Greeting,
FYI, we noticed the following commit (built with gcc-11):
commit: e4b60df6a12099568c671591d36a9fa16515f6eb ("cifs: Change the I/O paths to use an iterator rather than a page list")
https://github.com/ammarfaizi2/linux-block dhowells/linux-fs/cifs-for-sfrench
in testcase: xfstests
version: xfstests-x86_64-46e1b83-1_20220516
with following parameters:
disk: 4HDD
fs: ext4
fs2: smbv3
test: generic-group-06
ucode: 0xec
test-description: xfstests is a regression test suite for xfs and other files ystems.
test-url: git://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git
on test machine: 8 threads Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz with 16G memory
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <[email protected]>
[ 94.899923][ T3682] kernel BUG at fs/cifs/file.c:4690!
[ 94.905070][ T3682] invalid opcode: 0000 [#1] SMP KASAN PTI
[ 94.910638][ T3682] CPU: 3 PID: 3682 Comm: xfs_io Not tainted 5.18.0-rc6-00005-ge4b60df6a120 #1
[ 94.919316][ T3682] Hardware name: HP HP Z240 SFF Workstation/802E, BIOS N51 Ver. 01.63 10/05/2017
[ 94.928251][ T3682] RIP: 0010:cifs_readahead (fs/cifs/file.c:4690) cifs
[ 94.934308][ T3682] Code: ff ff 83 c2 01 48 83 c0 01 88 94 24 32 01 00 00 48 89 84 24 28 01 00 00 48 85 ff 74 93 e9 42 ff ff ff 41 c7 46 24 00 00 00 00 <0f> 0b 4c 89 ff e8 27 2d c5 bf e9 c8 fc ff ff 65 48 8b 1c 25 00 6d
All code
========
0: ff (bad)
1: ff 83 c2 01 48 83 incl -0x7cb7fe3e(%rbx)
7: c0 01 88 rolb $0x88,(%rcx)
a: 94 xchg %eax,%esp
b: 24 32 and $0x32,%al
d: 01 00 add %eax,(%rax)
f: 00 48 89 add %cl,-0x77(%rax)
12: 84 24 28 test %ah,(%rax,%rbp,1)
15: 01 00 add %eax,(%rax)
17: 00 48 85 add %cl,-0x7b(%rax)
1a: ff 74 93 e9 pushq -0x17(%rbx,%rdx,4)
1e: 42 ff rex.X (bad)
20: ff (bad)
21: ff 41 c7 incl -0x39(%rcx)
24: 46 24 00 rex.RX and $0x0,%al
27: 00 00 add %al,(%rax)
29:* 00 0f add %cl,(%rdi) <-- trapping instruction
2b: 0b 4c 89 ff or -0x1(%rcx,%rcx,4),%ecx
2f: e8 27 2d c5 bf callq 0xffffffffbfc52d5b
34: e9 c8 fc ff ff jmpq 0xfffffffffffffd01
39: 65 gs
3a: 48 rex.W
3b: 8b .byte 0x8b
3c: 1c 25 sbb $0x25,%al
3e: 00 .byte 0x0
3f: 6d insl (%dx),%es:(%rdi)
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 4c 89 ff mov %r15,%rdi
5: e8 27 2d c5 bf callq 0xffffffffbfc52d31
a: e9 c8 fc ff ff jmpq 0xfffffffffffffcd7
f: 65 gs
10: 48 rex.W
11: 8b .byte 0x8b
12: 1c 25 sbb $0x25,%al
14: 00 .byte 0x0
15: 6d insl (%dx),%es:(%rdi)
[ 94.953701][ T3682] RSP: 0018:ffffc90007faf650 EFLAGS: 00010246
[ 94.959609][ T3682] RAX: 0000000000000000 RBX: 0000000000000020 RCX: fffff52000ff5f50
[ 94.967414][ T3682] RDX: fffff940015e9b07 RSI: 000000000000dfc0 RDI: ffffea000af4d834
[ 94.975220][ T3682] RBP: 0000000000000007 R08: 0000000000000001 R09: ffffea000af4d837
[ 94.983025][ T3682] R10: fffff940015e9b06 R11: 0000000000000001 R12: dffffc0000000000
[ 94.990834][ T3682] R13: fffff52000ff5f51 R14: ffffc90007fafa68 R15: ffffea000af4d800
[ 94.998652][ T3682] FS: 00007f72c8eb5e40(0000) GS:ffff8883c2d80000(0000) knlGS:0000000000000000
[ 95.007417][ T3682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 95.013848][ T3682] CR2: 00000000025ad000 CR3: 00000001212f2005 CR4: 00000000003706e0
[ 95.021661][ T3682] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 95.029475][ T3682] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 95.037289][ T3682] Call Trace:
[ 95.040425][ T3682] <TASK>
[ 95.043219][ T3682] ? cifs_readdata_release (fs/cifs/file.c:4567) cifs
[ 95.049043][ T3682] ? __mod_lruvec_page_state (arch/x86/include/asm/preempt.h:85 include/linux/rcupdate.h:73 include/linux/rcupdate.h:726 mm/memcontrol.c:777)
[ 95.054521][ T3682] ? __filemap_add_folio (mm/filemap.c:915)
[ 95.059649][ T3682] read_pages (mm/readahead.c:163)
[ 95.063831][ T3682] ? __alloc_pages_slowpath+0x1540/0x1540
[ 95.070433][ T3682] ? pagevec_add_and_need_flush (arch/x86/include/asm/atomic.h:29 include/linux/atomic/atomic-instrumented.h:28 include/linux/swap.h:365 mm/swap.c:235 mm/swap.c:230)
[ 95.076085][ T3682] ? file_ra_state_init (mm/readahead.c:146)
[ 95.081123][ T3682] ? folio_add_lru (mm/swap.c:466)
[ 95.085558][ T3682] ? policy_node (include/linux/nodemask.h:265 mm/mempolicy.c:1857)
[ 95.089914][ T3682] page_cache_ra_unbounded (include/linux/fs.h:815 mm/readahead.c:262)
[ 95.095216][ T3682] filemap_get_pages (include/linux/instrumented.h:71 include/asm-generic/bitops/instrumented-non-atomic.h:134 include/linux/page-flags.h:700 mm/filemap.c:2612)
[ 95.100004][ T3682] ? filemap_add_folio (mm/filemap.c:2574)
[ 95.104966][ T3682] filemap_read (mm/filemap.c:2679)
[ 95.109319][ T3682] ? __alloc_pages_slowpath+0x1540/0x1540
[ 95.115914][ T3682] ? filemap_get_pages (mm/filemap.c:2647)
[ 95.120878][ T3682] cifs_strict_readv (fs/cifs/file.c:4221) cifs
[ 95.126330][ T3682] new_sync_read (fs/read_write.c:402 (discriminator 1))
[ 95.130772][ T3682] ? __ia32_sys_llseek (fs/read_write.c:391)
[ 95.135726][ T3682] ? tcp_data_queue_ofo (net/ipv4/tcp_input.c:4826)
[ 95.140854][ T3682] ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1097)
[ 95.146506][ T3682] ? asm_sysvec_apic_timer_interrupt (arch/x86/include/asm/idtentry.h:645)
[ 95.152504][ T3682] ? fsnotify_perm+0x13b/0x4c0
[ 95.157724][ T3682] vfs_read (fs/read_write.c:482)
[ 95.161729][ T3682] __x64_sys_pread64 (fs/read_write.c:672 fs/read_write.c:682 fs/read_write.c:679 fs/read_write.c:679)
[ 95.166513][ T3682] ? vfs_read (fs/read_write.c:679)
[ 95.170698][ T3682] ? switch_fpu_return (arch/x86/include/asm/bitops.h:75 include/asm-generic/bitops/instrumented-atomic.h:42 include/linux/thread_info.h:94 arch/x86/kernel/fpu/context.h:80 arch/x86/kernel/fpu/core.c:740)
[ 95.175572][ T3682] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)
[ 95.179840][ T3682] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115)
[ 95.185573][ T3682] RIP: 0033:0x7f72c961be2f
[ 95.189842][ T3682] Code: 41 54 49 89 d4 55 48 89 f5 53 89 fb 48 83 ec 18 e8 76 f3 ff ff 4d 89 ea 4c 89 e2 48 89 ee 41 89 c0 89 df b8 11 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 ac f3 ff ff 48
All code
========
0: 41 54 push %r12
2: 49 89 d4 mov %rdx,%r12
5: 55 push %rbp
6: 48 89 f5 mov %rsi,%rbp
9: 53 push %rbx
a: 89 fb mov %edi,%ebx
c: 48 83 ec 18 sub $0x18,%rsp
10: e8 76 f3 ff ff callq 0xfffffffffffff38b
15: 4d 89 ea mov %r13,%r10
18: 4c 89 e2 mov %r12,%rdx
1b: 48 89 ee mov %rbp,%rsi
1e: 41 89 c0 mov %eax,%r8d
21: 89 df mov %ebx,%edi
23: b8 11 00 00 00 mov $0x11,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction
30: 77 35 ja 0x67
32: 44 89 c7 mov %r8d,%edi
35: 48 89 44 24 08 mov %rax,0x8(%rsp)
3a: e8 ac f3 ff ff callq 0xfffffffffffff3eb
3f: 48 rex.W
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 35 ja 0x3d
8: 44 89 c7 mov %r8d,%edi
b: 48 89 44 24 08 mov %rax,0x8(%rsp)
10: e8 ac f3 ff ff callq 0xfffffffffffff3c1
15: 48 rex.W
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
sudo bin/lkp install job.yaml # job file is attached in this email
bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run
sudo bin/lkp run generated-yaml-file
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp