ci starts bisection 2025-06-28 18:30:11.044208616 +0000 UTC m=+47639.808267101 bisecting cause commit starting from 739a6c93cc755c0daf3a7e57e018a8c61047cd90 building syzkaller on d6cdfb8a765c64793bc63cf630e68fbdd0ee0974 ensuring issue is reproducible on original commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: e66bc86d534033db56a41504469675c9f3998d550c679a2ddd2eef938e4bb300 all runs: crashed: kernel BUG in ext4_ext_insert_extent representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] check whether we can drop unnecessary instrumentation disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN KASAN LOCKDEP], they are not needed testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: a26e14c6e3f68f65dc5d49420db87c555ad9e17b944a95d00da5c6c15d0a6452 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_ext_insert_extent run #3: crashed: kernel BUG in ext4_ext_insert_extent run #4: crashed: kernel BUG in ext4_ext_insert_extent run #5: crashed: kernel BUG in ext4_ext_insert_extent run #6: crashed: kernel BUG in ext4_mb_normalize_request run #7: crashed: kernel BUG in ext4_ext_insert_extent run #8: crashed: kernel BUG in ext4_ext_insert_extent run #9: crashed: kernel BUG in ext4_ext_insert_extent representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] the bug reproduces without the instrumentation disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN KASAN], they are not needed kconfig minimization: base=4095 full=8363 leaves diff=2126 split chunks (needed=false): <2126> split chunk #0 of len 2126 into 5 parts testing without sub-chunk 1/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 3498e942ee12417e5aa3748b5f3ec397b46890fbb39dd05ba0d611a4c46913a0 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_split_extent_at run #2: crashed: kernel BUG in ext4_split_extent_at run #3: crashed: general protection fault in ext4_finish_bio run #4: crashed: kernel BUG in ext4_ext_insert_extent run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 3d2af3ec331f2473f33d7088f2ed99f5a6bcf0d36f8dfa32106e9d2424029804 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_split_extent_at run #3: crashed: kernel BUG in ext4_ext_insert_extent run #4: crashed: kernel BUG in ext4_split_extent_at run #5: crashed: kernel BUG in ext4_ext_insert_extent run #6: crashed: kernel BUG in ext4_mb_use_inode_pa run #7: crashed: kernel BUG in ext4_ext_insert_extent run #8: OK run #9: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 588754e06967f702aa328d8d79d5969dfcccab24eb9d193cc3ce1f976fde2380 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_ext_insert_extent run #3: crashed: kernel BUG in ext4_split_extent_at run #4: crashed: kernel BUG in ext4_ext_insert_extent run #5: crashed: kernel BUG in ext4_ext_insert_extent run #6: crashed: kernel BUG in ext4_ext_insert_extent run #7: crashed: kernel BUG in ext4_ext_insert_extent run #8: crashed: kernel BUG in ext4_split_extent_at run #9: crashed: kernel BUG in ext4_split_extent_at representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 012834baf788035d532edbf1d8b06615ff4ac1290bf6a675b651d1ac7d44c79a run #0: crashed: kernel BUG in ext4_split_extent_at run #1: crashed: kernel BUG in ext4_split_extent_at run #2: crashed: kernel BUG in ext4_split_extent_at run #3: crashed: kernel BUG in ext4_ext_insert_extent run #4: crashed: kernel BUG in ext4_split_extent_at run #5: crashed: kernel BUG in ext4_split_extent_at run #6: OK run #7: OK run #8: OK run #9: OK representative crash: kernel BUG in ext4_split_extent_at, types: [BUG] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN KASAN], they are not needed testing commit 739a6c93cc755c0daf3a7e57e018a8c61047cd90 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 36560cc77c26da6f3badff28c77d25299d7411488d2ecfc8ac241395fe0a8434 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_ext_insert_extent run #3: crashed: kernel BUG in ext4_split_extent_at run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] the chunk can be dropped disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed picked [v6.15 v6.14 v6.13 v6.11 v6.9 v6.7 v6.5 v6.3 v6.0 v5.17 v5.14 v5.11 v5.8 v5.5 v5.2 v4.20 v4.19] out of 38 release tags testing release v6.15 testing commit 0ff41df1cb268fc69e703a08a57ee14ae967d0ca gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: ddc6524aa56d158725309cf5a53c91826e270df0f2c9b34b4a176fed60e1607a run #0: crashed: kernel BUG in ext4_mb_normalize_request run #1: crashed: kernel BUG in ext4_ext_map_blocks run #2: crashed: kernel BUG in ext4_split_extent_at run #3: crashed: kernel BUG in ext4_ext_insert_extent run #4: crashed: kernel BUG in ext4_mb_use_inode_pa run #5: crashed: kernel BUG in ext4_split_extent_at run #6: crashed: kernel BUG in ext4_ext_insert_extent run #7: crashed: kernel BUG in ext4_split_extent_at run #8: crashed: kernel BUG in ext4_split_extent_at run #9: crashed: kernel BUG in ext4_split_extent_at run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_mb_normalize_request, types: [BUG] testing release v6.14 testing commit 38fec10eb60d687e30c8c6b5420d86e8149f7557 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 44f86875760cc87e3cca38e3488490d597bd6c4bb157115339b1162478ce9d5f run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_split_extent_at run #3: crashed: kernel BUG in ext4_ext_insert_extent run #4: crashed: kernel BUG in ext4_ext_insert_extent run #5: crashed: kernel BUG in ext4_ext_insert_extent run #6: crashed: kernel BUG in ext4_ext_insert_extent run #7: crashed: kernel BUG in ext4_split_extent_at run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] testing release v6.13 testing commit ffd294d346d185b70e28b1a28abe367bbfe53c04 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 7d3e163cd71a513b253d5f7b53ccdda64296395d3d60f12c2f86b7e9ea284910 all runs: OK false negative chance: 0.000 # git bisect start 38fec10eb60d687e30c8c6b5420d86e8149f7557 ffd294d346d185b70e28b1a28abe367bbfe53c04 Bisecting: 6039 revisions left to test after this (roughly 13 steps) [2c8d2a510c15c003749e43ac2b8e1bc79a7a00d6] Merge tag 'sound-6.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit 2c8d2a510c15c003749e43ac2b8e1bc79a7a00d6 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: dd30b5f64c3e8151173118d8b42ffaa69db0ecee41c65f47b6924bdabc4b2050 all runs: OK false negative chance: 0.000 # git bisect good 2c8d2a510c15c003749e43ac2b8e1bc79a7a00d6 Bisecting: 3064 revisions left to test after this (roughly 12 steps) [9ff28f2fad67e173ed25b8c3a183b15da5445d2d] Merge tag 'loongarch-6.14' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson testing commit 9ff28f2fad67e173ed25b8c3a183b15da5445d2d gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 812cc4dbb60ccdd630a51d500636cc575292034270e4813c9a0c768bdffc1f35 all runs: OK false negative chance: 0.000 # git bisect good 9ff28f2fad67e173ed25b8c3a183b15da5445d2d Bisecting: 1532 revisions left to test after this (roughly 11 steps) [243899076c3efdf98d8e922a802896424a597580] Merge tag 'rust-fixes-6.14-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ojeda/linux testing commit 243899076c3efdf98d8e922a802896424a597580 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: e5fbea7d125bbc2229c2261d1ffb38589ff6ea019edcf4ac7313310ccb7915f3 all runs: OK false negative chance: 0.000 # git bisect good 243899076c3efdf98d8e922a802896424a597580 Bisecting: 764 revisions left to test after this (roughly 10 steps) [5872cca23a017aae01d0b2f82346907169f7aa01] Merge tag 'exfat-for-6.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat testing commit 5872cca23a017aae01d0b2f82346907169f7aa01 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 4e256346f321a0e2219ee70705126951205c324dea26397aadff4363294d317f all runs: OK false negative chance: 0.000 # git bisect good 5872cca23a017aae01d0b2f82346907169f7aa01 Bisecting: 366 revisions left to test after this (roughly 9 steps) [4003c9e78778e93188a09d6043a74f7154449d43] Merge tag 'net-6.14-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 4003c9e78778e93188a09d6043a74f7154449d43 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 02abe05bf349743e0e929a157f9ff6e6fe59967657425a980829e3b682a44b69 all runs: OK false negative chance: 0.000 # git bisect good 4003c9e78778e93188a09d6043a74f7154449d43 Bisecting: 181 revisions left to test after this (roughly 8 steps) [41e09ef6c26f0bd89f93691ef967fd621a38d759] Merge tag 'amd-drm-fixes-6.14-2025-03-20' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes testing commit 41e09ef6c26f0bd89f93691ef967fd621a38d759 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 265c553eab2ffc62c12e7459e0ce96221bd1a9b25a61eaa18d71af11c1cdcf4c all runs: OK false negative chance: 0.000 # git bisect good 41e09ef6c26f0bd89f93691ef967fd621a38d759 Bisecting: 87 revisions left to test after this (roughly 7 steps) [80c4c25460849f441d35810555539aa3adc52929] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma testing commit 80c4c25460849f441d35810555539aa3adc52929 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 636ac660b5e1b2f20ac307808e9e6ed5fcdd0ba1dd91ca1acce386aa9fff91bd run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_split_extent_at run #3: crashed: kernel BUG in ext4_split_extent_at run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in errseq_set run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] # git bisect bad 80c4c25460849f441d35810555539aa3adc52929 Bisecting: 47 revisions left to test after this (roughly 6 steps) [45d5fe1c53baaed1fb3043f45d1e15ebb4bbe86a] ARM: davinci: da850: fix selecting ARCH_DAVINCI_DA8XX testing commit 45d5fe1c53baaed1fb3043f45d1e15ebb4bbe86a gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 4a2767edd78d8eb4bdec35438c899a1e74430d18fd6408e6c792a8452bbf5c0c all runs: OK false negative chance: 0.000 # git bisect good 45d5fe1c53baaed1fb3043f45d1e15ebb4bbe86a Bisecting: 24 revisions left to test after this (roughly 5 steps) [81e4f8d68c66da301bb881862735bd74c6241a19] Merge tag 'pmdomain-v6.14-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm testing commit 81e4f8d68c66da301bb881862735bd74c6241a19 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: f515fc5b0316557c4c9dcfe8ef3143858f21e8430d86eed2d917e35783123b86 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_split_extent_at run #2: crashed: kernel BUG in ext4_ext_insert_extent run #3: crashed: kernel BUG in ext4_split_extent_at run #4: crashed: kernel BUG in ext4_split_extent_at run #5: crashed: kernel BUG in ext4_split_extent_at run #6: OK run #7: crashed: kernel BUG in ext4_ext_insert_extent run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] # git bisect bad 81e4f8d68c66da301bb881862735bd74c6241a19 Bisecting: 11 revisions left to test after this (roughly 4 steps) [67a2f86846f244d81601cf2e1552c4656b8556d6] selftests/mm: run_vmtests.sh: fix half_ufd_size_MB calculation testing commit 67a2f86846f244d81601cf2e1552c4656b8556d6 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 8a435e243b0917a48c4c9d98f5b72bc18d6b049f20625e92e2ac48f58f42825c run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_split_extent_at run #2: crashed: kernel BUG in ext4_ext_map_blocks run #3: crashed: kernel BUG in ext4_es_cache_extent run #4: crashed: kernel BUG in ext4_split_extent_at run #5: crashed: kernel BUG in ext4_ext_map_blocks run #6: crashed: kernel BUG in ext4_ext_insert_extent run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] # git bisect bad 67a2f86846f244d81601cf2e1552c4656b8556d6 Bisecting: 5 revisions left to test after this (roughly 3 steps) [cb402bbdabcaa5a765068c5b8673bbfc1c264242] mm/hugetlb: fix surplus pages in dissolve_free_huge_page() testing commit cb402bbdabcaa5a765068c5b8673bbfc1c264242 gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: ca3b382ac386fa317c76b09fe684be4345709d20c000886989c528f711af06e8 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_ext_insert_extent run #3: crashed: kernel BUG in ext4_ext_insert_extent run #4: crashed: kernel BUG in ext4_ext_insert_extent run #5: crashed: kernel BUG in ext4_mb_normalize_request run #6: crashed: kernel BUG in ext4_ext_map_blocks run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] # git bisect bad cb402bbdabcaa5a765068c5b8673bbfc1c264242 Bisecting: 2 revisions left to test after this (roughly 1 step) [665575cff098b696995ddaddf4646a4099941f5e] filemap: move prefaulting out of hot write path testing commit 665575cff098b696995ddaddf4646a4099941f5e gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 6db8b77bc08623d1a0c8843c0a27858a2fb540af1b7c40de6ee4d4899c7e7394 run #0: crashed: kernel BUG in ext4_ext_insert_extent run #1: crashed: kernel BUG in ext4_ext_insert_extent run #2: crashed: kernel BUG in ext4_ext_insert_extent run #3: crashed: kernel BUG in ext4_split_extent_at run #4: crashed: kernel BUG in ext4_ext_insert_extent run #5: crashed: kernel BUG in ext4_ext_insert_extent run #6: crashed: kernel BUG in ext4_split_extent_at run #7: crashed: kernel BUG in ext4_ext_insert_extent run #8: OK run #9: OK run #10: crashed: kernel BUG in ext4_split_extent_at run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_ext_insert_extent, types: [BUG] # git bisect bad 665575cff098b696995ddaddf4646a4099941f5e Bisecting: 0 revisions left to test after this (roughly 0 steps) [654b33ada4ab5e926cd9c570196fefa7bec7c1df] proc: fix UAF in proc_get_inode() testing commit 654b33ada4ab5e926cd9c570196fefa7bec7c1df gcc compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6 kernel signature: 38b6fc54fd8f32cf886a02a54c08223786f704d963f296c4f9eacd6021b4e096 all runs: OK false negative chance: 0.000 # git bisect good 654b33ada4ab5e926cd9c570196fefa7bec7c1df 665575cff098b696995ddaddf4646a4099941f5e is the first bad commit commit 665575cff098b696995ddaddf4646a4099941f5e Author: Dave Hansen Date: Fri Feb 28 12:37:22 2025 -0800 filemap: move prefaulting out of hot write path There is a generic anti-pattern that shows up in the VFS and several filesystems where the hot write paths touch userspace twice when they could get away with doing it once. Dave Chinner suggested that they should all be fixed up[1]. I agree[2]. But, the series to do that fixup spans a bunch of filesystems and a lot of people. This patch fixes common code that absolutely everyone uses. It has measurable performance benefits[3]. I think this patch can go in and not be held up by the others. I will post them separately to their separate maintainers for consideration. But, honestly, I'm not going to lose any sleep if the maintainers don't pick those up. 1. https://lore.kernel.org/all/Z5f-x278Z3wTIugL@dread.disaster.area/ 2. https://lore.kernel.org/all/20250129181749.C229F6F3@davehans-spike.ostc.intel.com/ 3. https://lore.kernel.org/all/202502121529.d62a409e-lkp@intel.com/ This patch: There is a bit of a sordid history here. I originally wrote 998ef75ddb57 ("fs: do not prefault sys_write() user buffer pages") to fix a performance issue that showed up on early SMAP hardware. But that was reverted with 00a3d660cbac because it exposed an underlying filesystem bug. This is a reimplementation of the original commit along with some simplification and comment improvements. The basic problem is that the generic write path has two userspace accesses: one to prefault the write source buffer and then another to perform the actual write. On x86, this means an extra STAC/CLAC pair. These are relatively expensive instructions because they function as barriers. Keep the prefaulting behavior but move it into the slow path that gets run when the write did not make any progress. This avoids livelocks that can happen when the write's source and destination target the same folio. Contrary to the existing comments, the fault-in does not prevent deadlocks. That's accomplished by using an "atomic" usercopy that disables page faults. The end result is that the generic write fast path now touches userspace once instead of twice. 0day has shown some improvements on a couple of microbenchmarks: https://lore.kernel.org/all/202502121529.d62a409e-lkp@intel.com/ Link: https://lkml.kernel.org/r/20250228203722.CAEB63AC@davehans-spike.ostc.intel.com Signed-off-by: Dave Hansen Link: https://lore.kernel.org/all/yxyuijjfd6yknryji2q64j3keq2ygw6ca6fs5jwyolklzvo45s@4u63qqqyosy2/ Cc: Ted Ts'o Cc: Matthew Wilcox Cc: Mateusz Guzik Cc: Dave Chinner Signed-off-by: Andrew Morton mm/filemap.c | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) accumulated error probability: 0.00 culprit signature: 6db8b77bc08623d1a0c8843c0a27858a2fb540af1b7c40de6ee4d4899c7e7394 parent signature: 38b6fc54fd8f32cf886a02a54c08223786f704d963f296c4f9eacd6021b4e096 reproducer is flaky (0.33 repro chance estimate) revisions tested: 23, total time: 10h39m2.831779482s (build: 4h11m44.993830169s, test: 3h42m12.464230417s) first bad commit: 665575cff098b696995ddaddf4646a4099941f5e filemap: move prefaulting out of hot write path recipients (to): ["akpm@linux-foundation.org" "akpm@linux-foundation.org" "dave.hansen@linux.intel.com" "linux-fsdevel@vger.kernel.org" "linux-mm@kvack.org" "willy@infradead.org"] recipients (cc): ["linux-kernel@vger.kernel.org"] crash: kernel BUG in ext4_ext_insert_extent loop1: detected capacity change from 0 to 1024 ------------[ cut here ]------------ kernel BUG at fs/ext4/extents.c:2151! Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 UID: 0 PID: 7195 Comm: syz.1.162 Not tainted 6.14.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 RIP: 0010:ext4_ext_insert_extent+0x13e6/0x13f0 fs/ext4/extents.c:2151 Code: 82 ba a9 04 00 00 31 c9 45 31 c0 49 c7 c1 36 d2 51 82 50 e8 8c 84 05 00 48 83 c4 08 e9 5a ff ff ff e8 5e 80 92 00 90 0f 0b 90 <0f> 0b 90 0f 0b 90 0f 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffc90006a5f8c0 EFLAGS: 00010246 RAX: 0000000000000021 RBX: ffff88810dedce40 RCX: ffffc90006a5fa30 RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888110641498 RBP: ffff88811d861400 R08: ffff8881156289d8 R09: 0000000000000001 R10: 0000000000000003 R11: ffffffffffffffff R12: 0000000000000001 R13: ffff88811d86143c R14: ffff88811541cd70 R15: ffff88810dedce70 FS: 00007fd9f4bdf6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000200000003000 CR3: 000000010b3e8000 CR4: 0000000000350ef0 Call Trace: ext4_ext_map_blocks+0xb8c/0x1e50 fs/ext4/extents.c:4400 ext4_map_create_blocks fs/ext4/inode.c:516 [inline] ext4_map_blocks+0x25f/0x560 fs/ext4/inode.c:702 _ext4_get_block+0x8e/0x150 fs/ext4/inode.c:781 ext4_get_block_unwritten+0x12/0x40 fs/ext4/inode.c:814 ext4_block_write_begin+0x17d/0x510 fs/ext4/inode.c:1063 ext4_write_begin+0x230/0x640 fs/ext4/inode.c:-1 generic_perform_write+0xd2/0x270 mm/filemap.c:4177 ext4_buffered_write_iter+0xc3/0x170 fs/ext4/file.c:299 do_iter_readv_writev+0x1a5/0x1f0 fs/read_write.c:-1 vfs_writev+0x23a/0x4d0 fs/read_write.c:1050 do_pwritev fs/read_write.c:1146 [inline] __do_sys_pwritev2 fs/read_write.c:1204 [inline] __se_sys_pwritev2+0x66/0x100 fs/read_write.c:1195 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xe2/0x210 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fd9f516e929 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd9f4bdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 RAX: ffffffffffffffda RBX: 00007fd9f5395fa0 RCX: 00007fd9f516e929 RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004 RBP: 00007fd9f51f0b39 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000005412 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fd9f5395fa0 R15: 00007ffc05adeff8 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:ext4_ext_insert_extent+0x13e6/0x13f0 fs/ext4/extents.c:2151 Code: 82 ba a9 04 00 00 31 c9 45 31 c0 49 c7 c1 36 d2 51 82 50 e8 8c 84 05 00 48 83 c4 08 e9 5a ff ff ff e8 5e 80 92 00 90 0f 0b 90 <0f> 0b 90 0f 0b 90 0f 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffc90006a5f8c0 EFLAGS: 00010246 RAX: 0000000000000021 RBX: ffff88810dedce40 RCX: ffffc90006a5fa30 RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888110641498 RBP: ffff88811d861400 R08: ffff8881156289d8 R09: 0000000000000001 R10: 0000000000000003 R11: ffffffffffffffff R12: 0000000000000001 R13: ffff88811d86143c R14: ffff88811541cd70 R15: ffff88810dedce70 FS: 00007fd9f4bdf6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000200000003000 CR3: 000000010b3e8000 CR4: 0000000000350ef0