Received: by 2002:a05:7412:3784:b0:e2:908c:2ebd with SMTP id jk4csp1596823rdb; Mon, 2 Oct 2023 14:56:38 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF4gMGLFseAOvPQqJs4Ys81qJ8GytdxqNSHTdpA9pNXHBSQQK/S87FGEOIt/kwxe5LxLcDE X-Received: by 2002:a05:6a00:852:b0:690:463a:fa9d with SMTP id q18-20020a056a00085200b00690463afa9dmr13019698pfk.22.1696283797469; Mon, 02 Oct 2023 14:56:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696283797; cv=none; d=google.com; s=arc-20160816; b=L9Du2RzCG41MGZjQdn2jdFMyW5FOzDa100wtEnMRlm8rEc4/8G144MDk5IVjz8ntbz 2QH8MkGWfOgtsdlfSxXX4cCsxh4vuR9+626WaJ/XNl9rEtnC9sJKuURPBqEkHbAV1GY2 /0tN5cqE76SlSp80NDJ/gKnOeDude+WI4L3rBry64736MWtJBY74K04vNnrcwU2DJ6zB Kbu0zHsEljHsFUfgzwPkgxt1uHtm/69T/LCTK0c/D4WPquRzkiD1Xw9Dh+HqtAggfN8v d9jfT73D6Uv3FhHK5iR/qtr9577m5Wg02fZTrf3OQpGzZOiPtZGBx9kLWJon0q8XVqK6 iLDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=ksUEqlapOqMH7Fpkxrstb3/2J4U6ZMZEKSj22Lx69To=; fh=K9MZs8Ddz6YMeLdpKxZ+9AeUEWRNAxPBh1ahClNiZyg=; b=lZ+v4/R0+1YlzFlRgHtlWWHZWxN2rEqOLpKLrNikVdL351ujMChlCelPyHqGHg9/sl ImLx2YsMchX9UR73jEJXs2yBUI02pkGXeiyRj1/ZGqTERCDwAEtWmKjdaDkWGfgKRn36 OvfU4X+utkuRCZVbXs/JImePxfIZ7zJIoLzwWZR3DSWzE4W13Bq4nRWcIDD2tg0E2LUz HkPCjQIAF268/1C3UUVU9uhdMUZ/K4FA+FBHXsm0+NsyRpZCVMKlw5mBZhTVrKTSC3HU K182+fz/T8S6yS0g4pix6474Nn2l42Ns1kt7tPxRl77Jhdfn9OQUQzTLPi2RziYCHzjb pDIw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@natalenko.name header.s=dkim-20170712 header.b=nXbu0B5U; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=natalenko.name Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id q15-20020a056a00084f00b0068fc8b33074si29915111pfk.161.2023.10.02.14.56.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 02 Oct 2023 14:56:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@natalenko.name header.s=dkim-20170712 header.b=nXbu0B5U; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=natalenko.name Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 651DF805DC67; Mon, 2 Oct 2023 04:03:56 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236611AbjJBLDP (ORCPT + 99 others); Mon, 2 Oct 2023 07:03:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56870 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236614AbjJBLDO (ORCPT ); Mon, 2 Oct 2023 07:03:14 -0400 Received: from vulcan.natalenko.name (vulcan.natalenko.name [104.207.131.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E01CFE9; Mon, 2 Oct 2023 04:03:08 -0700 (PDT) Received: from spock.localnet (unknown [94.142.239.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by vulcan.natalenko.name (Postfix) with ESMTPSA id 581591528A26; Mon, 2 Oct 2023 13:03:04 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=natalenko.name; s=dkim-20170712; t=1696244584; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ksUEqlapOqMH7Fpkxrstb3/2J4U6ZMZEKSj22Lx69To=; b=nXbu0B5U9WFnOcE6otIg3HRZYvOcelja3QsWbQZDPnRutm26R11HBWyp6WFDgLSSBp6nq8 /1WYQ4la6D+GmuhwIjcj0Srr+SYdZjxRXsBy9bIJ63+42UWzOF+ujcMNfkUXn8syNxz1fB TEYUODPJ/yUrGybI4sUlUf5zagzRhsA= From: Oleksandr Natalenko To: linux-kernel@vger.kernel.org, Bagas Sanjaya Cc: linux-media@vger.kernel.org, linaro-mm-sig@lists.linaro.org, dri-devel@lists.freedesktop.org, Maarten Lankhorst , Maxime Ripard , Thomas Zimmermann , David Airlie , Daniel Vetter , Sumit Semwal , Christian =?ISO-8859-1?Q?K=F6nig?= , Linux Regressions , Matthew Wilcox , Andrew Morton , linux-mm@kvack.org Subject: Re: [REGRESSION] BUG: KFENCE: memory corruption in drm_gem_put_pages+0x186/0x250 Date: Mon, 02 Oct 2023 13:02:52 +0200 Message-ID: <2300189.ElGaqSPkdT@natalenko.name> In-Reply-To: References: <13360591.uLZWGnKmhe@natalenko.name> <2701570.mvXUDI8C0e@natalenko.name> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart4837470.GXAFRqVoOG"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Mon, 02 Oct 2023 04:03:56 -0700 (PDT) --nextPart4837470.GXAFRqVoOG Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Oleksandr Natalenko To: linux-kernel@vger.kernel.org, Bagas Sanjaya Date: Mon, 02 Oct 2023 13:02:52 +0200 Message-ID: <2300189.ElGaqSPkdT@natalenko.name> In-Reply-To: MIME-Version: 1.0 /cc Matthew, Andrew (please see below) On pond=C4=9Bl=C3=AD 2. =C5=99=C3=ADjna 2023 12:42:42 CEST Bagas Sanjaya wr= ote: > On Mon, Oct 02, 2023 at 08:20:15AM +0200, Oleksandr Natalenko wrote: > > Hello. > >=20 > > On pond=C4=9Bl=C3=AD 2. =C5=99=C3=ADjna 2023 1:45:44 CEST Bagas Sanjaya= wrote: > > > On Sun, Oct 01, 2023 at 06:32:34PM +0200, Oleksandr Natalenko wrote: > > > > Hello. > > > >=20 > > > > I've got a VM from a cloud provider, and since v6.5 I observe the f= ollowing kfence splat in dmesg during boot: > > > >=20 > > > > ``` > > > > BUG: KFENCE: memory corruption in drm_gem_put_pages+0x186/0x250 > > > >=20 > > > > Corrupted memory at 0x00000000e173a294 [ ! ! ! ! ! ! ! ! ! ! ! ! ! = ! ! ! ] (in kfence-#108): > > > > drm_gem_put_pages+0x186/0x250 > > > > drm_gem_shmem_put_pages_locked+0x43/0xc0 > > > > drm_gem_shmem_object_vunmap+0x83/0xe0 > > > > drm_gem_vunmap_unlocked+0x46/0xb0 > > > > drm_fbdev_generic_helper_fb_dirty+0x1dc/0x310 > > > > drm_fb_helper_damage_work+0x96/0x170 > > > > process_one_work+0x254/0x470 > > > > worker_thread+0x55/0x4f0 > > > > kthread+0xe8/0x120 > > > > ret_from_fork+0x34/0x50 > > > > ret_from_fork_asm+0x1b/0x30 > > > >=20 > > > > kfence-#108: 0x00000000cda343af-0x00000000aec2c095, size=3D3072, ca= che=3Dkmalloc-4k > > > >=20 > > > > allocated by task 51 on cpu 0 at 14.668667s: > > > > drm_gem_get_pages+0x94/0x2b0 > > > > drm_gem_shmem_get_pages+0x5d/0x110 > > > > drm_gem_shmem_object_vmap+0xc4/0x1e0 > > > > drm_gem_vmap_unlocked+0x3c/0x70 > > > > drm_client_buffer_vmap+0x23/0x50 > > > > drm_fbdev_generic_helper_fb_dirty+0xae/0x310 > > > > drm_fb_helper_damage_work+0x96/0x170 > > > > process_one_work+0x254/0x470 > > > > worker_thread+0x55/0x4f0 > > > > kthread+0xe8/0x120 > > > > ret_from_fork+0x34/0x50 > > > > ret_from_fork_asm+0x1b/0x30 > > > >=20 > > > > freed by task 51 on cpu 0 at 14.668697s: > > > > drm_gem_put_pages+0x186/0x250 > > > > drm_gem_shmem_put_pages_locked+0x43/0xc0 > > > > drm_gem_shmem_object_vunmap+0x83/0xe0 > > > > drm_gem_vunmap_unlocked+0x46/0xb0 > > > > drm_fbdev_generic_helper_fb_dirty+0x1dc/0x310 > > > > drm_fb_helper_damage_work+0x96/0x170 > > > > process_one_work+0x254/0x470 > > > > worker_thread+0x55/0x4f0 > > > > kthread+0xe8/0x120 > > > > ret_from_fork+0x34/0x50 > > > > ret_from_fork_asm+0x1b/0x30 > > > >=20 > > > > CPU: 0 PID: 51 Comm: kworker/0:2 Not tainted 6.5.0-pf4 #1 8b557a417= 3114d86eef7240f7a080080cfc4617e > > > > Hardware name: Red Hat KVM, BIOS 1.11.0-2.el7 04/01/2014 > > > > Workqueue: events drm_fb_helper_damage_work > > > > ``` > > > >=20 > > > > This repeats a couple of times and then stops. > > > >=20 > > > > Currently, I'm running v6.5.5. So far, there's no impact on how VM = functions for me. > > > >=20 > > > > The VGA adapter is as follows: 00:02.0 VGA compatible controller: C= irrus Logic GD 5446 > > > >=20 > > >=20 > > > Do you have this issue on v6.4? > >=20 > > No, I did not have this issue with v6.4. > >=20 >=20 > Then proceed with kernel bisection. You can refer to > Documentation/admin-guide/bug-bisect.rst in the kernel sources for the > process. Matthew, before I start dancing around, do you think ^^ could have the same= cause as 0b62af28f249b9c4036a05acfb053058dc02e2e2 which got fixed by 863a8= eb3f27098b42772f668e3977ff4cae10b04? In the git log between v6.4 and v6.5 I see this: ``` commit 3291e09a463870610b8227f32b16b19a587edf33 Author: Matthew Wilcox (Oracle) Date: Wed Jun 21 17:45:49 2023 +0100 drm: convert drm_gem_put_pages() to use a folio_batch Remove a few hidden compound_head() calls by converting the returned page to a folio once and using the folio APIs. ``` Thanks. =2D-=20 Oleksandr Natalenko (post-factum) --nextPart4837470.GXAFRqVoOG Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZUOOw5ESFLHZZtOKil/iNcg8M0sFAmUao1wACgkQil/iNcg8 M0s3dg/8CO8fmsx9fjX8gK4rbe7C3aYWo6KhaJzggfPgPFgo5PQOrus8j3SbGlan iSoJjWDouEEpQsp/ftMc1vlT1zdNOIVp8j/1wM/SL+PG3LeY5Ne2DCnV4Z+UB9aB sugKZfA7I+//+gt+3AxD6zv/M95+rYG2bXIDxauNP8Zus+Pngs3u+bx2XU5Bmr0v ed5pLuWCkY9KTa/BXv6Gl8j8prDr+5DynpvxwhLLF+qt/0yQRgNnvO9s7alC3t7p H6q0EFFm2GcWqsznsUtzuDjywpekUOrFqUZO9uBWDXNmT5jts2w6RwINj4fgvwvd I5em4uumMTGcvAQcAmYxB1apft6azpTpCTO908QvKE1tnL+TZtWIsul8pYslm58f oOfyq2C7u0szwMByqQ+Sw0w6sLbd9za+4J/dn5tIk6kTsX/0Y7MCAV7LYz1T5yLf XkRN8k/Dw5cUD6pBRUoAtMipeZng+VIifDLM+qDYVak3xUKb6NQ7hONni6q34Hvs ph3FijRzIqpnRzneEGU/j8BpGvk7bH3ILo7oSfuAVv0mwPANgMszdIBQEWE8BQrG 9vjqepw5SOVl2TADXsLRiH99MLJTlx0u5UX1rc4Gwzq84H07JwLuvf2UOk3xJDn1 BbgVDW5QMh00GYz/DYpI3zf2R1u+lhtMnmp25uex9np0sqfac8k= =QDDU -----END PGP SIGNATURE----- --nextPart4837470.GXAFRqVoOG--