| Message ID | 1297339.1700862676@warthog.procyon.org.uk |
|---|---|
| State | New |
| Headers | show |
| Series | cifs: Set the file size after doing copychunk_range | expand |
David Howells <dhowells@redhat.com> wrote:
> + truncate_inode_pages_range(&target_inode->i_data, destoff, len);
That should actually be:
truncate_inode_pages_range(&target_inode->i_data, destoff, destoff + len);
David
updated On Fri, Nov 24, 2023 at 5:27 PM David Howells <dhowells@redhat.com> wrote: > > David Howells <dhowells@redhat.com> wrote: > > > + truncate_inode_pages_range(&target_inode->i_data, destoff, len); > > That should actually be: > > truncate_inode_pages_range(&target_inode->i_data, destoff, destoff + len); > > David > >
Acked-by: Paulo Alcantara (SUSE) <pc@manguebit.com>
Okay, I have a new version. David
Hello,
kernel test robot noticed "kernel_BUG_at_include/linux/highmem.h" on:
commit: 7ea84f5cb7518fa39de48aadafa14f129e9463c5 ("[PATCH] cifs: Set the file size after doing copychunk_range")
url: https://github.com/intel-lab-lkp/linux/commits/David-Howells/cifs-Set-the-file-size-after-doing-copychunk_range/20231125-055345
base: git://git.samba.org/sfrench/cifs-2.6.git for-next
patch link: https://lore.kernel.org/all/1297339.1700862676@warthog.procyon.org.uk/
patch subject: [PATCH] cifs: Set the file size after doing copychunk_range
in testcase: xfstests
version: xfstests-x86_64-11914614-1_20231122
with following parameters:
disk: 4HDD
fs: ext4
fs2: smbv2
test: generic-group-11
compiler: gcc-12
test machine: 4 threads Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (Skylake) with 32G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202311292134.366c9c0b-oliver.sang@intel.com
[ 207.421597][ T2704] ------------[ cut here ]------------
[ 207.427162][ T2704] kernel BUG at include/linux/highmem.h:275!
[ 207.433050][ T2704] invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[ 207.439375][ T2704] CPU: 3 PID: 2704 Comm: fsx Tainted: G S 6.7.0-rc2-00006-g7ea84f5cb751 #1
[ 207.449260][ T2704] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.8.1 12/05/2017
[ 207.457394][ T2704] RIP: 0010:zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284)
[ 207.464138][ T2704] Code: 41 5e 41 5f c3 48 89 df 89 ea 31 f6 4c 29 f7 44 29 e2 48 c1 ff 06 48 c1 e7 0c 4c 01 ef 4c 01 e7 e8 4f 7e 08 02 e9 5a ff ff ff <0f> 0b 48 89 df e8 60 13 1a 00 eb 91 4c 89 ef e8 36 13 1a 00 eb ae
All code
========
0: 41 5e pop %r14
2: 41 5f pop %r15
4: c3 retq
5: 48 89 df mov %rbx,%rdi
8: 89 ea mov %ebp,%edx
a: 31 f6 xor %esi,%esi
c: 4c 29 f7 sub %r14,%rdi
f: 44 29 e2 sub %r12d,%edx
12: 48 c1 ff 06 sar $0x6,%rdi
16: 48 c1 e7 0c shl $0xc,%rdi
1a: 4c 01 ef add %r13,%rdi
1d: 4c 01 e7 add %r12,%rdi
20: e8 4f 7e 08 02 callq 0x2087e74
25: e9 5a ff ff ff jmpq 0xffffffffffffff84
2a:* 0f 0b ud2 <-- trapping instruction
2c: 48 89 df mov %rbx,%rdi
2f: e8 60 13 1a 00 callq 0x1a1394
34: eb 91 jmp 0xffffffffffffffc7
36: 4c 89 ef mov %r13,%rdi
39: e8 36 13 1a 00 callq 0x1a1374
3e: eb ae jmp 0xffffffffffffffee
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 48 89 df mov %rbx,%rdi
5: e8 60 13 1a 00 callq 0x1a136a
a: eb 91 jmp 0xffffffffffffff9d
c: 4c 89 ef mov %r13,%rdi
f: e8 36 13 1a 00 callq 0x1a134a
14: eb ae jmp 0xffffffffffffffc4
[ 207.483716][ T2704] RSP: 0018:ffffc90008f6f9d0 EFLAGS: 00010297
[ 207.489673][ T2704] RAX: 0000000000001000 RBX: ffffea0004b3fac0 RCX: ffffffff817f36f2
[ 207.497547][ T2704] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffea0004b3fac0
[ 207.505421][ T2704] RBP: 00000000fffe35b2 R08: 0000000000000000 R09: fffff94000967f58
[ 207.513295][ T2704] R10: ffffea0004b3fac7 R11: 0000000000000230 R12: 00000000000007f6
[ 207.521168][ T2704] R13: ffff888000000000 R14: ffffea0000000000 R15: 00000000fffe35b2
[ 207.529042][ T2704] FS: 00007f21a955d740(0000) GS:ffff88879c380000(0000) knlGS:0000000000000000
[ 207.537887][ T2704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 207.544376][ T2704] CR2: 00007f21a94bf000 CR3: 000000012e1f2002 CR4: 00000000003706f0
[ 207.552250][ T2704] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 207.560125][ T2704] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 207.568001][ T2704] Call Trace:
[ 207.571162][ T2704] <TASK>
[ 207.573971][ T2704] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447)
[ 207.577572][ T2704] ? do_trap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153)
[ 207.581695][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284)
[ 207.587832][ T2704] ? do_error_trap (arch/x86/include/asm/traps.h:59 arch/x86/kernel/traps.c:174)
[ 207.592317][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284)
[ 207.598445][ T2704] ? handle_invalid_op (arch/x86/kernel/traps.c:212)
[ 207.603265][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284)
[ 207.609394][ T2704] ? exc_invalid_op (arch/x86/kernel/traps.c:265)
[ 207.613953][ T2704] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:568)
[ 207.618875][ T2704] ? zero_user_segments (include/linux/instrumented.h:68 include/asm-generic/bitops/instrumented-non-atomic.h:141 include/linux/mm.h:1063 include/linux/mm.h:1300 include/linux/highmem.h:275)
[ 207.624919][ T2704] ? zero_user_segments (include/linux/mm.h:2069 include/linux/highmem.h:284)
[ 207.631050][ T2704] ? folio_wait_writeback (arch/x86/include/asm/bitops.h:206 arch/x86/include/asm/bitops.h:238 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/page-flags.h:513 mm/page-writeback.c:3063)
[ 207.636219][ T2704] truncate_inode_partial_folio (include/linux/page-flags.h:1113 include/linux/page-flags.h:1118 mm/truncate.c:238)
[ 207.642001][ T2704] truncate_inode_pages_range (mm/truncate.c:379)
[ 207.647609][ T2704] ? truncate_inode_partial_folio (mm/truncate.c:331)
[ 207.653570][ T2704] ? _raw_spin_lock (arch/x86/include/asm/atomic.h:115 include/linux/atomic/atomic-arch-fallback.h:2164 include/linux/atomic/atomic-instrumented.h:1296 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154)
[ 207.658139][ T2704] ? filemap_check_errors (arch/x86/include/asm/bitops.h:206 (discriminator 6) arch/x86/include/asm/bitops.h:238 (discriminator 6) include/asm-generic/bitops/instrumented-non-atomic.h:142 (discriminator 6) mm/filemap.c:350 (discriminator 6))
[ 207.663229][ T2704] cifs_file_copychunk_range (fs/smb/client/cifsfs.c:1312) cifs
[ 207.669432][ T2704] cifs_copy_file_range (fs/smb/client/cifsfs.c:1365) cifs
[ 207.675110][ T2704] vfs_copy_file_range (fs/read_write.c:1509)
[ 207.680199][ T2704] ? generic_file_rw_checks (fs/read_write.c:1478)
[ 207.685630][ T2704] ? kernel_write (fs/read_write.c:565)
[ 207.690186][ T2704] ? preempt_notifier_dec (kernel/sched/core.c:10106)
[ 207.695268][ T2704] ? smb3_llseek (fs/smb/client/smb2ops.c:3770) cifs
[ 207.700419][ T2704] __do_sys_copy_file_range (fs/read_write.c:1595)
[ 207.705863][ T2704] ? vfs_copy_file_range (fs/read_write.c:1561)
[ 207.711206][ T2704] ? ksys_write (fs/read_write.c:637)
[ 207.715499][ T2704] ? __ia32_sys_read (fs/read_write.c:627)
[ 207.720145][ T2704] ? fpregs_restore_userregs (arch/x86/include/asm/bitops.h:75 include/asm-generic/bitops/instrumented-atomic.h:42 include/linux/thread_info.h:94 arch/x86/kernel/fpu/context.h:79)
[ 207.725576][ T2704] do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)
[ 207.729885][ T2704] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)
[ 207.735664][ T2704] RIP: 0033:0x7f21a9654f29
[ 207.739958][ T2704] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 37 8f 0d 00 f7 d8 64 89 01 48
All code
========
0: 00 c3 add %al,%bl
2: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
9: 00 00 00
c: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
11: 48 89 f8 mov %rdi,%rax
14: 48 89 f7 mov %rsi,%rdi
17: 48 89 d6 mov %rdx,%rsi
1a: 48 89 ca mov %rcx,%rdx
1d: 4d 89 c2 mov %r8,%r10
20: 4d 89 c8 mov %r9,%r8
23: 4c 8b 4c 24 08 mov 0x8(%rsp),%r9
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 01 jae 0x33
32: c3 retq
33: 48 8b 0d 37 8f 0d 00 mov 0xd8f37(%rip),%rcx # 0xd8f71
3a: f7 d8 neg %eax
3c: 64 89 01 mov %eax,%fs:(%rcx)
3f: 48 rex.W
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 01 jae 0x9
8: c3 retq
9: 48 8b 0d 37 8f 0d 00 mov 0xd8f37(%rip),%rcx # 0xd8f47
10: f7 d8 neg %eax
12: 64 89 01 mov %eax,%fs:(%rcx)
15: 48 rex.W
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231129/202311292134.366c9c0b-oliver.sang@intel.com
diff --git a/fs/smb/client/cifsfs.c b/fs/smb/client/cifsfs.c index ea3a7a668b45..5a69e93c302e 100644 --- a/fs/smb/client/cifsfs.c +++ b/fs/smb/client/cifsfs.c @@ -1307,12 +1307,15 @@ ssize_t cifs_file_copychunk_range(unsigned int xid, goto unlock; /* should we flush first and last page first */ - truncate_inode_pages(&target_inode->i_data, 0); + truncate_inode_pages_range(&target_inode->i_data, destoff, len); rc = file_modified(dst_file); - if (!rc) + if (!rc) { rc = target_tcon->ses->server->ops->copychunk_range(xid, smb_file_src, smb_file_target, off, len, destoff); + if (rc > 0 && destoff + rc > i_size_read(target_inode)) + truncate_setsize(target_inode, destoff + rc); + } file_accessed(src_file);
Set i_size on the inode after doing the copychunk_range operation as this value may be used by various things internally. stat() hides the issue because setting ->time to 0 causes cifs_getatr() to revalidate the attributes. Also reduce the pagecache truncation to only invalidate the range of bytes that will be copied over otherwise we will discard dirty data that isn't inside the target range. Fixes: 620d8745b35d ("Introduce cifs_copy_file_range()") Signed-off-by: David Howells <dhowells@redhat.com> cc: Steve French <sfrench@samba.org> cc: Shyam Prasad N <nspmangalore@gmail.com> cc: Rohith Surabattula <rohiths.msft@gmail.com> cc: Jeff Layton <jlayton@kernel.org> cc: linux-cifs@vger.kernel.org --- fs/smb/client/cifsfs.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)