
> > > > [ 8591.131576] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4383)
> > > > [ 8591.132207] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115)
> > > > [ 8591.132501] RIP: 0033:0x7f93f6d3cddf
> > > > [ 8591.132737] Code: 08 89 3c 24 48 89 4c 24 18 e8 6d fe f5 ff 4c 8b 54 24 18
> > > > 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00
> > > > f0 ff ff 77 31 44 89 c7 48 89 04
> > > > 24 e8 bd fe f5 ff 48 8b
> > > > All code
> > > > ========
> > > > 0: 08 89 3c 24 48 89 or %cl,-0x76b7dbc4(%rcx)
> > > > 6: 4c 24 18 rex.WR and $0x18,%al
> > > > 9: e8 6d fe f5 ff callq 0xfffffffffff5fe7b
> > > > e: 4c 8b 54 24 18 mov 0x18(%rsp),%r10
> > > > 13: 48 8b 54 24 10 mov 0x10(%rsp),%rdx
> > > > 18: 41 89 c0 mov %eax,%r8d
> > > > 1b: 48 8b 74 24 08 mov 0x8(%rsp),%rsi
> > > > 20: 8b 3c 24 mov (%rsp),%edi
> > > > 23: b8 12 00 00 00 mov $0x12,%eax
> > > > 28: 0f 05 syscall
> > > > 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <--
> > > > trapping instruction
> > > > 30: 77 31 ja 0x63
> > > > 32: 44 89 c7 mov %r8d,%edi
> > > > 35: 48 89 04 24 mov %rax,(%rsp)
> > > > 39: e8 bd fe f5 ff callq 0xfffffffffff5fefb
> > > > 3e: 48 rex.W
> > > > 3f: 8b .byte 0x8b
> > > >
> > > > Code starting with the faulting instruction
> > > > ===========================================
> > > > 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
> > > > 6: 77 31 ja 0x39
> > > > 8: 44 89 c7 mov %r8d,%edi
> > > > b: 48 89 04 24 mov %rax,(%rsp)
> > > > f: e8 bd fe f5 ff callq 0xfffffffffff5fed1
> > > > 14: 48 rex.W
> > > > 15: 8b .byte 0x8b
> > > > [ 8591.134056] RSP: 002b:00007ffd8aac5a20 EFLAGS: 00000293 ORIG_RAX:
> > > > 0000000000000012
> > > > [ 8591.134828] RAX: ffffffffffffffda RBX: 0000000007340000 RCX:
> > > > 00007f93f6d3cddf
> > > > [ 8591.135648] RDX: 0000000000010000 RSI: 0000000000b63000 RDI:
> > > > 0000000000000003
> > > > [ 8591.136425] RBP: 00000000ffffffff R08: 0000000000000000 R09:
> > > > 0000000000000079
> > > > [ 8591.137179] R10: 0000000007340000 R11: 0000000000000293 R12:
> > > > 0000000007340000
> > > > [ 8591.138020] R13: 0000000000000000 R14: 0000000000000734 R15:
> > > > 0000000018cc0000
> > > > [ 8591.138804] </TASK>
> > > > [ 8591.138985] Modules limi sysimgblt fb_sys_fops hpilo ipmi_si ipmi_devintf
> > > > ipmi_msghandler sunrpc acpi_power_meter drm fuse xfs libcrc32c sd_mod t10_pi
> > > > crc64_rocksoft_generic crc64_rocksoft
> > > > crc64 sr_mod cdrom sg crct10dif_pclmul crc32_pclmul crc32c_intel ahci
> > > > ata_generic libahci ghash_clmulni_intel serio_raw libata hpsa tg3
> > > > scsi_transport_sas hpwdt [last unloaded: scsi_debug]
> > > > [ 8591.641707] ---[ end trace 0000000000000000 ]---
> > > > [ 8591.644539] amd_iommu_report_page_fault: 501 callbacks suppressed
> > > > [ 8591.644554] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.650728] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.655235] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.661240] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.666237] hpilo 0000:02:00.2: AMD-Vi: Event logged [IO_PAGE_FAULT
> > > > domain=0x000d address=0xbde0e000 flags=0x0000]
> > > > [ 8591.670741] hpilo 0000:02:00.2: AMD-ViIP: 0010:invalidate_inode_pages2_range
> > > > (mm/truncate.c:669 (discriminator 1))
> > > > [ 8591.676251] Code: c0 03 38 d0 7c 08 84 d2 0f 85 aa 06 00 00 41 8b 47 5c 49
> > > > 39 c6 0f 82 80 fe ff ff 48 c7 c6 a0 3b 55 99 4c 89 ff e8 7e 9f 07 00 <0f> 0b e8
> > > > 37 ec fd ff 4c 89 ff e8 9f c3 03
> > > > 00 84 c0 0f 85 2d 02 00
> > > > All code
> > > > ========
> > > > 0: c0 03 38 rolb $0x38,(%rbx)
> > > > 3: d0 7c 08 84 sarb -0x7c(%rax,%rcx,1)
> > > > 7: d2 0f rorb %cl,(%rdi)
> > > > 9: 85 aa 06 00 00 41 test %ebp,0x41000006(%rdx)
> > > > f: 8b 47 5c mov 0x5c(%rdi),%eax
> > > > 12: 49 39 c6 cmp %rax,%r14
> > > > 15: 0f 82 80 fe ff ff jb 0xfffffffffffffe9b
> > > > 1b: 48 c7 c6 a0 3b 55 99 mov $0xffffffff99553ba0,%rsi
> > > > 22: 4c 89 ff mov %r15,%rdi
> > > > 25: e8 7e 9f 07 00 callq 0x79fa8
> > > > 2a:* 0f 0b ud2 <-- trapping instruction
> > > > 2c: e8 37 ec fd ff callq 0xfffffffffffdec68
> > > > 31: 4c 89 ff mov %r15,%rdi
> > > > 34: e8 9f c3 03 00 callq 0x3c3d8
> > > > 39: 84 c0 test %al,%al
> > > > 3b: 0f .byte 0xf
> > > > 3c: 85 .byte 0x85
> > > > 3d: 2d .byte 0x2d
> > > > 3e: 02 00 add (%rax),%al
> > > >
> > > > Code starting with the faulting instruction
> > > > ===========================================
> > > > 0: 0f 0b ud2
> > > > 2: e8 37 ec fd ff callq 0xfffffffffffdec3e
> > > > 7: 4c 89 ff mov %r15,%rdi
> > > > a: e8 9f c3 03 00 callq 0x3c3ae
> > > > f: 84 c0 test %al,%al
> > > > 11: 0f .byte 0xf
> > > > 12: 85 .byte 0x85
> > > > 13: 2d .byte 0x2d
> > > > 14: 02 00 add (%rax),%al
> > > > [ 8591.676261] RSP: 0018:ffffc9000bd976d0 EFLAGS: 00010286
> > > > [ 8591.676273] RAX: 0000000000000043 RBX: dffffc0000000000 RCX:
> > > > 0000000000000000
> > > > [ 8591.676279] RDX: 0000000000000001 RSI: 0000000000000004 RDI:
> > > > fffff520017b2eca
> > > > [ 8591.676287] RBP: 0000000000000000 R08: 0000000000000043 R09:
> > > > ffff8888367efd0b
> > > > [ 8591.676293] R10: ffffed1106cfdfa1 R11: 0000000000000001 R12:
> > > > ffff88825a578418
> > > > [ 8591.676327] R13: 0000000000007340 R14: 000000000000733f R15:
> > > > ffffea000a9e8000
> > > > [ 8591.676336] FS: 00007f93f6f56740(0000) GS:ffff888836600000(0000)
> > > > knlGS:0000000000000000
> > > > [ 8591.676344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > > > [ 8591.676350] CR2: 00007f0576919150 CR3: 0000000649990000 CR4:
> > > > 00000000000406e0
> > > > [ 8591.013708] restraintd[1356]: *** Current Time: Fri Jun 10 17:59:44 2022
> > > > Localwatchdog at: Sun Jun 12 15:40:44 2022
> > > > [-- MARK -- Fri Jun 10 22:00:00 2022]
> > > >
> > > > --
> > > > You may reply to this email to add a comment.
> > > >
> > > > You are receiving this mail because:
> > > > You are the assignee for the bug.
> > >
> >
>
prev parent reply other threads:[~2022-06-13 1:09 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20220611130749.907103f24560c05e28499a5d@linux-foundation.org>
2022-06-11 20:33 ` Fw: [Bug 216114] New: page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index)) and kernel BUG at mm/truncate.c:669! Matthew Wilcox
2022-06-12 4:37 ` Zorro Lang
2022-06-12 19:22 ` Matthew Wilcox
2022-06-13 1:08 ` Zorro Lang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220613010850.6kmpenitmuct2osb@zlang-mailbox \
--to=zlang@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=linux-mm@kvack.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).